Privacy Policy

Effective date: March 24, 2026

This Privacy Policy explains how Strive UG (haftungsbeschränkt) ("Strive", "we", "us", or "our") collects, uses, stores, and shares personal data when you use the Strive website, web funnel, hosted checkout flow, mobile apps, and related services (together, the "Service").

The web funnel collects onboarding answers, contact information, attribution parameters, checkout references, and app handoff data. If you complete a web purchase, Stripe processes the payment and we store limited checkout status records to verify payment and connect your purchase to the app.

1. Personal Data We Collect

We collect the following categories of data, depending on how you use Strive:

• Account and contact data: name, email address, sign-in details, support messages, and similar information you provide.
• Onboarding and fitness data: answers you submit in the web funnel or app, such as your goals, age range, height, weight, activity level, preferred session length, restrictions, and other training inputs.
• Transaction and subscription data: product or plan purchased, subscription status, billing interval, transaction identifiers, checkout session ID, payment status, amount, currency, customer email, and related metadata.
• Device and usage data: IP address, browser and device information, operating system, app version, language, pages or screens viewed, click events, timestamps, error logs, and interaction metrics.
• Web storage and cookie data: cookies, local storage, or similar technologies used for core site operation, consent preferences, analytics, attribution, and the web-to-app handoff flow.
• Workout and sensor data: when you use coaching features in the app, Strive may process motion or pose data on-device to provide feedback during workouts. We do not claim ownership of your camera footage, and camera-based pose analysis is designed to run locally on your device unless a specific feature clearly tells you otherwise.
• User communications and content: messages you send to support, feedback, survey responses, profile information, and content you choose to upload.

2. Web Funnel and Checkout-Specific Processing

When you use the Strive web funnel, we process onboarding answers to create a personalized preview and a tokenized handoff for the app. This web flow also uses browser storage to keep:

• a temporary handoff token and timestamp;
• a checkout reference ID;
• your email address if you entered one for checkout prefill.

If you click through to checkout, the web funnel may pass limited information to Stripe, such as your email address, a non-sensitive client reference ID, and attribution parameters like UTM tags. After payment, our backend verifies the checkout session and stores a checkout status record in Firebase/Firestore for fraud prevention, support, conversion tracking, and purchase fulfillment.

3. Sources of Personal Data

We collect personal data directly from you, automatically from your device, and from service providers or partners such as:

• Stripe for web payment and checkout status data;
• Apple, Google, or app-store infrastructure for mobile purchases;
• Firebase and Google services for hosting, analytics, messaging, and storage;
• Branch or similar deep-link services used to open the app after web purchase;
• AppsFlyer or similar attribution tools where enabled;
• authentication providers such as Apple or Google sign-in.

4. How We Use Personal Data

We use personal data to:

• provide, personalize, and improve the Service;
• generate workout plans, onboarding previews, and app handoff payloads;
• authenticate users and maintain account records;
• process purchases, verify payments, manage subscriptions, and prevent fraud;
• send receipts, service messages, security notices, and support responses;
• measure product performance, fix bugs, and understand usage patterns;
• attribute installs or conversions and improve acquisition campaigns;
• comply with legal, accounting, tax, and regulatory obligations.

5. Legal Bases for Processing

If you are in the EU/EEA, we generally process personal data on one or more of the following legal bases:

• performance of a contract with you;
• your consent, where required;
• our legitimate interests in operating, securing, and improving the Service;
• compliance with legal obligations.

6. How We Share Personal Data

We do not sell your personal data for money. We may share personal data with:

• hosting, infrastructure, analytics, messaging, and cloud-storage providers;
• payment processors and subscription-management providers;
• app-store operators for mobile transactions;
• deep-link and attribution providers used to complete the web-to-app flow;
• professional advisers, auditors, and service providers acting on our instructions;
• law enforcement, regulators, or counterparties where required by law or to protect rights and safety;
• a buyer or successor in the event of a merger, sale, or reorganization.

7. Cookies, Analytics, and Similar Technologies

Strive uses cookies and similar technologies on the website for essential functionality and, where you permit it, for analytics and marketing-related measurement. The site also uses local storage for the web funnel handoff and checkout return flow. You can manage cookie choices through the site consent controls or your browser settings, although disabling essential technologies may break parts of the Service.

8. Data Retention

We keep personal data only as long as reasonably necessary for the purposes described in this Policy, including legal, tax, accounting, support, and security needs. Examples:

• web funnel handoff tokens are designed to expire after a limited period (currently seven days), although related logs or support records may be kept longer where justified;
• checkout and transaction records may be retained for finance, fraud prevention, and compliance purposes;
• account data is generally retained while your account is active and for a reasonable period afterward unless deletion is required sooner by law.

9. International Transfers

Your personal data may be processed outside your country of residence, including in the United States or other jurisdictions where our providers operate. Where required, we rely on appropriate safeguards such as contractual protections for cross-border transfers.

10. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or port your personal data, and to withdraw consent where processing is based on consent. You may also have the right to complain to a supervisory authority. To exercise rights, contact support@striveworkouts.com.

11. Children’s Privacy

Strive is not directed to children under the minimum age permitted by applicable law. We do not knowingly collect personal data from children in violation of applicable law. If you believe a child has provided us data, contact us so we can investigate and take appropriate action.

12. Security

We use technical and organizational measures designed to protect personal data, including access controls, encryption where appropriate, and security monitoring. No system is perfectly secure, so you should also protect your own credentials and devices.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will post the revised version here and update the effective date.

14. Contact

Strive UG (haftungsbeschränkt)
Parkstraße 12
28209 Bremen
Germany

Email: support@striveworkouts.com