Seguici sui social:

INFO & CONTATTI

We are the new innovative method of consulting for professional swimmers and beginners. The first online swimming training school in Italy.

Swimbox c/o Piscina Comunale Forlì
Via Turati 15 Forlì - 47121 Forlì

info@swimbox-official.it

Swimbox c/o Piscina Comunale Forlì
Via Turati 15 Forlì - 47121 Forlì

info@swimbox-official.it

Terms and Conditions

Sign up for our Newsletter

Stay up to date on all the shop news and access exclusive promotions from the website.

Privacy Policy for Swimbox SmartCoach

Last updated: November 28, 2025

SmartCoach (“we”, “us”, “our”) is developed and published by Andrea Piscopo as an individual developer. We are committed to protecting your privacy and ensuring transparent handling of your personal information. This Privacy Policy describes what data we collect, how we use it, how long we keep it, and the rights you have as a user.

If you have any questions, you can contact us at: andreapiscopo21@gmail.com.

1. Information We Collect

We collect the following categories of information when you use SmartCoach.

1.1 Information You Provide Directly

We collect information you provide when you create and use your account, including:

Account details (name, email, password)
Profile information: age, gender, weight, height, resting heart rate, fitness level
Lifestyle details (e.g., profession, activity level, training frequency)
Injuries, training restrictions, and relevant medical information (if voluntarily provided)
Free-text messages and questions sent through the in-app chat
Training preferences, goals, and activity-related settings

1.2 Information Collected Automatically

When you use SmartCoach, we may automatically collect:

Device information (device model, operating system version)
IP address and basic technical metadata for security and diagnostics
App or web usage information related to errors and performance
Cookies or similar technologies for authentication and session management

1.3 Third-Party Data Sources

If you choose to connect external accounts, we collect:

Strava

GPS-tracked activities (running, cycling, swimming, and other sports)
Indoor activities
Activity metadata such as duration, pace, distance, heart rate (if available)
Profile information (e.g., name, athlete ID, profile picture/avatar)

Important: SmartCoach does not collect live GPS data directly from your device. GPS traces only come from imported Strava activities.

1.4 Data Sent to OpenAI

To provide personalized coaching and generate training suggestions, SmartCoach sends certain data to OpenAI APIs (a third-party AI service provider), including:

Messages and questions you write in the chat
Profile information you provide, including your name
Activity summaries imported from Strava
Injuries, notes, training history, and other fitness-related information you share
Context needed to understand your situation and generate appropriate coaching responses

We do not send your email address or technical identifiers (such as your Auth0 ID) to OpenAI. OpenAI processes the data solely to generate responses for SmartCoach. According to OpenAI’s API data policies, content sent through the API is not used to train OpenAI’s models.

1.5 Chat Logs and Beta Testing Data

During the beta testing phase of SmartCoach, all chat exchanges (both the messages you send and the replies generated by the assistant) are stored in our content management system (CMS), Strapi.

These logs are collected for:

Analytics and understanding how the app is used
Debugging and error analysis
Improving the coaching experience
Quality assurance and feedback

These messages are not end-to-end encrypted. Chat logging in Strapi is planned to be removed after the beta testing period.

2. How We Use Your Information

We use the collected information to:

Create and manage your SmartCoach account
Provide training analysis, recommendations, and coaching suggestions
Generate AI-based advice using OpenAI APIs
Import activities and related information from Strava (if you connect it)
Improve app performance, usability, and user experience
Monitor and protect against misuse, fraud, and security issues
Provide customer support and respond to your requests
Communicate important updates or changes about the service
Comply with legal and regulatory obligations

3. Legal Bases for Processing (GDPR)

For users in the European Union (EU) / European Economic Area (EEA), we process personal data based on:

Performance of a contract: to create and manage your account, and provide the features and services of SmartCoach.
Consent: when you connect external services like Strava or when you agree to send data to OpenAI for AI-powered coaching.
Legitimate interests: to secure our systems, improve the app, and perform basic analytics necessary to operate the service.
Legal obligations: to comply with applicable laws, such as handling user rights requests.

