Privacy Policy
Last Updated: February 2026 | Version 2.0
1. Introduction
At Aegis Endurance, we are committed to protecting your privacy while providing the most advanced, AI-driven coaching experience in the world. This policy explains how we collect, use, and protect your data, specifically regarding our integration with wearable devices, health platforms, and our proprietary AI coaching engine.
This Privacy Policy complies with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the requirements of our third-party integration partners, including the Garmin Connect Developer Program.
2. Information We Collect
To provide personalised, adaptive training plans, Aegis Endurance collects the following categories of data:
- Identity and Contact Data: Name, email address, and date of birth.
- Physical & Demographic Data: Height, weight, and gender.
- Sensitive Health & Life Stage Data (Optional): To provide tailored coaching for female athletes, users may optionally provide data regarding their menstrual cycle or life stage (e.g., peri-menopause, menopause). This data is used exclusively to adjust training intensity and recovery recommendations based on hormonal fluctuations.
- Lifestyle & Profile Data: Training goals, event dates, available training hours, and lifestyle factors (e.g., perceived stress levels, occupational physical activity).
- Biometric & Performance Data: We ingest high-fidelity data from your connected devices, including heart rate (resting and active), Heart Rate Variability (HRV), sleep duration and quality, respiratory rate, and functional threshold power (FTP).
- Activity Data: Data contained within .FIT files or activity logs, including GPS coordinates, power output, cadence, pace, and perceived exertion.
3. External Platform & Wearable Integrations
Aegis Endurance allows you to connect your account with third-party fitness platforms to create a seamless, "closed-loop" training experience.
3.1 Garmin Connect™ Integration
We offer a primary integration with the Garmin Connect™ platform through the Garmin Connect Developer Program. If you choose to link your Garmin account:
Data We Send to Garmin:
- Structured, AI-generated workouts pushed directly to your Garmin Connect calendar
Data We Receive from Garmin:
- Completed activity data to analyse performance against your plan
- Recovery and wellness markers (Sleep, Resting Heart Rate, HRV)
- Menstrual Cycle data (where you have granted permission within Garmin Connect)
3.2 Important Notice Regarding Garmin Data Transfers
By connecting your Garmin account to Aegis Endurance, you acknowledge and consent to the following:
- Your data will be transferred between Aegis Endurance and Garmin International, Inc.
- Garmin processes your data in accordance with their own privacy policy, available at: https://www.garmin.com/privacy/connect
- You should review Garmin's privacy policy before connecting your account
- If you are subject to any restrictions that prevent you from sharing your data with third parties, you must not connect your Garmin account to Aegis Endurance
Data Controller Status: Aegis Endurance and Garmin International, Inc. operate as independent data controllers. Each party is separately responsible for compliance with applicable data protection laws regarding the data they process.
3.3 Future Integrations
As Aegis Endurance expands, we may add support for additional third-party platforms. You will always have full control over which platforms are connected and what data is shared.
3.4 Data Control & Disconnection
You may disconnect any third-party integration at any time through your Aegis account settings. Disconnecting will stop future data transfers but will not automatically delete historical data already processed by Aegis Endurance (see Section 10 for deletion requests).
4. How We Use Your Data
Our proprietary AI ecosystem uses your data for the following purposes:
- The Coaching Supervisor: Our AI analyses your health, sensitive physiological data, and performance data to generate and adapt your weekly training schedule.
- Hormonal & Life Stage Adaptation: For athletes providing menstrual cycle or life stage data, our AI adjusts training load to optimise for physiological readiness and mitigate injury risk.
- Execution Scoring: We compare "planned vs. actual" metrics to score your workout execution and adjust future progressions.
- Recovery Optimisation: We use biometric markers to detect fatigue and automatically suggest rest or intensity reductions.
5. AI Processing & Transparency Statement
5.1 How Our AI Uses Your Data
Aegis Endurance is an AI-first coaching platform. Your data is processed by our artificial intelligence systems in the following ways:
| AI Processing Activity | Purpose | Data Used |
|---|---|---|
| Training Plan Generation | Create personalised, periodised training plans | Goals, fitness history, available hours, event dates |
| Adaptive Plan Adjustment | Dynamically modify your plan based on training response | Activity data, biometrics, subjective feedback |
| Performance Analysis | Analyse workout execution and identify improvements | Activity files, power/pace data, heart rate |
| Recovery Monitoring | Detect fatigue and overtraining risk | HRV trends, sleep quality, resting heart rate |
| Predictive Modelling | Forecast race readiness and performance windows | Historical performance, planned training load |
| Nutritional Guidance | Provide fuelling and hydration recommendations | Training load, session duration, athlete profile |
5.2 Third-Party AI Model Providers
Important: AI Model Provider Data Usage
Aegis Endurance uses Google's AI services (Gemini) to power our coaching intelligence. We want to be completely transparent about how your data is handled:
- No training on your data: Google does not use your personal data, training information, or any content processed through Aegis Endurance to train their AI models when accessed via their API.
- API-only access: Your data is processed via secure API calls and is not retained by Google beyond the immediate processing of your request.
- Contractual protections: Our use of Google's AI services is governed by their Cloud Data Processing Addendum, which prohibits using customer data for model training.
