STRIDE Early access
Privacy

Your data, in plain English.

We collect what we need to build your recovery plan — and nothing more. We don't sell your data, we don't share it with advertisers, and we don't track you across other apps or websites. Here's the full story.

Effective date
At launch
Last updated
May 13, 2026
Contact
team@goodstride.app
Pre-launch note.

Stride hasn't launched yet. Today, the only personal data we collect is the name and email you give us to join the early-access list — handled by our email vendor, Kit. The policy below describes the full data picture for when the app launches. We're publishing it now so you can see exactly where we're headed before you sign up.

Contents
  1. The short version
  2. Who we are
  3. What we collect
  4. Why we collect it
  5. What we don't do
  6. Who we share with
  7. How we use AI
  8. How long we keep it
  9. Your rights
  10. Children's privacy
  11. State-specific rights
  12. International users
  13. Security
  14. Changes to this policy
  15. Contact
The short version
  • We collect what we need to build your recovery plan: your surgery date, recovery goals, exercise activity, symptoms you log, and what you ask our AI companion.
  • We don't sell your data. We don't share it with advertisers. We don't track you across other companies' apps or websites.
  • We use Anthropic's Claude to power your personalized briefings and questions. Anthropic doesn't train on your data.
  • We share data with a small set of named vendors who help us run Stride — all listed below.
  • You can read, correct, export, or delete your data anytime from Settings > Account.
  • Stride is for adults (18+). We don't serve minors.
  • Stride is not your doctor and not a medical provider. The Symptom Checker and emergency escalation are always free and never gated.

If you want the full text, keep reading.

01Who we are

Stride is operated by Covariance LLC, doing business as Stride (the "operating entity"). We're a small team building an Achilles recovery companion app.

You can reach our team at team@goodstride.app.

02What we collect

We collect data in five categories. We keep this list short because the less we collect, the less risk there is.

Account data

  • Email address
  • Display name (you choose this; can be anonymous)
  • Account creation date
  • Password, stored encrypted — we cannot see it

Recovery data

  • Surgery date
  • Surgical method (open repair, percutaneous, conservative non-surgical, "not sure")
  • Recovery goal (return to daily activity, sport, performance, "not sure")
  • Whether you've connected with a physical therapist
  • Provider contact information (name, email, practice name, provider type) — only if you choose to add a provider

Daily activity

  • Daily briefing interactions (what you read, what you expand, what you ask)
  • Exercise sessions (which exercises, completion, difficulty rating)
  • Symptom check-in answers (pain levels, location, swelling, fever, and similar)
  • Questions you ask the AI companion

Community data

  • Posts, replies, and reactions you make in cohort feeds
  • Anonymous-mode preference per post

Subscription and technical data

  • Subscription status (free, trial, premium) — via RevenueCat and the App Store / Play Store
  • Device identifiers (for push notifications)
  • App usage data (screens viewed, session duration, feature interactions)
  • Diagnostic data (crash reports, performance)

03Why we collect it

Recovery data and daily activity are what make Stride work. We anchor your timeline to your surgery date, build your cohort, generate your briefings, and personalize what we surface to you.

Community data lets you connect with people in the same week as you.

Subscription and technical data are for billing, push delivery, and fixing bugs.

04What we don't do with your data

  • We don't sell it.
  • We don't share it with advertisers.
  • We don't track you across other apps or websites you visit.
  • We don't train AI models on your data (see section 6).
  • We don't share recovery data with employers, insurers, or anyone outside the vendor list below — unless you explicitly add a provider and send them your dashboard link, or unless we're legally required to.

05Who we share data with

We share data with a small set of vendors who help us run Stride. We list them so you know exactly who has access.

VendorWhat they do for usWhat data they touch
SupabaseHosts our database, handles login, runs server-side AI logicAll user data lives here
AnthropicPowers AI briefings and Q&ABriefing context, questions you ask
RevenueCat + SuperwallManage subscriptions and the paywallSubscription status, purchase events
Apple / GoogleProcess payments through their app storesPayment data per their own terms
SentryCaptures crashes so we can fix themDiagnostic data only — no recovery data
PostHogAnalytics and session replayUsage data, anonymized session replay
ExpoBuilds and updates our app, delivers push notificationsDevice tokens, push payloads
VercelHosts our website and provider dashboardsWeb visit data
KitManages our early-access email listName and email of waitlist signups
CloudflareDNS and email forwardingEmail routing
Exercise video vendor (final selection pending)Delivers exercise videosExercise session metadata

We work to put data processing agreements (DPAs) in place with each vendor — these contractually bind them to similar privacy standards.

