Privacy Policy

Last Updated: April 5, 2026

This Privacy Policy describes how TheVSG LLC (“we,” “us,” or “our”) collects, uses, and protects your information when you use the FuelFlow application and services (“FuelFlow”), including our iOS, watchOS, and Android apps and our web application at fuelflow.run.

Our Commitment to Privacy

Your privacy is critically important to us. FuelFlow is designed with privacy as a core principle. We believe your nutrition and health data belongs to you, and you alone.

Key Privacy Principles:

We collect the minimum data necessary to provide FuelFlow’s features
Your nutrition data is stored in your private cloud account (iCloud or Google Cloud) — we do not have access to it
If you create a FuelFlow account for web or Ultra Mode features, we store account and plan data on our servers (see “FuelFlow Account Data” below)
Optional third-party integrations may involve temporary data transit through our servers (see “Third-Party Integrations” below)
Your data is never sold, shared with advertisers, or used to train artificial intelligence or machine learning models
No advertising or tracking

Information We Collect

Nutrition Data (Stored on Your Device / Your Cloud Account)

Nutrition data you create (food items, intake logs, activity sessions, goals) is stored on your device and synced through your private cloud account (Apple iCloud or Google Cloud). We do not have access to this data.

Account Data (Stored on Our Servers — If You Create an Account)

If you sign in with Apple or Google to use web features, Ultra Mode, or cross-platform sync, we collect and store:

Authentication identifiers: A unique user ID and, depending on your sign-in provider, your email address (Apple’s “Hide My Email” relay address or your Google email)
Profile data you provide: Display name, athlete profile settings (weight, sweat rate preferences), unit preferences

Your account is also associated with content you create, such as race plans, courses, and activity summaries. This content is not personally identifiable on its own but is linked to your account.

All account data and associated content is stored on servers operated by TheVSG LLC and is protected by industry-standard encryption in transit and at rest.

Data We Do NOT Collect

Location data
Financial information
Health data beyond what you manually log (HealthKit/Health Connect data stays on your device)
Device identifiers or advertising IDs
Browsing history or app usage analytics
Crash reports (unless you opt-in through your device’s operating system)

How Your Data is Stored

FuelFlow uses a layered storage model. Where your data lives depends on which features you use.

Tier 1: Your Device + Your Cloud Account (All Users)

Your nutrition data is stored on your device and synced through your private cloud account (Apple iCloud or Google Cloud). We have no access to this data. It is encrypted by your cloud provider and accessible only to devices signed in with your account.

Tier 2: FuelFlow Servers (Account Users)

If you create a FuelFlow account, your account data and associated content (race plans, activity summaries) is stored on servers operated by TheVSG LLC. This data is encrypted in transit and at rest.

You can delete your account and all server-stored data at any time directly from the app (iOS, Android, or web). Account deletion does not affect nutrition data in your iCloud or Google Cloud account.

Tier 3: Temporary Transit (Optional Integrations)

Some optional features (such as automatic workout import from Garmin Connect) temporarily route data through FuelFlow servers to deliver it to your device. See “Third-Party Integrations” below for complete details.

We do not sell, rent, or share your data with third parties for their own purposes.

Your data is never:

Sold to third parties or data brokers
Shared with advertisers or marketing platforms
Licensed to or shared with third-party artificial intelligence or machine learning providers
Used to train, fine-tune, or improve any AI/ML models — ours or anyone else’s
Shared with other FuelFlow users without your explicit action
Used for advertising, marketing profiling, or behavioral targeting

Any sharing of your data is initiated by you through the app’s export features and your device’s native sharing system.

Third-Party Integrations

Authentication Providers

If you sign in with Apple, we receive an opaque user identifier and, optionally, your email address (which may be Apple’s private relay address if you choose “Hide My Email”). We use this solely to create and authenticate your FuelFlow account. Subject to Apple’s Privacy Policy.

If you sign in with Google, we receive your Google user identifier and email address. We use this solely to create and authenticate your FuelFlow account. Subject to Google’s Privacy Policy.

Optional Workout Integrations

FuelFlow offers optional integrations with third-party fitness platforms to help you import workout data. These integrations are entirely optional — you can use FuelFlow without ever connecting them.

