Steady Join Waitlist

Privacy Policy

Last updated: February 23, 2026

Overview

Steady ("we", "us", "our") is a cycling coaching platform that helps athletes prepare for endurance events. This policy explains what data we collect, how we use it, and your rights regarding that data.

We respect your privacy and collect only what we need to deliver the service.

Data We Collect

Waitlist

When you join our waitlist, we collect your email address. This is stored by Netlify Forms and used solely to notify you about Steady's launch and early access availability.

Account & Profile

When you create a Steady account, we store your name, email, and training profile information you provide (weight, FTP, available training days, event goals).

Strava Data

With your explicit authorization, we connect to your Strava account via OAuth to read your cycling activities. We access:

  • Activity summaries (date, distance, duration, elevation)
  • Power and heart rate data streams (for rides with a power meter)
  • Basic athlete profile from Strava

We do not access your Strava social data, followers, or private notes. We do not post to Strava on your behalf.

How We Use Your Data

We use your data to:

  • Generate personalized training plans based on your event goals and current fitness
  • Track your progress toward event-specific targets
  • Provide coaching feedback on completed workouts
  • Send you relevant product updates and launch notifications (email)

We do not sell your data. We do not share your personal data with third parties for marketing purposes.

Third-Party Services

We use the following third-party services to operate Steady:

  • Strava API — to read your cycling activity data (with your authorization)
  • Supabase — database and authentication infrastructure
  • Anthropic (Claude) — AI model used to generate training plans and coaching feedback from your anonymized training data
  • Netlify — hosting and waitlist form processing

Cookies

The Steady marketing site does not use tracking cookies or analytics. The Steady application uses a session token stored in your browser's local storage to keep you logged in. No third-party tracking cookies are used.

Data Retention

We retain your data for as long as your account is active. If you delete your account or request data deletion, we will remove your personal data and training history within 30 days. Anonymized, aggregated data may be retained for product improvement.

Your Rights

You can:

  • Request a copy of your data
  • Request deletion of your account and data
  • Disconnect your Strava account at any time (via Strava's settings or within Steady)
  • Unsubscribe from emails using the link in any email we send

Security

We use industry-standard security measures including encrypted connections (HTTPS), secure token storage, and access controls. Strava OAuth tokens are stored securely and used only to sync your activity data.

Changes to This Policy

We may update this policy as Steady evolves. Significant changes will be communicated via email to registered users. The "last updated" date at the top reflects when this policy was last revised.

Contact

Questions about this policy or your data? Email us at hello@trainsteady.com.