Skip to main content
Legal

Privacy Policy

How GRWM.run collects, uses, and protects your information when you create and share running kits.

Last updated

April 22, 2026

This page explains what data we collect, why we collect it, and what rights you have over it.

1. Introduction

This Privacy Policy explains how GRWM.run collects, uses, and stores personal data when you use the product to create and share running kit pages.

GRWM.run is designed as a utility product. We collect only the data needed to operate accounts, publish kit pages, and keep the service secure.

2. Data We Collect

We collect the following categories of data:

2.1 Account and profile data

  • Username and email address
  • Anonymous/registered account state used for guest-to-account flows
  • Profile metadata needed to publish your public kit pages

2.2 Kit content you create

  • Kit titles, descriptions, context tags, and item notes
  • Category and item selections for each kit
  • Public kit/profile URLs generated by the product

2.3 Technical and usage data

  • Authentication/session state and security-related logs
  • Product usage events (for example create/share actions)
  • Basic device/browser metadata required for security and reliability

3. How We Use Data

We use data to:

  • Provide account access and keep sessions secure
  • Store and render your kit pages
  • Generate share-ready links and captions
  • Measure product usage to improve core flows
  • Detect abuse, fraud, and service misuse

4. Legal Bases for Processing

Depending on your jurisdiction, we process data under one or more of these bases:

  • Contract: to provide the service you requested
  • Legitimate interests: to secure and improve the platform
  • Consent: where law requires consent for specific processing
  • Legal obligation: where we must retain or disclose data by law

5. Service Providers and Third Parties

We do not sell personal data. We use service providers to run the product and may disclose data where legally required.

  • Authentication and database infrastructure (for account and data storage)
  • Hosting and delivery infrastructure (for serving the app)
  • Privacy-focused analytics tooling (for product metrics)
  • Law enforcement or regulators when legally required

6. Data Retention

We keep personal data only as long as needed for product operation and legal/security obligations.

6.1 Active accounts

  • Account/profile data and kits are retained while your account remains active.
  • If your account is inactive for an extended period, we may keep minimal records needed for security and abuse prevention.

6.2 Operational logs and analytics

  • Security and operational logs are typically retained up to 90 days unless needed for an active investigation.
  • Analytics event data is retained up to 24 months in aggregated product reporting systems.

6.3 Deletion requests

  • When a verified account deletion request is approved, account and kit data is queued for removal without unreasonable delay.
  • Target processing time is within 30 days, subject to legal retention exceptions.

7. How to Request Account Deletion

To request deletion, email rvidal+grwmprivacy@gmail.com from the address on your account with subject line “Account Deletion Request”.

Include your username and confirmation that you understand public kits/profile pages will be removed. We may request identity verification before processing.

8. Your Rights

Depending on where you live and the laws that apply to you, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to processing of your data
  • Export your data in a portable format
  • Withdraw consent at any time

9. Security

We use technical and organizational safeguards appropriate to a web service of this size, including encrypted transport (HTTPS), access controls, and provider-level security controls.

No system is perfectly secure. If we detect a material incident affecting personal data, we will respond according to applicable legal requirements.

10. Cookies

We use essential session storage and limited analytics instrumentation. See the Cookie Policy for more detail.

11. Children and Minors

Our service is not intended for children or other users below the minimum age permitted under applicable law. We do not knowingly collect personal information from anyone below that age threshold.

12. Changes to This Policy

We may update this policy as the product evolves. We will post updates here and revise the “Last updated” date when material changes are made.

11. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us at:

Email: rvidal+grwmprivacy@gmail.com
Website: https://grwm.run

Related Policies

Read the companion legal pages that explain browser storage and the platform rules in more detail.

Cookie PolicyTerms of Service
← Back to Home
Privacy Policy | GRWM.run