Legal
How Ultropic collects, uses, and protects your personal data.
This Privacy Policy (this “Policy”) explains how Ultropic (“Ultropic”, “we”, “us”, or “our”) collects, uses, shares, and protects your personal data when you use Ultropic, an AI running coach delivered as a web application. Ultropic builds personalised, periodised training plans and provides coaching, primarily for runners in Singapore and Southeast Asia.
Ultropic is built and operated by a Singapore-based founder. This Policy is written to comply with Singapore’s Personal Data Protection Act 2012 (the “PDPA”), and it also acknowledges privacy rights that may apply to users in the EU/UK and in California, as described below. This Policy forms part of, and should be read together with, our Terms of Service.
By creating an account or using Ultropic, you acknowledge that you have read and understood this Policy.
• Legal entity: Ultropic (UEN 53524950X)
• Registered address: 60 PAYA LEBAR ROAD, #06-28, PAYA LEBAR SQUARE, Singapore 409051
• Privacy contact email: privacy@ultropic.com
• Effective date: 14 June, 2026
Important Notice About AI and Health Data
Ultropic uses artificial intelligence to generate your training plans and coaching responses. To do this, your training context and health-related metrics (such as your running activities, distance, pace, heart rate, elevation gain, wellness metrics, perceived effort, and notes) are sent to OpenAI’s API, a third-party AI provider located outside Singapore.
We want this to be clear and prominent: your health and fitness data is processed by an external AI service in order to deliver the core coaching features of Ultropic. Per OpenAI’s API policy, data submitted to its API is not used to train OpenAI’s models. We only send the information needed to generate your plan or coaching response. If you do not wish to have your health-related data processed by AI in this way, please do not use Ultropic, as this processing is essential to how the product works.
What Data We Collect and Why
We collect the following categories of personal data.
Account information
• Your name and email address, which you provide when you sign up.
• If you sign in using Google or Apple, we receive basic account identification from that provider so we can create and access your account (see How We Share Data below).
We use this to create and secure your account, to identify you, and to communicate with you about the service.
Location information
• Your postal code, which you provide. We geocode this postal code into approximate coordinates (your “home base”).
We use your approximate location to suggest nearby running routes and to show local weather. We do not collect continuous or precise GPS tracking of your movements through the app.
Health and fitness data
If you connect your Intervals.icu account, we sync health and fitness data from it, including:
• Running activities, distance, pace, heart rate, and elevation gain.
• Wellness metrics, including fitness (CTL), fatigue (ATL), heart rate variability (HRV), and resting heart rate.
• Perceived effort (RPE) and notes.
We use this data to understand your training history and current condition so we can build appropriate, personalised training plans and provide coaching. As described above, this data is also processed by OpenAI’s API to generate AI plans and coaching.
Content you create in the app
• Training plans generated for you.
• Messages you send in the in-app coach chat.
We use this content to provide the coaching service, maintain your plan history, and support your experience within your account.
Payment information
• When you subscribe, your payment is handled by Stripe. Ultropic does not store your full card number. Stripe stores and processes your card details. We receive limited information from Stripe such as your subscription and payment status.
We use this to manage your free trial, subscription, and billing.
Legal Bases and Consent
Under the PDPA, we collect, use, and disclose your personal data with your consent and for purposes that a reasonable person would consider appropriate in the circumstances. By signing up and using Ultropic, and by connecting your Intervals.icu account, you consent to the collection, use, and disclosure of your personal data as described in this Policy. Where we process health-related data and share it with the third parties listed below, we rely on your consent, which you can withdraw at any time (see Your Rights and How to Exercise Them below).
For users located in the EU or UK, applicable data protection law (such as the GDPR) may give you additional rights. Where it applies, we process your personal data on legal bases such as: performance of our contract with you (to provide the service you signed up for); your consent (particularly for processing health-related data); and our legitimate interests (such as securing and improving the service), balanced against your rights.
For California residents, applicable law (such as the CCPA) may give you rights to know about, access, and delete the personal information we hold, and to not be discriminated against for exercising those rights. We do not sell your personal information.
These rights are acknowledged generically here; the specific mechanisms for exercising them are described under Your Rights and How to Exercise Them below.
How We Share Data — Third Parties (Sub-processors)
We do not sell your personal data. We share it with the following third-party service providers (“sub-processors”) only as needed to operate Ultropic. Each receives only the data necessary for its function.
