Privacy Policy
Last updated: October 10, 2025
1. Data Controller
Tomáš Zacha
Křenova 254
Prague 6, Czech Republic
Email: info@myfitcaps.com
Website: https://myfitcaps.com
This privacy policy applies to the processing of personal data in accordance with the Czech Personal Data Protection Act (Act No. 110/2019 Coll.) and the EU General Data Protection Regulation (GDPR).
2. What Personal Data We Collect
We collect and process the following categories of personal data:
Account Information
- • Strava user ID
- • Full name (from Strava profile)
- • Profile picture (from Strava profile)
- • Language preferences
- • Account settings and preferences
Activity Data
- • Sports activities data from Strava
- • Activity descriptions and modifications
- • Training goals and preferences
- • Performance metrics and statistics
Technical Data
- • Authentication tokens (Strava API)
- • Session information
- • Log files and usage statistics
- • Browser and device information
Subscription Data
- • Subscription status and type
- • Payment information (processed by third-party providers)
- • Billing history
3. Legal Basis for Processing
We process your personal data based on the following legal grounds under Article 6 of the GDPR:
- Consent (Article 6(1)(a)): For processing Strava data and optional features
- Contractual Performance (Article 6(1)(b)): To provide our services and maintain your account
- Legitimate Interest (Article 6(1)(f)): For service improvement, security, and analytics
- Legal Obligation (Article 6(1)(c)): To comply with Czech and EU legal requirements
4. How We Use Your Data
We process your personal data for the following purposes:
- Providing and maintaining our fitness tracking services
- Synchronizing and enhancing your Strava activity data
- Generating AI-powered activity descriptions
- Managing your account and preferences
- Processing subscription payments
- Communicating with you about our services
- Improving our services and user experience
- Ensuring security and preventing fraud
- Complying with legal obligations
5. Data Sharing and Recipients
We may share your personal data with the following categories of recipients:
Third-Party Services
- • Strava: For data synchronization and authentication
- • OpenAI: For AI-powered content generation (anonymized data only)
- • Payment Processors: For subscription billing
Legal Requirements
We may disclose your data to comply with legal obligations, court orders, or requests from Czech or EU authorities.
We do not sell your personal data to third parties.
6. International Data Transfers
Some of our service providers may process your data outside the European Economic Area (EEA). We ensure adequate protection through:
- European Commission adequacy decisions
- Standard Contractual Clauses (SCCs)
- Other appropriate safeguards approved by the Czech Data Protection Authority
7. Data Retention
We retain your personal data for the following periods:
- Account Data: Until you delete your account or 2 years after last activity
- Activity Data: Until you delete your account or remove specific activities
- Session Data: 30 days or until logout
- Log Files: 12 months for security purposes
- Subscription Data: 10 years for accounting and tax purposes (Czech legal requirement)
8. Your Rights Under GDPR and Czech Law
You have the following rights regarding your personal data:
Access and Portability
- • Right to access your data
- • Right to data portability
- • Right to receive data in structured format
Correction and Deletion
- • Right to rectification
- • Right to erasure ("right to be forgotten")
- • Right to restriction of processing
Consent and Objection
- • Right to withdraw consent
- • Right to object to processing
- • Right to object to automated decision-making
Complaints
- • Right to lodge a complaint
- • Contact supervisory authority
- • Seek judicial remedy
How to exercise your rights: Contact us at info@myfitcaps.com. We will respond within 30 days as required by Czech and EU law.
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption of data in transit and at rest
- Regular security assessments and updates
- Access controls and authentication
- Staff training on data protection
- Incident response procedures
- Regular backups and data recovery procedures
10. Automated Decision Making
We use automated processing for:
- AI Content Generation: Automated creation of activity descriptions based on your data
- Goal Tracking: Automated progress calculations and recommendations
You have the right to object to automated decision-making and request human intervention in these processes.
11. Children's Privacy
Our service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Updating the "Last updated" date at the top of this policy
- Sending you an email notification (if you have an account)
- Displaying a prominent notice on our website
13. Contact Information
Data Controller:
Tomáš Zacha
Křenova 254
Prague 6, Czech Republic
Email: info@myfitcaps.com
Website: https://myfitcaps.com
Czech Data Protection Authority (Úřad pro ochranu osobních údajů):
Website: https://www.uoou.cz
Email: posta@uoou.cz
Address: Pplk. Sochora 27, 170 00 Prague 7, Czech Republic
14. Applicable Law
This Privacy Policy and all matters relating to the processing of personal data are governed by:
- EU General Data Protection Regulation (GDPR)
- Czech Personal Data Protection Act (Act No. 110/2019 Coll.)
- Other applicable Czech and EU legislation
Any disputes shall be resolved by Czech courts with competent jurisdiction.