Podium Throws

Privacy Policy

Last updated: May 17, 2026

1. Information We Collect

Account Data: Name, email address, and encrypted password when you create an account.

Training Data: Athlete profiles, session logs, performance metrics, readiness check-ins, and coaching notes entered by coaches and athletes.

Video Uploads: Training and competition videos that coaches and athletes upload to the platform for storage and playback.

Usage Data: Page views and feature usage to improve the platform.

2. How We Use Your Data

We use your data solely to operate the Podium Throws coaching platform — delivering training management, performance tracking, and video upload and playback features. We do not sell or share your personal data for advertising purposes.

3. Data Storage & Security

Account and training data are stored in a PostgreSQL database hosted by Vercel. Video files are stored on Cloudflare R2 object storage. All data is encrypted in transit via TLS. Passwords are hashed using bcrypt with industry-standard salt rounds.

4. Cookies

We use a minimal set of cookies: auth-token for authentication and theme for your display preference. No third-party tracking cookies are used.

5. Wearable Device Integrations

You may optionally connect wearable devices (WHOOP or Oura Ring) to enhance your readiness data with physiological metrics. When you connect a wearable device:

  • We request access only to specific data categories (recovery, sleep, workouts, profile, body measurements) via OAuth 2.0 authorization.
  • Access tokens are encrypted at rest using AES-256-GCM and are only decrypted when making authorized API calls on your behalf.
  • Data we may access includes: recovery scores, heart rate variability (HRV), resting heart rate, sleep duration and stages, blood oxygen levels (SpO2), daily strain, and body measurements (height, weight).
  • You can disconnect your wearable at any time from your account settings, which immediately revokes our access. Previously synced data is retained as part of your training history unless you request its deletion.
  • Wearable data is shared with your assigned coach as part of your readiness metrics, following the same coach-athlete data sharing rules described below.

6. Third-Party Services

Stripe — processes subscription payments. Stripe's privacy policy governs payment data.

Resend — sends transactional emails (invitations, password resets).

WHOOP — optional wearable integration for recovery and sleep data. WHOOP's privacy policy governs data collected by their device. We only access data you explicitly authorize.

Oura Ring — optional wearable integration for readiness, sleep, and HRV data. Oura's privacy policy governs data collected by their device. We only access data you explicitly authorize.

7. Data Ownership & Deletion

Coaches own all training data they create. You can download a full export of your account data at any time from Settings → Privacy (coaches: Settings → Security), and you can delete your account from the same screen — deletion is a 30-day soft delete with self-serve restore before permanent removal. For any data request our self-serve tools don't cover, contact us at privacy@podiumthrows.com.

8. Contact

For privacy-related questions, contact us at privacy@podiumthrows.com.