Privacy Policy

Effective Date: February 23, 2026

tracekit can be used in two ways — self-hosted (you run it on your own hardware) or as a hosted SaaS product at app.tracekit.app. This page covers both. Sections that only apply to one mode are labelled accordingly.

1. Self-Hosted tracekit

Self-hosted only

When you run tracekit on your own hardware or a server you control, you are the operator and you are responsible for your own data. tracekit stores everything in a database you own — SQLite by default, or PostgreSQL if you configure it.

What is stored locally

Activity metadata: name, type, date/time, duration, distance, elevation, equipment, heart-rate averages, temperature, and provider-assigned IDs
Provider credentials: OAuth tokens and API credentials for connected services, in your own database or .env file
Source activity files (optional): GPX, FIT, or TCX files you place in your data directory — these stay on your own filesystem

tracekit does not store GPS tracks, per-second sensor streams, or any data belonging to other users.

Your control

Access: all data is in the database file on your server
Delete: use Settings → Danger Zone, or python -m tracekit reset
Revoke: disconnect tracekit from any provider via that provider's connected-apps page

2. tracekit SaaS Platform (app.tracekit.app)

SaaS only

The hosted platform is operated by ithought. The following applies when you use app.tracekit.app.

What we store

Activity metadata — same fields as listed above
Source activity files (optional): if you upload or sync GPX/FIT/TCX files, we store them on the platform so tracekit can read them. You can delete them at any time.
Provider credentials: OAuth tokens and API credentials are stored encrypted at rest on the platform so tracekit can sync on your behalf. They are never shared with anyone other than the provider they belong to.
Account information: your email address and a hashed password. If you subscribe, your Stripe customer ID and subscription status are stored alongside your account — no card numbers or billing details.

What we do NOT store

GPS coordinates, route geometry, or map data
Per-second sensor streams (heart rate, power, cadence time series)
Any data belonging to other users — tracekit never aggregates or cross-references data across accounts

3. How Data Is Used

Display: your cached activities are shown in the tracekit calendar and sync status pages — only to you.
Matching: records from different providers are compared by timestamp and distance to identify the same activity across platforms.
Writeback: tracekit only writes to a third-party platform (e.g. setting an activity name or gear assignment on Strava) when you explicitly click a button to trigger that action. No writes to connected services happen without your direct instruction. In the future, you may be able to create rules for specific automatic actions — any such feature will require explicit opt-in.

tracekit never:

Aggregates or compares data across different users
Shares your data with third parties (other than sub-processors listed below)
Uses your data for advertising or machine learning
Sells, licenses, or discloses your data to anyone

4. Third-Party Platforms You Connect

tracekit connects to the platforms below using credentials you provide. Your use of those platforms is governed by their own terms. tracekit is not affiliated with or endorsed by any of them.

Strava — Strava API terms
Garmin — garmin.com
RideWithGPS — ridewithgps.com

5. Sub-processors

SaaS only

Digital Ocean — cloud infrastructure. All data is stored and processed on Digital Ocean servers.
Stripe — payment processing. Billing information is handled by Stripe and governed by Stripe's privacy policy. tracekit stores only your Stripe customer ID and subscription status.
Sentry — error monitoring. When the application encounters an unexpected error, a report including request metadata (but not your activity data or credentials) may be sent to Sentry to help diagnose bugs.

6. Data Retention & Deletion

Self-hosted: you control retention entirely. Delete data via Settings or the CLI at any time.

SaaS platform: your data is retained for as long as your account is active. When you request account deletion, all data associated with your account is permanently deleted — including activity metadata, source files, and provider credentials — within 24 hours of a confirmed request. Billing records held by Stripe are subject to Stripe's own retention policies.

7. Security

Provider credentials are stored encrypted at rest (SaaS) or in your own database/config file (self-hosted)
All traffic uses HTTPS
Passwords are stored as bcrypt hashes and never in plaintext

8. Your Rights

Access: request a copy of the data we hold about you
Delete: use Settings → Danger Zone, or contact us for full account deletion within 24 hours
Revoke: disconnect tracekit from any provider via that provider's connected-apps settings. No further data will be fetched.
Export: contact us and we will provide a copy of your activity metadata in a common format

9. Changes to This Policy

This policy may be updated as the platform evolves. The effective date at the top reflects when it was last changed.

10. Contact

Open an issue at github.com/ckdake/tracekit
Or contact the maintainer directly via GitHub