onemorelap Privacy Policy - onemorelap
Log in

Privacy Policy

Effective date: December 14, 2025 | Last updated: December 14, 2025

onemorelap (“we”, “our”, “the Service”) respects your privacy. This Privacy Policy explains what data we collect, how and why we process it, and what rights you have under applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

1. Data Controller

onemorelap is operated by a single individual acting as the data controller and processor under GDPR. Contact: hello@onemorelap.app Jurisdiction: European Union.

2. Data Collection

We collect only data necessary to operate the Service:

  1. Account data: email address;
  2. Authentication data: name and public profile picture from Google OAuth;
  3. Strava data (if connected): activity metadata such as distance, time, activity type, timestamps, and related performance metrics. We do not access private messages or unrelated Strava data;
  4. Technical data: IP address, device type, browser, and basic usage logs for security and reliability.

We do not knowingly collect data from minors.

3. Purpose and Legal Basis

We process personal data for the following purposes:

  1. Service provision (Art. 6(1)(b) GDPR): account creation, subscriptions, challenge tracking, analytics;
  2. Consent (Art. 6(1)(a) GDPR): Strava integration and optional communications;
  3. Legitimate interests (Art. 6(1)(f) GDPR): security, fraud prevention, service improvement.

Fitness and activity data is processed solely to deliver core product functionality.

4. Data Retention

  1. Account and activity data is retained while your account is active;
  2. Upon account deletion, personal data is deleted or anonymized within a reasonable period unless legal obligations require longer retention;
  3. Backup data is retained for a limited time for security and recovery purposes only.

5. Data Security

We apply appropriate technical and organizational measures, including access controls, encryption in transit, and secure infrastructure, to protect personal data against unauthorized access, loss, or alteration.

6. Third-Party Sharing

We do not sell personal data. We share data only with trusted processors necessary to operate the Service, including:

  1. Authentication providers (Google);
  2. Fitness data providers (Strava);
  3. Hosting and infrastructure services;
  4. Payment, analytics, and email services (where applicable).

All processors operate under data processing agreements. Data transfers outside the EU, if any, rely on appropriate safeguards.

7. External Links

The Service may contain links to external websites. We are not responsible for their content or privacy practices.

8. Your Rights (GDPR)

You have the right to:

  1. Access your personal data;
  2. Rectify inaccurate data;
  3. Request deletion (“right to be forgotten”);
  4. Restrict or object to processing;
  5. Withdraw consent at any time;
  6. Request data portability;
  7. Lodge a complaint with a supervisory authority.

Requests can be sent to hello@onemorelap.app.

9. Changes to This Policy

We may update this Privacy Policy when necessary. The latest version is always available on this page.

10. Acceptance

By using the Service, you acknowledge that you have read and understood this Privacy Policy.