Privacy Policy

Last updated: 19 May 2026

1. Data we collect

We collect the email and password you give us at signup, and the OAuth token Garmin returns when you link your account. We pull metrics (sleep, HRV, activities, body battery, stress, training readiness) on your behalf.

2. How we store it

Encrypted PostgreSQL on EU-located VPS. Garmin tokens encrypted AES-256-GCM at rest. Passwords hashed with bcrypt cost 12.

3. Your rights (GDPR)

Access, rectification, erasure, portability — all available from your Profile page. We respond to written requests at hello@ryzeapp.fr within 30 days.

4. Sub-processors

None at the moment. We self-host everything.

5. Contact

hello@ryzeapp.fr