Privacy Policy

Last updated: April 2, 2026

1. Introduction

Runar ("we", "our", or "the Service") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our AI-powered wellness companion. By using Runar, you consent to the data practices described in this policy.

2. Data Collection

We collect the following types of information:

  • Account Information: Email address, display name, and authentication provider details (Google or Apple sign-in credentials)
  • Health and Wellness Data: Meal logs (food items, calories, macronutrients), exercise records (type, duration, distance), sleep data (duration, quality ratings), and other wellness metrics you share through chat
  • Biometric Data: Biological sex, age, height, and weight, provided voluntarily during onboarding or in settings. This data is used to calculate your Total Daily Energy Expenditure (TDEE) and personalized calorie and macronutrient targets using the Mifflin-St Jeor formula. All biometric data is stored in metric units (cm, kg) regardless of your display preference
  • Chat Messages: All messages you send to the Runar AI companion, including natural language descriptions of meals, activities, and wellness updates
  • Usage Data: App usage patterns, feature interactions, device information, and session data to improve the Service
  • Push Notification Tokens: Device tokens for sending push notifications if you opt in to reminders

3. How AI Processes Your Data

Runar uses artificial intelligence (powered by Anthropic's Claude API) to process your natural language messages and extract structured wellness data such as calories, macronutrients, exercise metrics, and sleep information. Your chat messages are sent to Anthropic's API for processing. We do not use your personal data to train AI models. The AI processing is limited to providing you with the wellness tracking service you requested.

4. Data Storage and Security

Your data is stored securely using Supabase, a hosted PostgreSQL database platform with enterprise-grade security. All data is encrypted in transit (TLS) and at rest. We implement Row-Level Security (RLS) policies to ensure that users can only access their own data. We regularly review our security practices and infrastructure to protect against unauthorized access, alteration, or destruction of your personal information.

5. User Rights

You have the following rights regarding your personal data:

  • Access: You can access all your wellness data, chat history, and account information through the app at any time
  • Correction: You can edit or correct any logged meals, exercises, or other wellness entries
  • Deletion: You can delete individual entries or request complete deletion of your account and all associated data. You can delete your account at any time using the Delete Account button in the app settings, which removes all your personal and biometric data
  • Export: You can request a copy of your data in a portable format
  • Withdraw Consent: You can stop using the Service and delete your account at any time

6. Lawful Basis for Processing (GDPR)

We process your personal data, including biometric data such as biological sex, age, height, and weight, on the basis of explicit consent. You voluntarily provide this information during onboarding or through the app settings. You may withdraw your consent at any time by removing this data from your settings or by deleting your account using the Delete Account button. Where we process data for service functionality (e.g., authentication, session management), our lawful basis is the performance of the contract between you and Runar.

7. Third-Party Services

We use the following third-party services to provide the Service:

  • Supabase: Database hosting, authentication, and backend infrastructure
  • Anthropic (Claude API): AI-powered natural language processing for parsing wellness data from your messages
  • Google Sign-In: Optional authentication provider
  • Apple Sign-In: Optional authentication provider
  • Expo Push Notifications: Delivery of optional wellness reminders to your device

Each third-party service has its own privacy policy. We encourage you to review their policies to understand how they handle your data.

8. Cookies and Local Storage

The Runar web application uses cookies and local storage for essential functionality such as maintaining your login session and storing user preferences (e.g., dark mode setting). We do not use tracking cookies or third-party advertising cookies. The mobile applications use secure device storage for authentication tokens and user preferences.

9. Children's Privacy

Runar is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected data from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us immediately.

10. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete your personal wellness data, chat history, and account information within 30 days, except where we are required by law to retain certain records. Aggregated, anonymized data that cannot be used to identify you may be retained for analytics and service improvement purposes.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice in the app or sending you an email. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at hello@runar.coach.