Privacy Policy

Last updated: April 5, 2026

Overview

SnapGPX ("the App") lets you export workouts recorded in Apple Health as GPX files. Your privacy is important to us. This policy explains what data the App accesses, how it is used, and your choices.

Data We Access

The App requests read-only access to the following Apple HealthKit data:

• Workout records — activity type, duration, distance, and energy burned.
• Workout route data — GPS coordinates, altitude, and timestamps associated with your workouts.

The App does not access heart rate, step count, body measurements, or any other HealthKit data types beyond workouts and their routes.

How Your Data Is Used

• Workout and route data are used solely to display your workouts within the App and to generate GPX files when you choose to export.
• All data processing happens entirely on your device.
• The App does not transmit any health or location data to external servers or third parties.

Strava Integration

SnapGPX offers optional integration with Strava to upload workouts directly. Here is how your data is handled:

• SnapGPX uses Strava's OAuth 2.0 to authenticate. Your Strava credentials are never seen or stored by SnapGPX.
• OAuth tokens are stored securely in your device's Keychain. No tokens are sent to any external server.
• SnapGPX only uploads GPX data to Strava. It does not read, download, or store any data from your Strava account.
• You can disconnect your Strava account at any time from within the app. This immediately deletes all stored tokens from your device.
• SnapGPX has no backend server. All processing happens on your iPhone.

Data Storage & Retention

• The App does not maintain its own database of your health data. It reads directly from Apple HealthKit each time you open the App.
• GPX files you export are saved only where you choose to share or save them (e.g., Files, AirDrop, email). The App does not keep copies.
• No data persists within the App between sessions beyond your display preferences.

Analytics

SnapGPX uses TelemetryDeck for anonymous, privacy-friendly usage analytics. This helps us understand which features are used and improve the app.

• TelemetryDeck collects anonymous usage signals (e.g., which screens are visited, which export options are used). No personal data is collected.
• A hashed device identifier is used to count unique users. This identifier cannot be linked back to you or your device.
• No health data, workout data, GPS coordinates, or location information is ever sent to TelemetryDeck.
• TelemetryDeck does not track you across apps or websites. No advertising SDKs are included.
• Learn more at TelemetryDeck's privacy policy.

Third-Party Services

The App uses the following third-party services:

• TelemetryDeck — anonymous usage analytics (see above).
• Strava — optional workout upload via OAuth (see above).

No advertising or tracking SDKs are included. No data is sold to third parties.

Location Data in GPX Exports

GPX files contain GPS coordinates from your workout routes. Once exported, these files are under your control. Please be mindful when sharing GPX files, as they reveal the locations where you exercised.

Children's Privacy

The App is not directed at children under 13. We do not knowingly collect personal information from children.

Your Choices

• You can revoke HealthKit access at any time in Settings > Privacy & Security > Health on your device.
• You can disconnect Strava at any time from within the app's settings.
• Revoking access means the App will no longer be able to display or export your workouts.

Changes to This Policy

If we update this policy, the revised version will be posted at this URL with an updated date. Continued use of the App after changes constitutes acceptance of the revised policy.

Contact

If you have questions about this privacy policy, contact us at snapgpx@icloud.com.