Flytte Privacy Policy

1. Scope

This Privacy Policy explains how Flytte ("Flytte," "we," "us," or "our") collects, uses, shares, retains, and protects information when you use Flytte, including the Flytte iOS app, Apple Watch companion app, supporting web app and Cloudflare Worker API at flytte.org, public activity pages, live-sharing link fallbacks, and support or account features (collectively, the "Service").

Flytte is primarily a native iOS and Apple Watch social fitness platform, with a supporting user-facing web app for browser-friendly product slices and privacy-safe public link surfaces.

Flytte's current production data region is the United States. We and our service providers may process information in the United States and other places where we or they operate, but the current primary data region for Flytte production data is the United States.

2. Summary

Flytte collects information needed to operate a social fitness service: account and profile information; workout, activity, health/fitness, heart-rate, location, route, and media information; social and community information; notification and communication information; support, report, and moderation information; integration/import information; AI-assisted feature information; and technical information needed to secure and operate the Service.

Your privacy controls determine who can see many activity, route, profile, and sharing surfaces. Some features, such as iPhone recording, Apple Watch workouts, Apple Health imports, photos, push notifications, connected-device integrations, live sharing, and AI-assisted insights, require permissions or settings that you can manage. AI-assisted features are not currently subject to a separate user-level opt-out setting.

Flytte does not sell personal information, does not share personal information for cross-context behavioral advertising, does not use health, fitness, workout, or precise location data for advertising or marketing, and does not disclose personal information to data brokers. Flytte does not currently use advertising SDKs, marketing SDKs, or analytics SDKs. Flytte uses Sentry for crash and error reporting and application performance monitoring on the iOS app and API.

3. Information we collect

The categories below summarize common information Flytte may collect depending on your settings, permissions, and use of features.

Category	Examples	Primary sources
Account/profile	Email, display name, avatar, bio, location text, sports, unit preference, privacy settings	You
Authentication/security	Password hashes, session/device records, token hashes, security events, timestamps	You, app, backend
Activities/workouts/location	Manual activities, recordings, imports, GPS traces, route geometry, metrics, heart-rate data, splits, source metadata	You, iPhone, Apple Watch, Apple Health, files, integrations
Media	Activity photos, thumbnails, captions, avatars, metadata	You, Photos picker
Social/community	Follows, blocks, likes, comments, posts, clubs, events, RSVPs, challenges, invite links	You, other users, backend
Notifications/communications	Preferences, quiet hours, APNs tokens, unread counts, delivery records, transactional emails	You, app, providers
Support/moderation	Support requests, reports, moderation notes/outcomes, admin audit events	You, other users, staff/admin actions
AI-assisted features	Privacy-minimized Flytte-generated facts, AI outputs, cache keys, model/prompt metadata, expiry metadata, fallback state	Flytte backend, service providers
Technical/diagnostic	Request metadata, IP address, app/device version, timestamps, upload status, logs	App, device, backend, web pages

Account and profile information

We collect information you provide when you create or manage an account, such as email address, display name, avatar, bio, location text, sports of interest, unit preference, account status, timestamps, and privacy settings. Privacy settings may include default activity visibility, profile visibility, hidden start/end controls, hidden radius, follow request preference, and live-sharing preference.

Authentication, security, and device/session information

We collect and maintain information needed to authenticate users and protect accounts, such as password hashes, session/device records, refresh-token hashes, active-session metadata, password reset token hashes, email verification token hashes, security events, audit-relevant events, and related timestamps. Sensitive authentication material is not intended to be stored in plaintext. Native long-lived session material is stored in iOS Keychain.

Activity, workout, route, and location information

When you create, record, import, or sync activities, we may collect sport type, title, notes, start and end timestamps, timezone, duration, moving time, distance, elevation, calories, heart rate, heart-rate zones, perceived effort, strength sets/reps/volume, source metadata, GPS route geometry, location samples, map previews, splits, pace/speed/elevation/heart-rate analysis, route adherence, route-section efforts, achievements, recording-quality signals, uploaded raw activity files such as GPX, FIT, or TCX, gear assignments, weather/context fields, companions, comments, reactions, and link metadata.

Flytte stores canonical activity and route metrics in metric units and converts display copy to your unit preference where supported.

Health, workout, and device permission information

The iOS and watchOS apps request permissions only when needed for user-facing workflows. Location permission supports active iPhone recording, route capture, route following, and live sharing. Health/Workout permission supports Apple Watch workout recording and Apple Health workout imports. Photos permission or picker access supports activity media upload. Push notification permission supports optional Apple Push Notification service delivery.