Client-Side Integrations

Apple HealthKit, Google Health Connect, Strava, and manual file imports are processed entirely on your device. FuelFlow servers are not involved and we cannot access this data.

AI/ML Restriction for Strava: In compliance with Strava’s API Agreement, data obtained from Strava is displayed only to you (the authenticated user) and is:

Never used to train, fine-tune, or improve any artificial intelligence or machine learning models — by us or any third party
Never aggregated with other users’ data for any purpose
Never shared with any third party
Never stored on FuelFlow servers

Server-Assisted Integrations (Optional)

Garmin Connect (if enabled):

FuelFlow servers act as a secure relay to forward workout data to your device.

Workout data is encrypted before storage on our servers — we cannot read it
Data is automatically deleted from our servers promptly after delivery to your device
We do not receive your Garmin password (authentication uses OAuth)
You can enable, disable, or disconnect at any time in Settings

AI/ML Restriction: In compliance with the Garmin Connect API License Agreement, workout data received from Garmin Connect is:

Never used to train, fine-tune, or improve any artificial intelligence or machine learning models — by us or any third party
Never shared with third-party AI/ML providers, data brokers, or analytics platforms
Never aggregated with other users’ data for any purpose
Used solely to deliver your workout data to your device, then deleted

If you prefer to avoid server-assisted integrations entirely, you can import Garmin Connect workouts manually via file import or through Apple HealthKit / Google Health Connect.

No Analytics, Advertising, or AI Training

FuelFlow does not integrate with:

Analytics platforms
Advertising networks
Social media platforms
Marketing or tracking services
Third-party AI/ML training services or data providers

Your data is never used for these purposes, regardless of which integrations you enable.

Your Privacy Rights

You can access, modify, and delete your data at any time within the FuelFlow app.

Delete on-device / cloud data: Remove the app and delete FuelFlow data from your iCloud or Google Cloud account settings.

Delete your FuelFlow account: If you created an account, you can delete it directly from any FuelFlow app (iOS, Android, or web) in account settings. This removes all server-stored data. Nutrition data in your iCloud or Google Cloud account is not affected.

Deletion is permanent and cannot be undone.

Data Retention

Your data is retained in your cloud account until you choose to delete it. Deleted data is permanently removed and cannot be recovered.

Children’s Privacy

FuelFlow is not directed to children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@fuelflow.run.

Given that FuelFlow stores all data in the user’s private cloud account (iCloud or Google Cloud) and we have no access to that data, we have no way to identify users by age.

International Users

FuelFlow is available worldwide. If you use FuelFlow outside the United States, please be aware that your data is stored in your cloud account, which may be processed in any country where your cloud provider (Apple or Google) operates data centers.

Your use of FuelFlow and the storage of your data is subject to your cloud provider’s international data transfer practices:

Apple Users: Apple’s Privacy Policy
Android Users: Google’s Privacy Policy

Security

Our Security Measures

We take security seriously across all layers of FuelFlow:

All communications are encrypted in transit using industry-standard protocols
Server-stored data is encrypted at rest
Passwords are never stored — we use Apple Sign In and Google Sign In (OAuth)
Workout data from server-assisted integrations (Garmin) is encrypted before storage so that only your device can read it
Local data is protected by platform sandboxing (iOS/Android)
Access to server infrastructure is restricted, logged, and monitored

Incident Response

If a security breach occurs:

We will immediately invalidate all affected authentication tokens
We will notify affected users within 72 hours
We will publish a transparent post-mortem

Your nutrition data in your cloud account (iCloud or Google Cloud) is not affected by a breach of FuelFlow servers — it was never stored there.

Your Security Responsibilities

To keep your data secure:

Use a strong password for your Apple ID or Google account
Enable two-factor authentication on your account
Keep your devices updated with the latest operating system
Use a passcode or biometric authentication on your devices

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in:

Our app features
Legal requirements
Industry best practices

When we make changes:

We will update the “Last Updated” date at the top of this policy
Significant changes will be communicated through the app or our website
Continued use of FuelFlow after changes constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

App Store & Play Store Privacy Labels

FuelFlow’s privacy labels on both the Apple App Store and Google Play Store reflect our data practices:

Data Used to Track You: None — FuelFlow does not use data for tracking purposes.

