Privacy Policy

Last updated: February 8, 2026

What Tally Does

Tally automatically appends cumulative statistics to your Strava activity descriptions. When you complete an activity, Tally calculates your running totals and updates your activity description with stats like distance, time, and activity count.

Data We Collect

When you connect your Strava account, we store:

  • Account information: Your email address and password (securely hashed)
  • Strava connection: Your Strava athlete ID and OAuth tokens (encrypted)
  • Activity metadata: Activity name, type, date, distance, and moving time
  • Timeblock settings: Your configured date ranges, activity filters, and templates

Data We Do NOT Collect

  • GPS data or route information
  • Heart rate, power, or other biometric data
  • Photos or comments on your activities
  • Your followers, clubs, or social interactions
  • Any data from other Strava users

How We Use Your Data

Your data is used exclusively to:

  • Calculate cumulative statistics based on your timeblock settings
  • Update your Strava activity descriptions with rendered stats
  • Display your activities and stats on your dashboard

We do not use your data for advertising, analytics, machine learning, or any purpose other than providing the Tally service.

Data Sharing

We do not sell, rent, or share your personal data with third parties. Your data is only transmitted to Strava when updating your activity descriptions, using their official API.

Data Retention

Your data is retained as long as your account is active. When you disconnect Strava or delete your account, all associated data is permanently deleted immediately.

Your Rights

You have the right to:

  • Access your data: View all your stored data on your dashboard
  • Disconnect Strava: Remove Strava access and delete all activity data from your dashboard
  • Delete your account: Permanently delete your account and all associated data from Settings

Security

We use industry-standard security measures including encrypted connections (HTTPS), secure password hashing, and encrypted storage of OAuth tokens.

Contact

For questions about this privacy policy or to request data deletion, please contact us at privacy@joppe.dev.