4. Sharing Your Information

We do not sell your personal data.

4.1 Service Providers

We share your information with trusted third-party service providers who help us operate SmartCoach, including:

OpenAI – processing chat messages and related data to generate coaching responses
Heroku – hosting of backend services
MongoDB Atlas – database storage
Bunny.net – content delivery network (CDN) and hosting of images and videos
Auth0 – user authentication and identity management

These service providers process data only on our behalf and under appropriate data processing agreements and security measures.

4.2 Third-Party Integrations

If you choose to connect your Strava account, we may access data from Strava as described above:

We only import your data from Strava.
We do not upload or modify your Strava activities.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal requests from public authorities.

5. Data Storage & Security

We use industry-standard security measures to protect your data, including:

Hosting on reputable cloud providers (Heroku and MongoDB Atlas)
Encryption in transit via HTTPS
Secure password hashing
Access control and logging on our systems
Limited access to your personal data, restricted to operational and support needs

However, no method of transmission or storage is completely secure. During the beta phase, chat messages stored in Strapi are not end-to-end encrypted.

6. International Data Transfers

Your data may be processed and stored in countries outside your country of residence. When we transfer personal data internationally, we rely on mechanisms such as:

Standard Contractual Clauses (SCCs)
Data processing agreements with our service providers
Other safeguards as required by applicable data protection laws

7. Data Retention

We retain your data only for as long as necessary to provide SmartCoach and fulfill the purposes described in this policy.

7.1 Account Data

Account and profile information are retained for as long as you maintain an active account. If you request account deletion, your data is processed according to the rules described in Section 8.

7.2 Chat Messages (Beta)

During the beta phase, chat messages stored in Strapi may be retained for up to 6 months for analytics and improvement purposes, or until you request deletion. Chat logging in Strapi is planned to be removed after the beta testing period.

7.3 Activity Data

Activities imported from Strava and other training-related data are retained while your account is active. They will be deleted when your account is permanently removed.

8. Account & Data Deletion

You can request deletion of your SmartCoach account at any time. After you initiate a deletion request:

Your account enters a 7-day grace period.
During this period, you may restore your account if you change your mind.
After 7 days, your account and associated personal data are permanently deleted.
Backups are deleted in the normal course of their lifecycle.

Deletion includes:

Profile and account information
Strava-imported activities stored in SmartCoach
Chat logs and other personal content
Any other personal identifiers stored in our systems

We may retain anonymized or aggregated data that cannot be linked back to you individually, for statistical or analytical purposes.

9. Children’s Privacy

SmartCoach is intended for a general audience but is not directed to children under the age of 13. We do not knowingly collect personal data from children under 13 years of age.

If we become aware that we have collected personal data from a child under 13, we will take steps to delete such information as soon as possible. If you believe that a child has provided us with personal data, please contact us at andreapiscopo21@gmail.com.

10. Your Rights

Depending on your location and applicable law (including the GDPR for EU/EEA users), you may have the following rights regarding your personal data:

Right of access: to request a copy of your personal data we hold.
Right to rectification: to correct inaccurate or incomplete data.
Right to erasure: to request deletion of your data, subject to certain conditions.
Right to data portability: to receive your data in a structured, commonly used, and machine-readable format.
Right to withdraw consent: where processing is based on your consent.
Right to object or restrict processing: in certain circumstances.

To exercise any of these rights, please contact us at andreapiscopo21@gmail.com. We will respond to your request in accordance with applicable law, typically within 30 days.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you through the app or by email where appropriate, and update the “Last updated” date at the top of this page.

12. Contact

If you have any questions or concerns about this Privacy Policy or our data practices, you can contact us at:

Email: andreapiscopo21@gmail.com
Subject: SmartCoach Privacy

facebook
instagram
whatsapp