Course2Workout

Privacy Policy

Last Updated: January 7, 2026

1. Introduction

Course2Workout ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web-based application and services.

By using Course2Workout, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

2.1 Personal Information

When you create an account, we collect:

  • Email address - Provided through Google OAuth authentication
  • Name - Your full name from your Google account
  • Profile picture - Your Google account avatar (optional)
  • Google account ID - A unique identifier for authentication purposes

2.2 Fitness and Training Data

  • FTP (Functional Threshold Power) - Your cycling power threshold
  • Rider weight - Your body weight for workout calculations
  • Bike weight - Your bicycle weight for workout calculations
  • Rider configurations - Saved profiles with your training parameters
  • GPX files - Route data you upload (processed temporarily, not permanently stored)
  • Saved courses - Routes you choose to save to your account

2.3 Payment Information

  • Token purchase history - Records of your token purchases
  • Token balance - Your current available tokens
  • Payment data - Processed by Stripe; we do NOT store credit card information

2.4 Usage Data

  • Log data (IP address, browser type, pages visited, time spent)
  • Device information (operating system, device type)
  • Workout generation history and preferences
  • Feature usage patterns

3. How We Use Your Information

We use the collected information for:

  • Service Delivery - To provide, operate, and maintain our workout generation service
  • Account Management - To create and manage your user account
  • Workout Generation - To calculate and generate personalized power-based workouts
  • Payment Processing - To process token purchases and manage your account balance
  • Communication - To send service-related notifications and updates
  • Improvement - To analyze usage patterns and improve our Service
  • Security - To detect, prevent, and address technical issues or fraudulent activity
  • Legal Compliance - To comply with legal obligations and enforce our Terms of Use

4. Third-Party Services

We use trusted third-party service providers to help us operate our Service. These providers may collect and process your data on our behalf:

Authentication Services

We use third-party authentication services to securely manage user sign-in. When you authenticate with your account, we receive basic profile information such as your name, email address, and profile picture.

Payment Processing

Payment processing is handled by a secure third-party payment processor. We do not store your credit card information on our servers. Your payment information is encrypted and processed according to PCI DSS standards.

Cloud Infrastructure

Our application and database are hosted on secure cloud infrastructure providers. Your data is stored on servers maintained by these providers with industry-standard security measures and encryption.

Analytics and Monitoring

We may use analytics services to collect anonymous usage statistics, performance metrics, and error reporting to help us improve our Service. This data is anonymized and does not identify individual users.

All third-party service providers are carefully selected and required to maintain appropriate data protection standards. We ensure that any data shared with these providers is limited to what is necessary to provide our Service.

5. Cookies and Local Storage

We use cookies and browser local storage to:

  • Maintain your authentication session
  • Remember your preferences and settings
  • Store temporary workout data during generation
  • Improve user experience and performance

You can configure your browser to refuse cookies, but some features of the Service may not function properly.

6. Data Security

We implement industry-standard security measures to protect your personal information:

  • End-to-end HTTPS encryption for all data transmission
  • Secure database with row-level security (RLS) policies
  • OAuth 2.0 authentication via Google
  • Regular security updates and monitoring
  • Restricted access to personal data on a need-to-know basis

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

Right to Access

Request a copy of the personal data we hold about you

Right to Correction

Update or correct inaccurate personal information

Right to Deletion

Request deletion of your personal data (subject to legal obligations)

Right to Data Portability

Receive your data in a structured, machine-readable format

Right to Object

Object to certain types of processing of your personal data

Right to Withdraw Consent

Withdraw consent for data processing at any time

To exercise these rights, please contact us at info@liveatom.com.

8. Data Retention

We retain your personal data only as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy. Specifically:

  • Account data - Retained while your account is active
  • Transaction history - Retained for 7 years for tax and legal compliance
  • GPX files - Processed in memory and not permanently stored (unless you save a course)
  • Saved courses - Retained until you delete them or close your account
  • Logs and analytics - Retained for up to 90 days

When you delete your account, we will delete or anonymize your personal data within 30 days, except where required to retain data for legal or regulatory purposes.

9. Children's Privacy

Our Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.

10. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country, where data protection laws may differ. By using our Service, you consent to the transfer of your information to the United States and other countries where our service providers operate.

We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws.

11. Do Not Track Signals

We do not currently respond to "Do Not Track" (DNT) browser signals. We may track user activity for service improvement purposes, but we do not use this data for targeted advertising.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

  • Updating the "Last Updated" date at the top of this policy
  • Sending an email notification to your registered email address
  • Displaying a prominent notice on our Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

13. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • We process your data lawfully based on consent, contract performance, and legitimate interests
  • You can withdraw consent at any time without affecting prior processing
  • You have the right to lodge a complaint with your local data protection authority
  • We use appropriate technical and organizational measures to protect your data

14. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect, use, and disclose
  • Right to request deletion of your personal information
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: info@liveatom.com

Website: https://course2workout.com

We will respond to your request within 30 days of receipt.

By using Course2Workout, you acknowledge that you have read, understood, and agree to this Privacy Policy.

© 2026 Course2Workout. All rights reserved.
Terms of Use Privacy Policy
* Course2Workout is an independent service and is not affiliated with, endorsed by, or sponsored by Strava, Ride with GPS, Zwift, TrainerRoad, or Intervals.icu.
All brand names and trademarks are the property of their respective owners.