Privacy Policy

Last updated: 23 June 2026

PB-Runner is built on a simple idea: your running data is yours. We made an app that records your runs, keeps them where you can get at them, and lets you point an AI you already pay for at your own training history — without us getting in the middle or selling anything. This policy sets out exactly what that means for your data: what we hold, where it sits, who else ever sees it, and the control you keep. It’s written to be read, not to be survived.

PB-Runner is made by Bunker 47 LTD, a company registered in England and Wales (company number 09169480), the data controller responsible for your data under this policy. It covers the PB-Runner iPhone app, the Apple Watch app, the web dashboard, and the backend they sync to. Reach us any time at privacy@pb-runner.com.

The short version

• Your runs sync to a server we run ourselves. No Supabase, no Firebase, no third-party cloud. Your data sits in our own database on our own server in the United Kingdom.
• No advertising tools, no analytics SDKs, no trackersanywhere in the app. We never sell your data and never share it for advertising. There is nothing to opt out of, because we don’t do it.
• You stay in control. Take it all as one file, delete what you like, close your account from inside the app — any time.
• You decide who else sees it. Your data only leaves us when you choose it: when you connect your own AI, share a run to Strava, or connect to a coach.

What we collect

Once you sign in, your watch and phone record runs into Apple Health, and the app syncs that running data to our server so it follows you across devices, feeds your stats and dashboard, and is there for an AI you connect. What we hold:

• Your runs— date, time, duration, distance, pace, and every metric your watch produces: heart rate, running power, speed, stride length, vertical oscillation, ground contact time and cadence. Form metrics only exist when you’re wearing the watch.
• Your routes — the GPS points for runs that have them, with altitude and accuracy. This is precise location data.
• Wider fitness context from Apple Health — resting heart rate, heart-rate variability, sleep and VO₂max — which sharpen your stats and any coaching.
• Your profile — what you (or your connected AI) set: age, sex, max and resting heart rate, goal, target race, preferred units.
• Your plan — the sessions you or your AI schedule.
• Your account— the identifier, email and name that Sign in with Apple or Google gives us. Use Apple’s private relay and we only ever see the relay address.
• A device notification token — if you turn on notifications, so we can send race-day alerts. You can turn notifications off any time in iOS Settings.

We never ask you to type a name, and there’s no photo and no password — Apple or Google handles who you are. When you sign in, Apple or Google may pass us your name along with your account, and we store it as part of your account.

Apple Health data, and how we treat it

PB-Runner reads from Apple Health (HealthKit) to do its job. The specific health data we read is: your running workouts and their metrics (heart rate, running power, speed, stride length, vertical oscillation, ground contact time, cadence), your workout routes, and your wider fitness context — resting heart rate, heart-rate variability, sleep and VO₂max.

We are clear about the limits on this data, in line with Apple’s HealthKit rules:

• We use Apple Health data onlyto provide the features you’re using — your stats, your dashboard, your history, and any coaching you set up.
• We never use Apple Health data for advertising, marketing, or data-mining, and we never sell it.
• We never store your Apple Health data in iCloud. It lives in our own database, described below.

Health and location are sensitive, and we treat them that way

Heart rate, the rest of your fitness metrics, your age and sex, and your GPS routes can say a lot about you — under UK and EU law, health information is “special category” data, and a route can show where you live. We collect this only to run the features you’re actually using, never for advertising, and never for sale.

How we use your data, and the basis for it

• To run the app and the features you use — recording, syncing, stats, the dashboard, the export. (Performing our contract with you.)
• To send your data to an AI you connect, to a coach you connect, or to Strava when you tap share — only once you set it up. (Your consent.)
• To keep the service reliable and secure — backups, fixing faults, stopping abuse. (Our legitimate interest in a service that works.)
• To meet a legal obligation — if the law requires us to keep or hand over records. (Legal obligation.)

We don’t profile you for advertising, and we make no automated decisions that have a legal or similarly significant effect on you.

Where your data lives

Your data sits in our own PostgreSQL database, on a server we operate ourselves in the United Kingdom. We don’t hand it to a managed cloud-data service, and there are no advertising or analytics tools anywhere in the product — no ad networks, no tracking SDKs, no analytics SDKs.

Your data is encrypted in transit and protected by server-side and access controls.

The web dashboard is delivered by Vercel, but Vercel only serves the page — it never holds your data or your sign-in. Everything is fetched from our own backend. When you use the dashboard, your browser carries a first-party session cookie on pb-runner.compurely to keep you signed in across the dashboard and our API; it is not a tracking cookie and it isn’t used for advertising.

Who else ever sees it

We keep this list genuinely short, and nothing on it happens unless you make it happen:

• Apple and Google — Apple Health is where your runs come from, and Sign in with Apple or Google confirms who you are. Their terms govern that.
• An AI you choose to connect— only if you do. See “Connecting your own AI” below.
• A coach you choose to connect— only if you do. See “Connecting a coach” below.
• Strava — only if you choose to share a single run. See below.

