Loam

Privacy at Loam.

How we handle your training data — drafted plainly, in advance of our public launch.

Draft. This is a working draft. A complete privacy policy will be published before the public launch of Loam, and that final version will replace this draft in full.

What this covers

This policy describes how Loam Fitness (“Loam,” “we,” “us”) handles personal data in connection with the Loam training calendar service. It applies to your use of Loam’s website, web app, mobile apps, and authorized integrations.

Information we collect

Account information. When you create a Loam account we collect the email address and name associated with your sign-in, along with the identifiers issued by our authentication provider.

Workout data you provide directly. Workouts you log manually, workout files you upload, and any notes or planning content you write inside Loam.

Workout data you import from connected services. When you connect a third-party service — such as Suunto, Garmin, Coros, Apple Health, or Health Connect — Loamimports workout summaries and the related files (heart rate, distance, GPS, power, elevation, and similar measurements) through that service’s official API, with your explicit consent, and only to the extent needed to run the features you have enabled.

Operational data. Standard server logs, request metadata, and product telemetry needed to operate and secure the service.

How we use your information

We use the data above only to provide and operate Loam for you:

  • Render your unified training calendar across every sport you train.
  • Match imported workouts against the workouts you planned, and produce weekly summaries and compliance scores.
  • Provide the upload, export, and account-management tools described in the app.
  • Share read-only training context with AI agents you have explicitly authorized through Loam’s MCP (Model Context Protocol) server — only at your direction.
  • Secure the service, prevent abuse, and meet our legal obligations.

What we will not do

Loam does not sell your data, share it with advertisers, or use it to train external models. Workout data imported from connected services is used solely to operate Loam for you and is never re-sold or commercially redistributed. Your data remains your own and will not be used for any other purpose.

Your rights

You always retain ownership of your training data and may exercise the following rights at any time, from inside Loam:

  • Export. Download a complete copy of all of your training history and account data.
  • Delete. Permanently delete your account and the data associated with it.
  • Disconnect. Disconnect any third-party service you have linked. Loam will stop fetching new data from that service and revoke the access tokens it stored on your behalf.

Where local law gives you additional rights of access, correction, restriction, portability, or objection, those rights remain available to you.

Data security

Access tokens, refresh tokens, and provider API keys are encrypted at rest and are never exposed to client-side code. We follow industry-standard practices for transport security, access control, and operational hardening.

Children

Loam is not intended for, and we do not knowingly collect personal data from, individuals under 16.

Changes to this policy

This draft will be replaced by a complete policy at public launch. After launch, we will notify users of material changes through the app and our website.

Contact

Privacy questions and requests:
support@loamfitness.com
Codelous, LLC