FitLock Privacy Policy Last updated: February 21, 2026

Overview FitLock ("the Extension") is a Chrome extension that blocks distracting websites until you complete your daily running goal. This policy explains what data we collect and how it is used.

Data We Collect

• Google Account Information: When you sign in with Google, we collect your email address and user ID to create and identify your FitLock account.
• Strava Activity Data: With your authorization, FitLock reads your running activity data (distance, duration, date) from Strava to verify your daily goal completion. We do not collect heart rate, GPS routes, or any other biometric data.
• User Preferences: Your daily goal distance, reset hour, and list of blocked websites are stored in your account.

How We Use Your Data

• To authenticate your identity and manage your account.
• To verify whether your daily running goal has been met.
• To enforce your website blocklist based on goal completion.
• We do not sell, rent, or share your data with third parties.

Data Storage Your account data is stored securely using Supabase. Strava access tokens are stored server-side and are never exposed to the browser.

Third-Party Services

• Google OAuth — for authentication
• Strava API — for activity data
• Supabase — for data storage

Data Deletion You can delete your account and all associated data by signing out and emailing [email protected].

Contact For questions, contact: [email protected]