Back to Homecatena

Privacy Policy

Last updated: January 2026

1. Introduction

Catena is an AI-powered cycling training application developed and operated by Struo Labs ("we", "our", or "us"). We are committed to protecting your privacy and ensuring the security of your personal information and fitness data.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Catena mobile application and related services. By using Catena, you consent to the data practices described in this policy.

Catena integrates with third-party fitness platforms to provide you with comprehensive training insights and AI-driven coaching. This policy specifically addresses how we handle data obtained through these integrations.

2. Information We Collect

2.1 Account Information

When you create a Catena account, we collect:

  • Name and email address
  • Password (stored in encrypted form)
  • Profile information (age, weight, height, cycling experience level)
  • Training goals and preferences
  • Functional Threshold Power (FTP) and other fitness metrics

2.2 Fitness and Health Data

To provide personalized training recommendations, we collect and process:

  • Cycling activity data (distance, duration, speed, elevation, route information)
  • Power meter data (power output, normalized power, Training Stress Score)
  • Heart rate data and heart rate zones
  • Cadence information
  • Training load and recovery metrics
  • Sleep data (when authorized)
  • Body composition data (when provided)

2.3 Third-Party Platform Data (Including Garmin Connect)

When you connect your Garmin Connect account or other third-party fitness platforms to Catena, we may access:

  • Activity Data: Cycling activities, workouts, and training sessions recorded on your Garmin device
  • Physiological Metrics: Heart rate, VO2 max estimates, training status, and recovery time
  • Device Information: Connected Garmin device type and sensor data
  • Historical Data: Past activities and training history to establish baseline metrics
  • Daily Metrics: Steps, stress levels, and body battery (when authorized)

We only access data that you explicitly authorize through the Garmin Connect OAuth authentication process. You can review and modify these permissions at any time through your Garmin Connect account settings.

2.4 Device and Usage Information

  • Device type, operating system, and app version
  • App usage patterns and feature interactions (anonymized for analytics)
  • Crash reports and performance data
  • IP address and general location (country/region level only)

3. How We Use Your Information

3.1 Core Service Functionality

  • Generate personalized, AI-driven training plans based on your fitness level, goals, and available time
  • Analyze your power data, heart rate, and performance metrics to track progress
  • Calculate Training Stress Score (TSS), Intensity Factor (IF), and other training metrics
  • Provide real-time coaching feedback and workout recommendations
  • Adapt training plans based on your completed workouts and recovery status
  • Display your training calendar and workout history

3.2 Garmin Connect Integration Specifically

Data from Garmin Connect is used to:

  • Import your cycling activities automatically after each ride
  • Sync physiological metrics for accurate training load calculations
  • Push planned workouts to your Garmin device for guided training sessions
  • Correlate recovery metrics with training recommendations to prevent overtraining
  • Provide historical performance analysis and trend visualization

3.3 AI and Machine Learning

Catena uses artificial intelligence to analyze your training data and provide personalized recommendations. Your data may be processed by machine learning models to:

  • Predict optimal training intensity and volume
  • Identify patterns in your performance data
  • Generate adaptive training plans
  • Provide real-time coaching insights

AI processing is performed on aggregated and anonymized data where possible. Your individual data is not used to train models that would be applied to other users without explicit consent.

4. Data Storage and Security

4.1 Data Storage

  • We use reputable cloud infrastructure providers with recognized security certifications
  • Data stored in our systems is encrypted at rest using industry-standard methods
  • Data in transit is encrypted using TLS

4.2 Security Measures

  • OAuth 2.0 authentication for third-party integrations (including Garmin Connect)
  • Access tokens are stored securely and refreshed automatically
  • Regular security audits and penetration testing
  • Employee access to user data is strictly limited and logged
  • Two-factor authentication available for user accounts

4.3 Third-Party API Credentials

API credentials for third-party services (such as Garmin Connect) are owned and managed by Struo Labs. These credentials are stored securely and are never exposed to end users or unauthorized parties. Access tokens specific to your account are stored encrypted and are only used to access data you have authorized.

5. Data Sharing and Disclosure

We do not sell your personal information or fitness data.

We may share your information only in the following circumstances:

  • With Your Consent: When you explicitly authorize sharing (e.g., sharing workouts to social platforms)
  • Service Providers: With trusted third-party providers who assist in operating our services (hosting, analytics), subject to strict confidentiality agreements
  • Legal Requirements: When required by law or to protect our rights, safety, or property
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with continued protection of your data

Data obtained from Garmin Connect is never shared with third parties for marketing purposes and is used solely for providing Catena's core training and analytics features.

6. Data Retention

  • Active Accounts: We retain your data for as long as your account is active
  • Deleted Accounts: Upon account deletion, your personal data is removed within 30 days, with anonymized aggregate data retained for service improvement
  • Third-Party Data: Data synced from Garmin Connect or other platforms is deleted when you disconnect the integration or delete your account
  • Backup Retention: Encrypted backups may be retained for up to 90 days for disaster recovery purposes

7. Your Rights and Choices

You have the following rights regarding your data:

  • Access: Request a copy of all personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your account and associated data
  • Portability: Export your training data in standard formats (FIT, TCX, CSV)
  • Restrict Processing: Request limitation of how we process your data
  • Withdraw Consent: Disconnect third-party integrations at any time
  • Object: Object to processing for specific purposes

Managing Garmin Connect Integration

You can disconnect your Garmin Connect account at any time through the Catena app settings or through your Garmin Connect account under "Connected Apps". Upon disconnection, we will stop syncing new data and you may request deletion of previously synced Garmin data.

8. Third-Party Services and Links

Catena integrates with third-party services to enhance functionality. Each third-party service has its own privacy policy:

We encourage you to review the privacy policies of any third-party services you connect with Catena.

9. International Users

Catena is operated by Struo Labs from Australia. If you are accessing our services from outside Australia, please be aware that your data may be transferred to, stored, and processed in Australia or other countries where our service providers operate.

For users in the European Economic Area (EEA) or United Kingdom, we ensure appropriate safeguards are in place for international data transfers in compliance with GDPR requirements.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy in the app and updating the "Last updated" date. For significant changes, we will provide additional notice via email or in-app notification. Continued use of Catena after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Struo Labs

Email: hello@struo.dev

Website: https://struo.dev

For data protection inquiries, please include "Privacy Request" in your subject line.

12. Regulatory Compliance

Catena is designed to comply with applicable data protection regulations, including:

  • Australian Privacy Principles (APPs) under the Privacy Act 1988
  • General Data Protection Regulation (GDPR) for EEA users
  • California Consumer Privacy Act (CCPA) for California residents

Catena is developed and operated by Struo Labs