Flytte enables continuous background location updates only during an active iPhone recording and stops location capture when the recording is paused, finished, or discarded. You can manage permissions through device settings, and some features may not work if permissions are disabled.

Media information

If you add media to activities or your profile, we may collect activity photos, thumbnails, captions, avatars, and media metadata. Media visibility may depend on the activity, profile, club, challenge, or feature context where it is posted.

Social and community information

We collect information needed for social and community features, such as follows, follower removal, blocks, suggested follow context, likes, comments, comment edits/deletes, activity links, home-feed and user-feed rows generated from visible activities and community content, clubs, memberships, roles, join requests, invite links, posts, attachments, events, RSVPs, challenge participation, and challenge progress.

Notifications and communications

We collect notification rows, unread counts, notification preferences, quiet hours, APNs token records, delivery results, transactional email delivery events when email delivery is enabled, and communications you send to us.

Support, reports, moderation, and admin records

If you contact support or submit a content report, we collect the information you provide and records needed to investigate, respond, moderate, and document outcomes. This may include support requests, content reports, reporter details if provided, moderation notes, outcomes, enforcement actions, user lookup records, import debugging context, and admin audit events.

Integration, import, and provider information

If you connect or import from Apple Health, Apple Watch, activity files, or a connected-device provider, we collect information needed to enable the workflow, process imports, deduplicate workouts, show import status, and troubleshoot failures. Provider tokens are encrypted at rest when an integration is enabled. Connected-device live sync should remain disabled until provider approval and production validation are complete.

Technical information

We may collect basic technical information needed to operate, secure, troubleshoot, and improve the Service, such as API request metadata, IP address, device or app version, environment labels, error logs, timestamps, upload status, and diagnostic information. Web pages may generate server logs and may use strictly necessary technical mechanisms to provide the requested page or link behavior.

Flytte uses Sentry for crash and error reporting and application performance monitoring on the iOS app and API. Sentry may collect crash reports, stack traces, error details, device and OS version, app version, environment, and performance trace data. Sentry events may include your account user ID where you are signed in. Sentry does not receive your name, email address, password, health data, location data, or activity content.

Flytte does not currently use an analytics SDK, advertising SDK, marketing SDK, third-party attribution SDK, or retargeting SDK. We may still review server logs, support records, import/sync records, and product data as needed to operate, secure, debug, and improve the Service.

4. How we use information

We use information to provide, operate, and maintain the Service; create and authenticate accounts; record, import, process, display, and analyze activities; provide maps, routes, route following, route sections, comparisons, leaderboards, history, and training surfaces; provide social feeds, comments, reactions, clubs, challenges, events, notifications, and sharing; provide live sharing when manually enabled; provide AI-assisted insights and recommendations; provide account export and deletion; provide support and import/sync troubleshooting; send transactional messages; secure the Service; prevent fraud, spam, abuse, and leaderboard manipulation; moderate content and enforce our Terms; comply with law; and develop, debug, and improve the Service.

We may use aggregated or de-identified information for product improvement, route quality, heatmaps, reliability, safety, and operations, provided the information does not identify you. We do not use health, fitness, workout, medical-research-context, or precise location information for advertising, marketing, unrelated data mining, or sale to data brokers.

5. Health, fitness, Apple Health, and location commitments

Flytte is a fitness app. When you choose to record, import, sync, or share an activity, Flytte may collect and process health, fitness, workout, and location information needed to provide those features. This may include workout type, start and end time, duration, moving time, distance, elevation, pace or speed, calories, heart rate, heart-rate zones, perceived effort, splits, route geometry, GPS/location samples, route adherence, route-section efforts, achievements, recording-quality signals, and similar activity metrics.

Flytte may receive this information from activities you manually enter, files you upload, workouts you import from the Apple Health app with your permission, Apple Watch workouts, iPhone recordings, and connected-device integrations you choose to enable.

Flytte uses health, fitness, workout, and location data only to provide and improve the fitness features of the Service, including recording and importing activities, showing maps and metrics, analyzing progress, route discovery, route following, route-section comparison, leaderboards, clubs and challenges, activity sharing based on your privacy settings, live sharing that you manually start, training insights and recommendations, safety, security, support, debugging, and legal compliance.

Flytte does not use or disclose health, fitness, workout, medical-research-context, or precise location information for third-party advertising, Flytte advertising or marketing, unrelated data mining, or sale to data brokers.

