Brevet Cycling is a virtual cycling application built by cyclists for cyclists. This Privacy Policy details how we handle your personal data in compliance with the GDPR.
Brevet Cycling is operated by the Brevet Cycling team. Contact details are available on our Impressum page.
We integrate with Strava, Google Calendar, and Spotify. When you connect these services, we store OAuth tokens to act on your behalf. You can disconnect at any time from the Connections page, which deletes all stored tokens.
We also offer an optional AI training assessment feature powered by a self-hosted AI system (Ollama/Gemma). When you explicitly request an AI assessment, anonymised training data is processed locally on our own infrastructure. This feature is consent-based and requires explicit confirmation.
Push Notifications (Google Firebase Cloud Messaging): When you allow push notifications in the companion app, your device token and IP address are processed by Google Ireland Ltd. to deliver notifications about AI coach reports and training plan changes. Google acts as a data processor under their Data Processing Terms. The OS permission dialog serves as your explicit consent (Art. 6(1)(a) GDPR). No notifications are sent without your permission. Your device token is deleted from our servers on logout or account deletion.
All data is stored on our self-hosted server in Germany. We do not sell or share your data with third parties.
You have the right to access, correct, delete, or export your personal data. Contact us via the email on our Impressum page.
We use a session cookie for authentication. No tracking or advertising cookies are used.
We may update this policy. Changes will be posted on this page.