Data Linked to You:

Contact info (email address — if you create an account via Apple or Google Sign In)
Identifiers (user ID)
Health & fitness (workout data — only if you enable Garmin or Strava integration)

Data Not Linked to You: None

Data Not Collected: FuelFlow does not collect financial information, browsing history, search history, advertising data, or device identifiers.

You can review these labels in FuelFlow’s App Store or Google Play Store listing.

Artificial Intelligence and Machine Learning

Your data is never used to train, fine-tune, validate, or improve any AI or machine learning model — by us or any third party. We do not provide your data to AI/ML providers, large language model operators, or data aggregation services.

FuelFlow does not use cookies, tracking pixels, or similar technologies on its mobile apps.

The FuelFlow web application (fuelflow.run) uses only essential cookies required for authentication (session tokens). We do not use analytics cookies, advertising cookies, or tracking pixels.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data privacy, please contact us:

Email: info@fuelflow.run

Response Time: We aim to respond to all privacy inquiries within 96 hours.

Legal Information

Data Controller

TheVSG LLC Colorado, United States Email: info@fuelflow.run

Governing Law

This Privacy Policy is governed by the laws of the State of Colorado, United States, without regard to conflict of law provisions.

Dispute Resolution

Any disputes relating to this Privacy Policy will be resolved through good faith negotiations. If negotiations fail, disputes will be resolved through binding arbitration administered by the American Arbitration Association (“AAA”) under its Consumer Arbitration Rules. Arbitration will take place in Colorado, and the arbitrator’s decision will be final and binding. Each party will bear its own costs, with arbitration fees split equally unless the arbitrator determines otherwise. You agree to waive any right to participate in a class action lawsuit or class-wide arbitration.

EU Users: If you are located in the European Union, this arbitration provision does not apply to you. You retain the right to bring claims before the courts of your country of residence.

Compliance

FuelFlow is designed to comply with:

California Consumer Privacy Act (CCPA)
General Data Protection Regulation (GDPR) for EU users
Children’s Online Privacy Protection Act (COPPA)
Other applicable data protection laws

For your core nutrition data (food library, consumption logs, goals): This data is stored in your private cloud account (iCloud or Google Cloud). You manage it directly through the app and your cloud account settings.

For your FuelFlow account data (profile, race plans, activity summaries): If you create an account, this data is stored on our servers. You can exercise your rights by:

Viewing and modifying your data through the app or web interface
Deleting your account and all associated server-stored data directly from account settings (iOS, Android, or web)
Requesting a data export by contacting info@fuelflow.run — we will respond within 30 days

For server-assisted integrations (such as Garmin Connect): We process workout data as a “data processor” on your behalf. You can exercise your rights by:

Disconnecting the integration (deletes OAuth tokens and in-transit data immediately)
Contacting us at info@fuelflow.run to request data deletion
Viewing import history in the app to see what data was processed

Your California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

Right to Know: You can request information about data collected about you
Right to Delete: You can request deletion of your personal information
Right to Opt-Out: You can opt-out of the sale of personal information
Right to Non-Discrimination: You won’t be discriminated against for exercising your rights

Important: Your nutrition data is stored in your private cloud account (iCloud or Google Cloud) and is managed directly by you. For account data stored on our servers, you can exercise these rights by contacting info@fuelflow.run. We do not sell personal information. We do not share personal information with third parties for their own marketing or AI/ML purposes.

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

Right of Access: Access your personal data
Right to Rectification: Correct inaccurate data
Right to Erasure: Delete your personal data
Right to Restrict Processing: Limit how data is used
Right to Data Portability: Receive your data in a portable format
Right to Object: Object to certain processing activities

Legal Basis: FuelFlow processes data based on your consent and our legitimate interests in providing app functionality.

Your nutrition data is stored in your private cloud account and can be managed through the app and your cloud provider’s settings. For account data stored on our servers, contact info@fuelflow.run to exercise these rights. We will respond within 30 days.

By using FuelFlow, you acknowledge that you have read and understood this Privacy Policy.

This Privacy Policy is part of and subject to our Terms of Service.

Back to Home