With your permission, Flytte may read workout and fitness information from the Apple Health app and may use HealthKit and Workout APIs to support Apple Watch workout recording and activity import features. You control Health app permissions through your device settings and can change or revoke those permissions at any time.

Flytte requests health/workout permissions only when needed for user-facing workflows such as Apple Watch workout recording and Apple Health workout imports, and location permissions only for active iPhone recording, route capture, route following, and live sharing. Flytte enables continuous background location updates only during an active iPhone recording and stops location capture when the recording is paused, finished, or discarded.

6. Privacy controls and visibility

Flytte enforces privacy at backend/service boundaries, not only in the app interface. Activities may be public, followers-only, or private. Private activities are returned only to the owner. Followers-only activities require an active follower relationship. Profile visibility is checked alongside activity visibility for user-feed and profile surfaces. Blocks suppress profile, feed, activity interaction, and social visibility in both directions.

Hidden start/end settings trim or obscure route and map details for non-owner viewers. Public activity pages show only privacy-safe metadata and return unavailable, private, deleted, or blocked states when access is not allowed. Live sharing is manual and follower-gated in the current version, and live-sharing fallback pages do not expose live location data.

Internal/test accounts are isolated from ordinary social, discovery, leaderboard, and notification flows.

7. AI-assisted features

Flytte may offer AI-assisted features, including Activity Insights for summaries of a specific activity, Next Best Workout for authenticated training recommendation copy and rationale, and Suggested Goals copy within deterministic safety limits. These AI-assisted features are part of the Service and are not currently subject to a separate user-level opt-out setting.

AI Activity Insights must remain owner-only. Non-owners receive an unavailable or not-found response. Insights are not embedded in feed cards, public activity pages, club feeds, route-section efforts, notification payloads, or link metadata.

AI prompts are designed to use compact Flytte-generated facts, not raw coordinates, raw heart-rate streams, notes, comments, captions, email addresses, names, follower lists, or provider identifiers. Next Best Workout and Suggested Goals use aggregate owner training context and deterministic candidates; they do not use social context or raw activity samples. Full prompts are not logged by default.

AI output is validated and rejected when invalid, unsupported, unsafe, too long, or outside the deterministic envelope. Invalid, timed-out, or unavailable AI calls fall back to deterministic Flytte-generated copy. AI Activity Insight responses are owner-only summaries derived from data you already provided and are stored in durable storage alongside your other activity data, keyed by owner, activity, model, prompt version, and unit preference/facts hash.

AI-assisted features must not provide medical advice, injury diagnosis, readiness certainty, or performance guarantees.

8. How we share information

Other users and the public. We share your profile, activity, route, club, challenge, post, comment, media, live-sharing, and leaderboard information with other users or web viewers according to your settings, the feature context, and the Service's privacy rules.

Service providers and infrastructure. We share information with vendors and infrastructure providers that help us operate the Service, such as Cloudflare Workers, Worker Assets, Hyperdrive, R2, Queues/Workflows, Durable Objects, Workers KV, Workers AI/AI Gateway, Postgres/PostGIS hosting or database infrastructure, APNs, Resend when email delivery is enabled, Sentry for crash and error reporting and performance monitoring, and Apple platform services such as HealthKit/Workout APIs, WatchConnectivity, MapKit, Photos picker, Keychain, and Universal Links.

Connected services. If you enable a connected-device or import integration, we share information as needed to connect, authenticate, import, sync, deduplicate, and troubleshoot the integration. Third-party providers process information under their own terms and privacy policies.

Legal, safety, and enforcement. We may share information when we believe it is necessary to comply with law, respond to legal process, protect users or the public, investigate abuse or security incidents, enforce our Terms, protect rights or property, or prevent fraud, spam, manipulation, or harm.

Business transfers. If Flytte is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction, subject to appropriate protections.

With your direction or consent. We may share information when you direct us to do so or give us permission.

No sale, no cross-context behavioral advertising, no data brokers. Flytte does not sell personal information, does not share personal information for cross-context behavioral advertising, and does not disclose personal information to data brokers. Flytte does not use advertising SDKs, marketing SDKs, or analytics SDKs at this time.

9. Data retention

We generally retain information for as long as you maintain an account or as needed to provide the Service. We may also retain information as reasonably necessary to comply with law, address legal claims, enforce our Terms, protect users, prevent abuse, maintain security, troubleshoot imports/syncs, preserve moderation and audit accountability, operate backups, and complete deletion workflows.