If you add a provider (physical therapist, surgeon), they get a read-only link to your recovery dashboard. We tell you exactly what they see: timeline, exercise completion, pain trends, and milestones. They never see your community posts, your questions to the AI, or personal notes.

06How we use AI

Stride uses Anthropic's Claude family of models to generate your daily briefings, answer your questions, and triage symptom check-ins.

  • We send Claude the context it needs (your recovery day, recent symptoms, the question you asked) to give you a useful response.
  • We do not send Claude your name, email, or any identifier we don't need.
  • Anthropic does not train on your data. We use Anthropic's commercial API, which contractually prevents your data from being used to train models.
  • AI is not a doctor. The AI doesn't diagnose. When something looks safety-critical — fever, calf swelling, sudden sharp pain, signs of infection — we don't try to handle it; we route you to your provider or to emergency services.

07How long we keep it

  • Account and recovery data: for as long as you have an active account. When you delete your account, we delete it within 30 days, except where we need to keep records for legal or financial reasons (typically transaction records, retained for 7 years for tax compliance).
  • Community posts: anonymized after account deletion. We keep the content (it's useful to your cohort) but remove the link to you.
  • Diagnostic and analytics data: 13 months from collection.
  • Backups: 90 days. Deleted data may persist in encrypted backups during this window before being purged.

You can delete your account anytime from Settings > Account.

08Your rights

You can:

  • See your data. Request a copy of everything we have on you. Use Settings > Account, or email us.
  • Correct your data. Most fields are editable in-app. For anything else, email us.
  • Delete your data. Settings > Account > Delete account.
  • Export your data. Available in-app under Settings > Account.
  • Opt out of marketing. Every marketing email has an unsubscribe link. Transactional email (receipts, password resets, safety-critical alerts) can't be fully opted out of without deleting your account.
  • Object to specific processing. Email us with what you want and why; we'll work with you.

To exercise any of these, email team@goodstride.app. We respond within 30 days, usually faster.

09Children's privacy

Stride is for adults — 18 and older. We don't knowingly collect data from anyone under 18. If you believe a minor has created an account, please email us at team@goodstride.app and we'll delete it.

10State-specific rights (United States)

If you live in California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, or any other state with a comprehensive privacy law, you have additional rights — typically the same rights listed in section 8, plus the right to know the categories of data we collect, the right to non-discrimination for exercising your rights, and the right to appeal a denied request.

We don't sell personal data, and we don't share it with third parties for advertising. The "do not sell or share" rights under those laws don't apply to anything we do.

To exercise state-specific rights, email team@goodstride.app and tell us your state. We won't charge you, and we won't treat you differently for asking.

11International users

Stride is built for and available in the United States. If you access Stride from outside the US, your data is processed in the US. We don't currently target users outside the US.

12Security

We do our best to protect your data:

  • All data is encrypted in transit (TLS) and at rest (AES-256).
  • Our database uses row-level security. Even our own team can't read your recovery data without explicit authorization for a specific purpose (debugging, support).
  • We run security checks regularly and welcome vulnerability reports at team@goodstride.app (subject line: Security).

No system is perfectly secure. If we discover a breach that affects your data, we'll notify you promptly — typically within 72 hours of confirming the breach — with what happened, what we're doing about it, and what you should do.

13Changes to this policy

We may update this policy as Stride evolves or as laws change. If we make material changes, we'll notify you in-app and by email at least 30 days before the changes take effect. We'll keep older versions available so you can compare.

14Contact

For anything related to privacy, data, security reports, or general support, write to us at team@goodstride.app. We're a small team — a real person reads it.

↑ Back to top
STRIDE
© 2026 Stride · Recovery, day by day.
Privacy Terms Contact