• Intervals.icu — connected by you via OAuth. This is the source of your training and health data. Ultropic reads your activity and wellness data from Intervals.icu, and writes planned workouts back to your Intervals.icu calendar.
• OpenAI — receives your training context and health-related metrics through its API in order to generate training plans and coaching responses. Per OpenAI’s policy, API-submitted data is not used to train its models.
• Stripe — receives the information needed to process payments and manage your subscription, including your payment details, which Stripe stores (we do not).
• Resend — used to send transactional and account emails, such as trial reminders. It receives your email address and the content of those messages.
• Google — when you choose to sign in with Google, Google handles authentication and we receive basic account identification.
• Apple — when you choose to sign in with Apple, Apple handles authentication and we receive basic account identification.
• OneMap — a Singapore government mapping service used to geocode your postal code into coordinates. It receives the postal code or location query needed for geocoding.
• Open-Meteo — provides weather information for your area, based on your approximate location. It receives approximate coordinates.
• Render — provides application hosting and hosts the PostgreSQL database in which your data is stored.
• Cloudflare — provides CDN and proxy services through which traffic to Ultropic passes.
Cookies and Sessions
Ultropic uses a first-party cookie to keep you signed in. This authentication session is managed by the Better Auth library and is necessary for the app to function, because without it we cannot keep you logged in.
We do not use third-party advertising trackers, and we do not use cookies to build advertising profiles of you or to track you across other websites.
International Data Transfers
Ultropic is operated from Singapore, but some of our sub-processors are located in, or process data in, other countries (for example, OpenAI and Stripe). This means your personal data, including health-related data sent to OpenAI, may be transferred to and processed on servers outside Singapore.
In line with the PDPA’s transfer requirements, we take steps so that personal data transferred overseas continues to receive a standard of protection comparable to that under the PDPA, including by relying on our service providers’ own contractual and security commitments. Where the GDPR or other laws apply to you, such transfers are made on the legal bases described above.
Data Security
We take reasonable measures to protect your personal data against unauthorised access, use, disclosure, alteration, and loss. These include access controls and reliance on reputable infrastructure providers (such as Render and Cloudflare).
No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for using a strong, unique password.
Data Retention
We retain your personal data for as long as your account is active and as needed to provide the service, and thereafter only as long as necessary for the purposes described in this Policy or as required by law. When data is no longer needed, we take steps to delete or anonymise it.
• Retention period for account data: until the end of the retention period following account deletion
• Retention period for health and fitness data: until the end of the retention period following account deletion
• Retention period for coach chat and training plan content: until the end of the retention period following account deletion
• Retention period after account deletion: 6 months
Children
Ultropic is not intended for children. You must be at least 18 years old to create an account and use the service. We do not knowingly collect personal data from anyone under this age. If you believe a child has provided us with personal data, please contact us and we will take steps to delete it.
Your Rights and How to Exercise Them
You have control over your personal data. Subject to applicable law, you can:
• Access the personal data we hold about you.
• Correct personal data that is inaccurate or incomplete.
• Export your data.
• Delete your data and delete your account.
• Disconnect your Intervals.icu account at any time, which stops further syncing of your training and health data.
• Withdraw your consent to our collection, use, or disclosure of your personal data. Note that if you withdraw consent for processing that is essential to Ultropic (such as AI processing of your health data), we may no longer be able to provide the service.
Some of these actions can be performed directly in the app. To make any of these requests, or if you have questions about your data, contact us at privacy@ultropic.com. We will respond within a reasonable time and in accordance with applicable law. We may need to verify your identity before acting on a request.
If you are in the EU/UK or California, you may have additional rights under the GDPR or CCPA respectively, as acknowledged above; you can exercise these by contacting us at the same email.
Changes to This Policy
We may update this Policy from time to time to reflect changes to the service, our practices, or the law. When we make material changes, we will update the effective date and, where appropriate, notify you. Your continued use of Ultropic after an update means you accept the revised Policy.
Contact Us
If you have any questions, concerns, or requests regarding this Policy or your personal data, please contact:
• Ultropic (UEN 53524950X)
• 60 PAYA LEBAR ROAD, #06-28, PAYA LEBAR SQUARE, Singapore 409051
• privacy@ultropic.com
If you are in Singapore and are not satisfied with our response, you may contact the Personal Data Protection Commission (PDPC).