Back to Home

Privacy Policy

Last updated: April 22, 2026

1. Introduction

MONS Athletics (operated by Nico Nyberg, “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use the MONS Athletics mobile application (“App”), its Apple Watch companion app, and related services.

By using our App, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide Directly

When you use MONS Athletics, we collect information you provide to us, including:

  • Account Information: Name and email address (via Sign in with Apple). Apple allows you to hide your email address, in which case we receive a private relay email.
  • Apple User ID: A unique identifier provided by Apple to authenticate your account.
  • Training Profile: Information you provide during onboarding, including date of birth, current fitness level, running experience, strength level, equipment access, cross-training preferences (swimming), preferred long run days, unavailable training days, and training goals.
  • Race Selections: Races you select or submit from our catalog, including race name, date, distance, and terrain.
  • Chat Messages: Conversations with your AI coach, including questions, workout feedback, pain or illness reports, and schedule change requests.
  • Training Data: Workout completions, skip reasons, rate of perceived exertion (RPE), running metrics (distance, pace, duration), heart rate zone data from Apple Watch sessions, and post-workout ratings.

2.2 Apple Health Data (HealthKit)

With your permission, the App reads health and fitness data from Apple HealthKit to personalise your training plan and monitor recovery. All HealthKit data is processed on your device. Only computed summaries (baselines, deviation scores) are sent to our server when needed for plan adjustments. Raw HealthKit samples are never sent externally.

iPhone App (read-only):

  • Heart Rate Variability (HRV SDNN): Overnight recovery monitoring and training load calculation. Delivered in the background at hourly frequency.
  • Resting Heart Rate: Detects elevated stress or fatigue. Delivered in the background at hourly frequency.
  • VO2 Max: Fitness baseline at onboarding.
  • Running Form Metrics: Stride length, vertical oscillation, ground contact time, and running speed. Used for gait analysis and adaptation targets.
  • Step Count: Activity context for load calculations.
  • Sleep Analysis: Sleep duration, bed time, wake time, and sleep stages. Used for recovery scoring.
  • Workout History: Past workouts used to assess fitness at onboarding.
  • Heart Rate: Used for max HR detection at onboarding.
  • Date of Birth: Age-based heart rate zone calculation.

Apple Watch App (read and write):

  • Reads: Heart rate (live HR zone feedback during all workout types), swimming distance (pool tracking), walking/running distance.
  • Writes: Saves running, strength, mobility, swimming, and cross-training workouts to Apple Health so they appear in your Activity rings and Health app history.

2.3 Automatically Collected Information

When you use the App, we automatically collect:

  • Device Information: Device type and operating system version. Sent with support messages only.
  • App Version: Sent with API requests to ensure compatibility.
  • Crash Data: Crash reports, stack traces, and screenshots at the time of a crash. Collected by Sentry and not linked to your identity.
  • Performance Data: Performance traces sampled from 20% of app sessions. Collected by Sentry and not linked to your identity.

2.4 Information We Do NOT Collect

  • We do not collect location data (GPS coordinates are never read, even during outdoor workouts)
  • We do not collect advertising identifiers (IDFA or IDFV)
  • We do not access your contacts, photos, camera, or microphone
  • We do not collect payment information directly (handled by Apple)
  • We do not track you across other apps or websites

3. How We Use Your Information

We use your information for the following purposes:

  • Provide Training Services: Generate personalised marathon and half marathon training plans using AI based on your profile, health data, and progress.
  • Adapt Your Training: Use HealthKit recovery data (HRV, resting heart rate, sleep), workout completions, and your chat conversations to adjust future training in real time.
  • AI Coaching: Process your chat messages, training context, and health state to provide personalised coaching responses.
  • Account Management: Create and maintain your account and authenticate your identity.
  • Improve Services: Analyse aggregated, anonymised data to improve our training algorithms and App features.
  • Diagnose Issues: Use crash and performance data to identify and fix bugs.
  • Security: Detect and prevent fraud, abuse, and security issues.
  • Legal Compliance: Comply with applicable laws, regulations, and legal processes.

