PRIVACYHow we handle your data

Privacy Policy

This policy explains what PROOF collects, why we collect it, and how you can control your information. PROOF is built to respect athlete identity and keep you in control of what is public.

Effective date: February 11, 2026 Applies to: proof.drnts.com

1) Information we collect

We collect information you provide directly and information generated through your use of PROOF.

Account data: name, email, login identifiers (e.g., magic link), profile details you choose to add.
Athlete profile: handle, bio, avatar, region (optional), public links (optional).
Connected data sources: when you connect a provider (e.g., Strava), we receive authorization tokens and access activity data strictly within the scope you approve (e.g., read, activity:read_all). We do not access data beyond what is explicitly authorized.
Usage data: logs, device/browser info, IP address, timestamps, and basic analytics required for security and product improvement.

2) How we use your information

Provide and operate the service (login, profile, verification flows).
Verify activities and generate reputation signals (e.g., verified milestones / Proof Cards).
Protect security and prevent abuse (fraud detection, rate limiting).
Improve product quality (debugging, performance, feature refinement).
Communicate service-related messages (verification updates, important notices).

3) What becomes public

PROOF is designed around control. Your public profile and any Proof Cards are only public if you choose to share them.

Public items may include: handle, avatar, bio, and Proof Cards you explicitly share.
Private items typically include: email, authentication tokens, and full activity data (unless shared by you).

Connected activity data may be used internally to compute verification signals without making all underlying data public.

4) Data sharing

We do not sell, rent, or trade your personal information. We only share limited data in the following cases:

Service providers (hosting, email delivery, analytics) strictly to operate PROOF.
Legal/security if required to comply with law or protect rights and safety.
User-initiated sharing when you publish a profile or Proof Card.

We do not redistribute Strava data to third parties.

5) Strava integration & control

When you connect your Strava account, you authorize PROOF via OAuth.

We only access data within the scopes you grant.
You can disconnect Strava at any time.
Upon disconnection or deauthorization, access tokens are revoked and no further data is accessed.
Existing data can be removed upon request.

PROOF does not modify or write data back to Strava.

6) Cookies & analytics

PROOF may use cookies or local storage for authentication, preferences, and basic analytics. You can control cookies via your browser settings, but some features may not function properly.

7) Data retention

We retain information only as long as necessary to operate PROOF and meet legal and security obligations. You may request deletion of your account and associated data, subject to required retention for compliance and security.

8) Your rights

Access, correct, or delete your personal information.
Control what is public on your profile.
Revoke third-party access (e.g., Strava) at any time.

9) Contact

For privacy-related requests, contact: [email protected]