We understand that the PainSled Service is used by both individuals and teams, many of whom compete at high levels. We know that the privacy of your personal identities and workout data is critical and we take it very seriously. It is our general policy to ONLY store your personal information and workout data under your control in the local storage of the Devices. Unless you explicitly direct the App to tell us otherwise, our general policy is to not know who you are or anything about you and to not have any access to your data outside of the Devices.
Given General Policy #1, there would seem to be no need for a no-monetization policy, since we don’t have your data in the first place. However, apparently while some fitness platforms claim to protect “personal” workout data, they actually then turn around and sell access to it in “de-identified”, “de-personalized”, “aggregated”, or other derivative forms. This General Policy #2 exists to make it clear that the PainSled service does not collect, store, research, sell, share, trade, or otherwise monetize any derivative form of your data. Simply put, our intention is that we don’t touch your data unless you tell us to, then we only do the thing with it that you told us to do, and then we get rid of any copies of your data as soon as possible. And then forget that it ever existed. An Obvious Side Effect: We can’t recover lost workout data! If Devices are lost, stolen, destroyed, reset, formatted, or anything else that causes personal or workout data to be lost, then it really is lost. As well as deletion of workouts in the App. Since the PainSled Service does not have your data, it cannot get it back for you. If your historical workout data is important, please make sure to backup your device occasionally.
A big part of the PainSled Service is to help you export, sync, and otherwise transfer your workout data to Fitness Platforms. Sometimes that data also includes personal information like account logins, name, location, gender, age, height, weight and so forth. You might also occasionally send personal information or workout data to Support or other parts of the PainSled Service. These activities cause exceptions to our general “know nothing, touch nothing” approach and you should be aware of the conditions under which that happens and how we protect your privacy when it does.
The PainSled Service incorporates a Backend that is used to transfer workouts to Fitness Platforms as well as perform heavy compute tasks. Data will only be passed to the Backend as a result of a request to the App to perform an export, sync, or other function. The data passed to the Backend is stored temporarily in order to perform the requested task and is then deleted.
The Backend also maintains server logs which contain a record of all requests and are kept for the purposes of debugging and maintaining the health of the Backend. The server logs are deleted periodically and are not permanently backed up. Access to the Backend and its logs is subject to administrative control and requires executive-level approval. Data Sent to Fitness Platforms
In order to support the debug of workout sync to Fitness Platforms, an audit record will be created for each transfer including a hash fingerprint of the workout as well as the source and destination IP addresses will be stored for future reference. No personal information will be included in the record. And the workout itself will not be stored after the request completes.
If you interact with Support and provide personal information or workout data for debugging an issue, that information will be permanently recorded in our issue tracking database so we can track recurring issues over time. This information is not public and is subject to administrative control.
If you signed up for a beta test, we stored your email address and other personal information that you provided. We also used it to provision the beta test, which means your email address, at minimum, was posted to the app store test platform for the beta you signed up for. If you ever want to be off the beta, drop us an email and we’ll take you off and delete your information from our systems as well as any test systems we added you to. And we’ll never sell or transfer any of your information elsewhere.
Finally, if you contact Support over Twitter or other social media channels, be mindful that your communications are not protected by this Policy.
Thanks for using the PainSled app!
(This policy was last updated on January 3, 2017)