4. How We Share Your Information

4.1 Third-Party Service Providers

We share your information with the following third-party services that help us operate:

  • Supabase: Database and authentication infrastructure. Stores your account data, training plans, workout history, chat messages, and health readings. Data is stored in secure, encrypted databases with row-level security policies. Supabase Privacy Policy
  • Anthropic (Claude AI): AI service that generates your personalised training plans, daily workout prescriptions, and coaching chat responses. Your training profile, progress data, health state, and chat messages are sent to Anthropic's API to generate responses. Anthropic does not use your data to train its models. Anthropic Privacy Policy
  • Sentry: Error tracking and performance monitoring. Collects crash reports and performance traces to help us identify and fix bugs. This data is not linked to your identity. Sentry Privacy Policy
  • Resend: Email delivery service for support message routing. Resend Privacy Policy
  • Apple: Sign in with Apple for authentication and In-App Purchases for subscription payments. Apple Privacy Policy

4.2 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We will never sell your training data or health information.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities.

5. Data Security

We take data security seriously and implement industry-standard measures to protect your information:

  • Encryption in Transit: All data transmitted between the App and our servers uses HTTPS/TLS encryption.
  • Encryption at Rest: Your data is stored in encrypted databases.
  • Authentication: We use secure JWT (JSON Web Token) authentication verified on every API request.
  • Row-Level Security: Database policies ensure you can only access your own data.
  • On-Device Health Processing: HealthKit data is processed on your device. Only computed summaries are transmitted to our server.
  • Access Controls: Limited employee access to user data, only when necessary for support.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

6. Data Retention and Deletion

6.1 How Long We Keep Your Data

  • Active Accounts: We retain your data for as long as your account is active.
  • Deleted Accounts: When you delete your account, we immediately delete all your personal data from our databases, including:
    • Account information (name, email)
    • Training profile and preferences
    • All training plans and schedules
    • All workout completions and ratings
    • All chat messages and coaching history
    • All health readings and recovery data
    • All race enrolments
  • Backup Data: Deleted data may persist in encrypted backups for up to 30 days before permanent deletion.
  • Legal Retention: We may retain certain information if required by law.

6.2 How to Delete Your Account

You can delete your account at any time directly in the App:

  1. Open the MONS Athletics app
  2. Go to Settings
  3. Tap “Delete Account”
  4. Confirm deletion

This action is permanent and cannot be undone. All your data will be immediately deleted from our systems.

7. Your Privacy Rights

7.1 European Users (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights:

  • Right to Access: Request a copy of your personal data.
  • Right to Rectification: Request correction of inaccurate data.
  • Right to Erasure: Request deletion of your data (via Delete Account feature).
  • Right to Data Portability: Request your data in a portable format.
  • Right to Object: Object to processing of your data.
  • Right to Restrict Processing: Request restriction of processing.
  • Right to Withdraw Consent: Withdraw consent at any time.

To exercise these rights, contact us through our support page.

7.2 Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Contract Performance: Processing necessary to provide the training services you requested.
  • Legitimate Interests: Improving our services, preventing fraud, and ensuring security.
  • Consent: Where you have given explicit consent (e.g., HealthKit access, email communications).

8. Children's Privacy

The MONS Athletics app is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us immediately, and we will delete such information.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States and European Union. We use Supabase's infrastructure which may store data in various regions. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable law, including GDPR requirements for EU users.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of material changes by:

  • Updating the “Last updated” date at the top of this policy
  • Sending you an email notification (if we have your email)
  • Displaying a notice in the App

Your continued use of the App after changes are posted constitutes your acceptance of the revised policy.

11. Health and Medical Disclaimer

Important: MONS Athletics provides fitness training recommendations and is not a substitute for professional medical advice. Our AI-generated training plans and coaching responses are for informational and educational purposes only.

Always consult your physician before beginning any exercise program, especially if you:

  • Have any pre-existing health conditions
  • Are taking medication
  • Have a history of heart problems
  • Experience chest pain, dizziness, or shortness of breath during exercise
  • Are pregnant or recently gave birth
  • Have not exercised regularly in the past year

If you experience pain, discomfort, or any unusual symptoms during training, stop immediately and seek medical attention.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Nico Nyberg
Operating as: MONS Athletics
Contact: Support Page
Address: Koukkuniementie 6 L, 02230 Espoo, Uusimaa, Finland

13. Supervisory Authority

If you are located in the EEA or UK and have concerns about our data practices, you have the right to lodge a complaint with your local data protection authority:

Finland: Office of the Data Protection Ombudsman (tietosuoja.fi)