5.3 AI Model Training & Improvement by Aegis
To continuously improve the quality and accuracy of our AI coaching:
- Anonymised & Aggregated Data: We may use anonymised, aggregated data patterns to improve our AI models. This data cannot be used to identify you personally.
- Your Individual Data: Your personal training data may be used to refine and improve AI recommendations only with your explicit consent. You may grant or withdraw this consent at any time (see Section 5.5).
5.4 Automated Decision-Making
Your training plan is primarily managed by our multi-agent AI architecture. These automated decisions include:
- Adjusting workout intensity based on recovery metrics
- Rescheduling sessions when fatigue indicators are elevated
- Modifying training volume in response to execution scores
- Triggering protective interventions via our "Shielding Protocol"
Your Rights Regarding Automated Decisions: Under UK GDPR, you have the right to obtain human intervention in significant automated decisions, express your point of view, and contest decisions made solely by automated processing.
To request human review of any AI decision, contact us at dpo@aegisendurance.ai.
5.5 Your AI Processing Consent
By using Aegis Endurance, you consent to AI processing of your data as described in Section 5.1 (Training Plan Generation through Nutritional Guidance).
For AI model training and improvement by Aegis (Section 5.3), we will request your separate, explicit consent during account setup. You may withdraw this consent at any time via your account settings or by contacting dpo@aegisendurance.ai.
6. "Coach-in-the-Loop" Programs
6.1 Human Coaching Access
If you are enrolled in a "Coach-in-the-Loop" program, your assigned human coach will have access to your performance and health data, AI-generated insights, and your training history. This enables your coach to provide expert oversight and personalised guidance that complements our AI coaching.
6.2 Coach IP Protection
For coaches using our platform to scale their methodology, we ensure that your data is processed only within the parameters of their unique, protected coaching framework.
7. Data Sharing and Disclosure
7.1 No Sale of Personal Data
Aegis Endurance does not, and will never, sell your health, fitness, or sensitive personal data to third-party data brokers or advertisers.
7.2 Third-Party Integration Partners
When you connect external platforms (such as Garmin Connect), data is shared with those platforms as described in Section 3. Each integration partner operates as an independent data controller under their own privacy policy.
7.3 Infrastructure & Service Providers
We use carefully selected third-party service providers to operate Aegis Endurance. These providers process your data only on our behalf and under strict contractual obligations:
| Provider | Purpose | Data Location |
|---|---|---|
| Supabase | Database hosting, user authentication, and secure data storage | EU (AWS eu-west-2) |
| Vercel | Application hosting and content delivery | Global CDN with EU primary |
| Google Cloud Platform | Backend compute services, API infrastructure, and AI model provider (Gemini) for coaching intelligence (see Section 5.2) | EU (europe-west2) |
All service providers are bound by data processing agreements that ensure your data is protected to GDPR standards.
7.4 Limited Use Compliance
We adhere strictly to the "Limited Use" requirements of our integration partners. Our use of information received from Garmin APIs adheres to the Garmin Connect Developer Policy.
7.5 Legal Requirements
We may disclose your data if required by law, court order, or to protect the rights, property, or safety of Aegis Endurance, our users, or the public.
8. International Data Transfers
Your data may be transferred to and processed in countries outside the United Kingdom, including the United States. For transfers to countries not deemed adequate by UK data protection authorities, we rely on Standard Contractual Clauses (SCCs) and supplementary measures to ensure your data remains protected.
9. Your Data Protection Rights
Under UK GDPR, you have the following rights:
| Right | Description |
|---|---|
| Access | Obtain a copy of all personal data we hold about you |
| Rectification | Correct inaccurate or incomplete data |
| Erasure | Request deletion of your personal data |
| Restriction | Limit how we process your data in certain circumstances |
| Data Portability | Receive your data in a structured, machine-readable format |
| Object | Object to processing based on legitimate interests |
| Withdraw Consent | Withdraw any consent you have previously given |
To exercise any of these rights, contact dpo@aegisendurance.ai. We will respond within one calendar month as required by GDPR Article 12(3). This period may be extended by up to two additional months for complex requests, in which case we will inform you of the extension and reasons within the first month.
You have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
10. Data Retention and Deletion
We retain your data as long as your account is active. Upon request, we will purge all personally identifiable information within 30 days.
Important: Deletion from Aegis Endurance does not automatically delete data held by third-party platforms. You must separately request deletion from each platform.
11. Security
We implement industry-leading security measures including:
- Encryption at Rest: AES-256 encryption for all stored data
- Encryption in Transit: TLS 1.3 for all data transmission
- Access Controls: Role-based access with multi-factor authentication
- Regular Audits: Ongoing security assessments and penetration testing
In the event of a data breach, we will notify the ICO within 72 hours where required and notify you directly if the breach poses a high risk to your rights.
12. Children's Privacy
Aegis Endurance is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email and/or prominent notice within the app. Continued use after changes constitutes acceptance of the updated policy.
14. Contact Us
For any questions or requests regarding this Privacy Policy:
- Data Protection Officer: dpo@aegisendurance.ai
- General Enquiries: hello@aegisendurance.ai