You may delete your account and request deletion of your data at any time through available account settings or by contacting us. Account deletion may deactivate the account, revoke sessions, disable push/device connections, scrub public profile fields, reset privacy to restrictive defaults, rewrite the email to a deleted-account placeholder, and sign you out. Deletion workflows may take time to complete, including storage-object cleanup and backup handling.

Please note that your right to deletion is limited in certain circumstances, such as when the law requires us to retain information. Some records may be retained longer, including support requests, reports, moderation audit events, admin audit events, security logs, backup copies, legal records, and information needed for safety, abuse prevention, operations, or accountability.

Current self-service data export returns authenticated JSON for account, activity, route, social, community, notification, report, and import/sync metadata. Export v1 does not yet bundle raw media, uploaded import archives, or full GPS/heart-rate stream payloads.

10. Your choices

Account and profile. You can update certain account and profile information in the app. You may be able to change your email, change your password, manage sessions and devices, export account data, and delete your account through settings.

Activity and profile visibility. You can set privacy defaults and may be able to change visibility for activities, profiles, routes, hidden start/end areas, and live-sharing preferences.

Device permissions. You can manage location, Health/Workout, Photos, and notification permissions through iOS settings. Disabling permissions may limit features.

Notifications. You can manage notification preferences and quiet hours through Flytte settings and device settings. Operational, safety, support, or security notices may still be sent where permitted.

AI-assisted features. Flytte does not currently provide a separate user-level AI opt-out setting. AI-assisted features are part of the Service and are handled under the data-minimization and safety rules described in this Policy.

Export and deletion. You can request or use available self-service features for data export and account deletion. Contact hello@flytte.org for privacy requests.

11. Privacy rights

Depending on where you live, you may have rights to request access to, correction of, deletion of, or portability of personal information; to object to or restrict certain processing; to withdraw consent where processing is based on consent; to appeal a decision; to opt out of certain sale, sharing, targeted advertising, or profiling practices; and to complain to a privacy regulator.

To exercise rights, contact hello@flytte.org or use available in-app self-service tools. We may need to verify your identity before fulfilling a request. We will not discriminate against you for exercising privacy rights. Some rights may be subject to exceptions, such as security, legal compliance, safety, abuse prevention, moderation, free-expression, backup, or operational needs.

12. California privacy notice

This section is intended for California residents and applies to the extent California privacy law applies to Flytte and to the relevant user. California residents may have rights to know/access personal information, delete personal information, correct inaccurate personal information, opt out of sale or sharing of personal information, limit certain uses and disclosures of sensitive personal information, and avoid discrimination for exercising privacy rights.

In the past 12 months, Flytte may have collected the categories described in this Privacy Policy, including identifiers, account information, internet or electronic network activity information, geolocation information, audio/visual or media information you upload, inferences or preferences, sensitive information such as precise geolocation, account login information, health/fitness-related information, and user-generated content.

We use these categories for the purposes described in this Privacy Policy. We disclose categories of personal information to service providers and other recipients described in the "How we share information" section. Flytte does not sell personal information and does not share personal information for cross-context behavioral advertising.

Flytte uses sensitive personal information only for purposes necessary to provide, secure, support, and improve the Service; to perform services reasonably expected by users; to prevent security incidents and abuse; to ensure physical safety where relevant; to troubleshoot and maintain the Service; and to comply with law. Flytte does not use sensitive personal information to infer characteristics unrelated to the Service.

13. International transfers

Flytte's current production data region is the United States. Flytte and its service providers may process information in the United States and other countries where we or our providers operate. These countries may have privacy laws that differ from those where you live. Where required, we use appropriate safeguards for cross-border transfers.

14. Security

We use administrative, technical, and organizational measures designed to protect information, including hashed sensitive authentication tokens, iOS Keychain storage for native long-lived session material, encrypted provider tokens where enabled, access controls, audit logging for admin actions, and privacy enforcement at service boundaries. No system is perfectly secure, and we cannot guarantee absolute security.

15. Adults only

Flytte is intended for adults only. You must be at least 18 years old to use the Service. We do not knowingly collect personal information from anyone under 18. If you believe a person under 18 has provided personal information to Flytte, contact hello@flytte.org so we can take appropriate steps.

16. Third-party services

The Service may include links to or integrations with third-party services, including Apple platform services, connected-device providers, infrastructure providers, email providers, and AI service providers. Third-party services are governed by their own terms and privacy policies. Flytte is not responsible for third-party privacy practices.

17. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice through the Service, by email, or by other reasonable means. The updated Policy will be effective on the date stated.

18. Contact

Privacy questions, support questions, account requests, deletion requests, or other inquiries may be sent to hello@flytte.org.