Privacy Policy

Effective date: 2025-10-10

Stride is operated by Dr Quentin Pleyers (“we”, “us”). This policy explains what data we process when you use our website stride.ac and our mobile applications (“Apps”), why we process it, how we store it, and the choices you have. We comply with the EU General Data Protection Regulation (GDPR).

1. Summary

• On‑device by default: videos you analyze with Stride are processed locally on your device; they are not uploaded to us unless you explicitly export or share them.
• We minimize data: for the website we collect basic server logs and optional analytics cookies (if you consent). For the Apps we may collect crash/usage diagnostics to improve stability.
• Your rights: you can access, correct, delete, or export your personal data and withdraw consent at any time.

2. Data we process

2.1 Website (stride.ac)

• Server logs (legitimate interest): IP address, user‑agent, pages visited, timestamp; retained no longer than 30 days for security and abuse prevention.
• Waitlist form (consent): email address you provide via Google Forms to notify you about beta access and product updates.
• Cookies/analytics (consent): if we enable privacy‑friendly analytics, we will display a banner and store your choice; no tracking occurs without consent.

2.2 Apps (iOS/Android)

• Video content: processed on device. Export/sharing is user‑initiated only; if you choose a cloud backup provider (iCloud/Drive/etc.), their privacy terms apply.
• Diagnostics (legitimate interest): crash reports and basic performance metrics. You can disable analytics/diagnostics in system settings where available.
• Account/billing (contract): if you subscribe to Stride Plus/Pro, the app store processes your payment data; we receive subscription status only.

3. Legal bases (GDPR Art. 6)

• Consent — waitlist/marketing emails; cookies/analytics.
• Contract — providing paid features you purchase.
• Legitimate interests — security, fraud prevention, crash diagnostics, and service improvement balanced against your rights.
• Legal obligation — records we must keep under applicable law.

4. Retention

We retain personal data only as long as necessary for the purposes above. Waitlist emails are kept until you unsubscribe or we close the list. Server logs are typically deleted within 30 days. Diagnostic data follows the retention of the analytics provider (e.g., Apple/Google). Backups, if any, are encrypted and time‑limited.

5. Sharing and processors

We do not sell your personal data. We may share data with service providers under data‑processing agreements (e.g., hosting, email delivery, analytics) strictly for the purposes described. A list of current processors is available on request.

6. International transfers

Where data is transferred outside the EEA/UK, we rely on adequacy decisions, Standard Contractual Clauses (SCCs), and additional safeguards as required.

7. Security

We use technical and organizational measures appropriate to risk: encryption in transit, access controls, least‑privilege, monitoring, and periodic reviews. No security is perfect; please contact us immediately if you suspect unauthorized access.

8. Your rights

Under GDPR you may request: access, rectification, erasure, restriction, portability, and objection to processing. You may also withdraw consent at any time without affecting prior lawful processing. You can lodge a complaint with your local data‑protection authority.

9. Children

Stride is not directed to children under 16. We do not knowingly collect their data. If we become aware of such processing, we will delete it.

10. Contact

11. Changes

We may update this policy from time to time. We will post changes here and adjust the effective date above.

← Back to home