This Privacy Policy describes how Run with Max ("we", "us", "our") collects, uses, and protects your personal information when you use our mobile application (the "App").
Run with Max is operated by Jullian Oliver, sole proprietor, registered in Paris, France.
Contact: jullianoliver@gmail.com
When you create an account, we collect: email, optional first name, age, weight, height, gender, running level, goals, and authentication tokens.
With your explicit permission, we read and write the following data through Apple HealthKit (iOS) or Health Connect (Android): heart rate during runs, steps, distance, active calories, and workouts (Run with Max writes your completed runs back to Apple Health).
This data never leaves your device unless you start a run. During a run, heart rate and pace are sent to our coaching engine in real time so the coach can adapt.
Run with Max requires your location to track your runs. We collect GPS coordinates, elevation, speed and pace derived from coordinates. Location is captured only while you have an active run in progress. We do not collect location in the background outside of runs.
The AI coach speaks to you during runs using on-device speech synthesis (no audio sent to servers). We do not record your voice. We do not access your microphone.
If you connect Spotify or Apple Music, we use OAuth tokens to control playback. We never store your music library, listening history, or Spotify/Apple Music credentials. Tokens are stored on-device.
Subscription transactions are processed by Apple (App Store) or Google (Play Store). We use RevenueCat to manage subscription status. RevenueCat receives an anonymous user ID, subscription status, and product identifier. We never receive your payment card details.
We use Sentry to monitor app stability. Sentry receives stack traces, device model, OS version, anonymous user ID, and breadcrumbs. We have configured Sentry to strip personally identifiable information before sending.
| Purpose | Data Used |
|---|---|
| Provide the running tracking service | Location, heart rate, account profile |
| Personalize coach feedback | Profile, run history, goals |
| Manage your subscription | Account ID, subscription status |
| Improve app stability | Anonymous crash reports |
| Send transactional emails |
We never sell your data, share it with advertisers, or use it for marketing without your explicit opt-in.
| Service | Purpose | Data shared |
|---|---|---|
| Supabase | Backend storage | Account, runs, profile |
| Anthropic (Claude) | AI coach generation | Anonymized run context |
| OpenAI | Voice synthesis (TTS) | Coach text scripts |
| RevenueCat | Subscription management | Anonymous user ID |
| Sentry | Crash reporting | Anonymized errors, device info |
| Apple App Store / Google Play | Payments | Transaction data |
| Spotify / Apple Music | Music control | OAuth tokens (on-device only) |
Your data is stored on Supabase servers in the European Union (Frankfurt, Germany). When data is transferred outside the EU (Anthropic, OpenAI, Sentry, RevenueCat operate from the US), we rely on Standard Contractual Clauses (SCCs) approved by the European Commission.
| Data type | Retention |
|---|---|
| Account & profile | Until you delete your account |
| Runs & training history | Until you delete your account |
| Crash reports (Sentry) | 90 days |
| Subscription transaction logs | 7 years (legal, France) |
You can delete your account at any time from Settings → Account → Delete account, or by emailing us. Account deletion is irreversible and removes all your data within 30 days.
If you are based in the EU, UK, Switzerland, or any jurisdiction with similar law, you have the right to access, correct, delete, export, and object to processing of your data, as well as to withdraw consent and lodge a complaint with your local data protection authority (in France: CNIL). To exercise any of these rights, email jullianoliver@gmail.com. We respond within 30 days.
California residents have the right to know what personal information is collected, the right to delete it, and the right not to be sold (we do not sell your data).
Run with Max is not intended for users under 13 years of age. We do not knowingly collect personal data from children.
We use industry-standard practices: TLS 1.3 in transit, AES-256 at rest (Supabase), Apple Keychain / Android Keystore for tokens, Row-Level Security policies. No system is 100% secure — contact us immediately if you suspect a breach.
We may update this Privacy Policy. When we make material changes, we will notify you via the app and/or email at least 30 days before the change takes effect.
Jullian Oliver
Paris, France
jullianoliver@gmail.com