There are no advertising partners, no data brokers and no marketing networks. That’s the whole list.

Connecting your own AI

This is what PB-Runner is for. Rather than lock you into one coach, we let you aim an AI you already use — Claude, ChatGPT, Gemini or another — at your own running data.

When you connect one, you authorise it with Sign in with Apple. From then on, that AI can read your training data through our connector to analyse it and help plan your sessions, and it can only change your profile or schedule with your confirmation.

Here’s the honest shape of it: once you connect an AI, your running and health data (including sleep, heart-rate variability and recovery context) is sent to that provider, under your account with them and under theirterms — not ours. You’re choosing to send it, and you can disconnect whenever you want to stop the flow. This isn’t us selling or sharing your data; we’re the pipe, and you decide who’s on the far end. It’s worth reading the privacy terms of whichever AI you connect.

Connecting a coach

If you connect to a coach, you’re inviting another person to see your training. You stay in control of exactly what:

• You choose what they can see — your training data (runs, splits, training load and plan), and separately your recovery data (resting heart rate, heart-rate variability, sleep, VO₂max), which only flows if you grant it.
• You choose whether they can write training sessions into your plan.
• A coach can leave you notes tied to your account.

A coach you connect is a recipient of the data you share with them. Once you’ve granted a coach access, what you share stays shared on your settings until you change them — it’s opt-out from that point, not asked again each time. You can change what’s shared, or revoke a coach’s access entirely, at any time from the app, which stops any further access.

Sharing to Strava

Sharing to Strava is off unless you choose it, one run at a time. When you tap share, we post that single run (route, heart rate, cadence) to Strava using a permission that can only publish activities — activity:write and nothing more. We hold that Strava authorisation on our backend so we can complete the upload; you can disconnect it any time, which deletes it. PB-Runner never reads anything from your Strava account.

Race results

If you take part in a race run by one of our race partners, the race organiser may give us the official results — a finisher’s name, bib number, finish time, distance and finishing place — so we can show you and other entrants the results inside the app. We publish these on the organiser’s behalf, on the basis of our and the organiser’s legitimate interest in delivering race results to the people who ran. Results are shown to signed-in users who look one up in the app, not posted as a public list.

If you appear in race results and want your result removed or corrected, email privacy@pb-runner.com and we’ll take care of it, in coordination with the race organiser. This applies whether or not you use the app.

Your data, your control

We built the product around this:

• Take it — download your data from the dashboard any time, as a file (with your GPS routes available too).
• Remove it — delete individual runs, or close your account from within the app and have your data erased.
• Decide what you see — you can import your past runs from other apps if you want them, and the dashboard lets you switch between all your runs and just the ones PB-Runner recorded.
• The legal rights— wherever you live, you can ask to see, correct, limit or object to our use of your data, and withdraw a consent. In the UK and EU you can complain to a regulator (in the UK, the Information Commissioner’s Office, ico.org.uk). Under US state laws such as California’s you have access and deletion rights — and because we never sell or share your data for advertising, there’s simply no opt-out for that to give you. To use any of these, email privacy@pb-runner.com.

How long we keep it

While your account is open, we keep your data so it’s there when you want it. When you close your account or ask us to delete your data, we remove it from our systems within three days, and it clears from our routine backups on the short rotation that follows. We hold on only to anything the law specifically requires, and only for as long as required.

Children

PB-Runner isn’t for children. You must be at least 16to use the app and have us hold your data. We don’t knowingly collect data from anyone younger; if we find that we have, we delete it.

Where your data is processed, and moving between countries

We run our server in the United Kingdom and process your data there. PB-Runner is available internationally, so if you use it from outside the UK your data is handled on our UK server. The UK has been recognised by the EU as providing an adequate level of data protection, so data from people in the EU can be handled in the UK on that basis. Where we ever move your data across borders ourselves, we do so only with appropriate safeguards in place. And if you connect your own AI, your data goes to that provider — possibly in another country, under their terms — because you chose to connect them.

Our representatives

Bunker 47 LTD is established in the United Kingdom and is the controller of your data. Our registered address is 284 Brockley Road, London, SE4 2RA, United Kingdom.

For people in the European Union, our representative under Article 27 of the EU GDPR is Jamie Hever, 3 Rue des Arènes, 75005 Paris, France, reachable at jamie@pb-runner.com. You can contact our EU representative on any matter relating to our processing of your data.

Changes to this policy

If we change how we handle your data, we’ll update this policy and flag anything significant inside the app. The date at the top shows when it last changed.

Contact

Questions, requests or complaints: privacy@pb-runner.com. We’ll reply within the time the law allows.