When you create an account, we collect your name, email address, and location (city/state). If you opt in to SMS notifications, we also collect your mobile phone number in E.164 format. When you log activities manually, we store the details you provide: date, distance, elevation, duration, and how the run felt. If you connect Strava, we perform a one-time import of your activity history — distance, elevation, duration, activity name, and sport type. We do not store your Strava access token after the import is complete. If you connect Garmin, we import your activity history from Garmin Connect — activity name, date, distance, elevation, duration, sport type, and device model. We request your explicit consent before accessing any Garmin data, and you may revoke access at any time from your account settings. If you connect COROS, we import your activity history from COROS — activity name, date, distance, elevation, duration, and sport type. We request your explicit consent before accessing any COROS data, and you may revoke access at any time from your account settings. We do not store GPS tracks or detailed activity streams from either Strava or Garmin unless you explicitly request route features.

We do not collect GPS tracks, heart rate data, or detailed activity streams from Strava. We do not sell your data. We do not serve ads. We do not share your data with third parties except as described below. We do not collect GPS tracks or raw FIT file data from Garmin unless you explicitly initiate a feature that requires it.

Your activity data is used solely to power your personal dashboard — streak tracking, weekly progress, race calendar, and activity history. If you make your profile public, your display name, location, and activity stats are visible to other Obsession users.

When you create or join a club, we store your membership, role, and activity within the club. When you RSVP to events, we store your registration status, attendance records, and check-in/check-out times. Club administrators can view member lists and attendance records for their clubs.

When you sign a waiver on the platform, we store: your typed legal name, IP address, browser/device information (user agent), timestamp, and a snapshot of the exact waiver text you agreed to. This data is retained permanently as a legal record and cannot be deleted. Waiver signature data is shared with the club or event organizer who required the waiver. Club administrators can export waiver signatures for their events.

You may provide emergency contact information (name, phone number, relationship) for use during club events. This information is stored on your profile and shared only with event organizers for safety purposes during events you attend. Emergency contacts are not displayed on your public profile.

For paid events and club activities, payments are processed by Stripe. We do not store your full credit card number. We store transaction records including: amount, date, event/club context, and Stripe payment reference IDs. Payment data is shared with the relevant club's Stripe Connect account. For information on how Stripe handles your data, see the Stripe Privacy Policy.

Club events may include location information (venue name, address, coordinates). If geo-fenced check-in is enabled for an event, your approximate location may be used at the time of check-in to verify attendance. We do not continuously track your location.

Users between ages 13–17 may use the platform. For waiver signing, users under 18 must have a parent or legal guardian sign on their behalf. We do not knowingly collect additional personal information from minors beyond what is required for account creation and platform use.

We use the following services to operate Obsession: Clerk (user authentication), Vercel (hosting), Neon (database infrastructure), and Resend (email delivery). Each of these services has their own privacy policy governing their data handling.

Strava: If you choose to connect Strava, we perform a one-time import of your activity history with your explicit authorization. We do not retain your Strava access token after the import is complete and do not have ongoing access to your Strava account.

Garmin Connect: If you choose to connect Garmin, we access your activity data from Garmin Connect via the Garmin Connect API, with your explicit consent. We collect activity summaries including activity name, date, distance, elevation, duration, sport type, and the Garmin device model used to record the activity. We use device model information solely to display proper data attribution as required by Garmin's developer guidelines. You may revoke Garmin access at any time from your account settings, at which point we will no longer receive new data from Garmin Connect. For information on how Garmin handles your data, see the Garmin Connect Privacy Policy.

COROS: If you choose to connect COROS, we access your activity data from COROS via the COROS API, with your explicit consent. We collect activity summaries including activity name, date, distance, elevation, duration, and sport type. You may revoke COROS access at any time from your account settings, at which point we will no longer receive new data from COROS. For information on how COROS handles your data, see the COROS Privacy Policy.

Twilio: If you opt in to SMS streak reminders, we use Twilio to deliver text messages to your mobile phone number. Your phone number is shared with Twilio solely for message delivery. We send a maximum of one message per day, only if you have not logged a qualifying run that calendar day. You may opt out at any time by replying STOP to any message, toggling off SMS in your account settings, or removing your phone number. For information on how Twilio handles your data, see the Twilio Privacy Policy.

For details on how each integration works, see our Integrations page.

Your data is retained as long as your account is active. If you delete your account, your data is scheduled for permanent deletion within 30 days. You may request immediate deletion by emailing jamil@deadreckoninglabs.com. Exception: waiver signatures are retained permanently as legal records and are exempt from deletion requests. This is required for compliance with event liability and insurance obligations.

You may export, edit, or delete your activity data at any time from your account settings. You may delete your account at any time. For any privacy questions, contact jamil@deadreckoninglabs.com.