ShoeCycle helps you track running shoes and log your runs. This policy describes what we collect, where it's stored, how long we keep it, and the choices you have. We've tried to write it in plain English. If something here isn't clear, email us at support@shoecycleapp.com.
What we collect
Account
When you sign up for the web app, we collect your email address and a password. The password is handled by Amazon Cognito — we never see or store it directly. Your email is used to verify your account and to reach you about your account if needed.
App data
The information you enter into ShoeCycle is yours: shoes (brand, model, dates, optional photo), run history (date and distance per shoe), and your settings (units, favorite distances, first day of week). We store this so the app can show it back to you across sessions and devices.
Analytics
We use Google Analytics 4 to understand how the app is used in aggregate — for example, are people actually logging runs, and which features get used. We do not send your user ID, email address, or any other account identifier with analytics events. We do not use analytics to profile a specific user, and we have no way to link an analytics event back to your account on our side.
GA4 sees a browser-side identifier (the _ga cookie, which it sets itself) and the country/region your IP suggests. That cookie is what lets GA4 tell a returning browser session apart from a new one; it is not tied to your ShoeCycle account.
Some events include small details about what you did, so the aggregate numbers are meaningful:
- When you add, edit, retire, or reactivate a shoe, we send the shoe brand (e.g., "Brooks"). The photo, dates, and maximum-distance setting are not sent.
- When you log a run, we send the distance, your unit preference (miles or kilometers), and your cumulative total mileage in that unit. We do not send the run's date, the shoe it was attached to, or any notes.
- Screen visits and a handful of feature-usage events (e.g., "user opened the favorite-distances picker") are sent without app data attached.
Error reporting and performance monitoring
The web app uses Amazon CloudWatch RUM to help us diagnose crashes and slow pages. This captures:
- Unhandled errors and failed network requests, including stack traces. Stack traces can incidentally include information that was on the page when the error happened. We strip query strings from auto-captured request URLs, so signed S3 upload URLs and similar credentials are not retained.
- A short trail of clicks (identified by which element you clicked, not by what was inside it) leading up to an error.
- Page-load and interaction performance metrics, along with approximate location derived from your IP address.
When you are signed in, these events are tagged with your Cognito user ID so we can group errors and performance issues by account during triage. They are not tagged with your email address.
We use this to fix bugs, not to profile users.
Support
If you fill out the contact form on this site, we receive your name, email address, and message so we can reply.
Where it's stored
Your account and app data live in Amazon Web Services in the United States (us-east-1 region). Data is encrypted at rest. App data tables have a 35-day point-in-time recovery window so we can recover from accidental loss.
Analytics events go to Google Analytics. Error and performance events go to Amazon CloudWatch RUM (also in us-east-1).
Cookies and local storage
The web app uses your browser's local storage to keep you signed in between visits. Google Analytics sets a _ga cookie to recognize returning sessions. CloudWatch RUM uses a separate session identifier to group events from the same browser session. None of these are advertising cookies, and we do not sell or share them with advertisers.
How long we keep it
We keep your account and app data for as long as your account exists. If you ask us to delete your account, we remove your account record and your app data. Analytics and error-monitoring events have their own retention periods set by the underlying services (Google Analytics and Amazon CloudWatch RUM); those are aggregate operational data and are not tied to your account after deletion.
Your choices
You can:
- Ask for a copy of the data we have about you.
- Ask us to delete your account and the app data attached to it.
- Ask us to correct something that's wrong.
Email support@shoecycleapp.com for any of these. We respond to requests from the email address on file.
Sub-processors
We rely on a small number of third parties to operate the app:
- Amazon Web Services — hosting, database, authentication (Cognito), file storage (S3), and error/performance monitoring (CloudWatch RUM).
- Google — analytics (Google Analytics 4) and reCAPTCHA on the contact form.
- Zoho — relays contact-form messages to our support inbox.
Optional integrations you control
On iPhone and Android, ShoeCycle can connect to services you authorize:
- Apple Health — read workout distances so you don't have to enter them by hand.
- Google Health Connect — same idea on Android.
- Strava — log your ShoeCycle runs to your Strava feed.
These integrations are off by default and only exchange data after you turn them on. You can disconnect them at any time from the app's settings or from the third-party service.
Children
ShoeCycle isn't directed at children under 13. If you believe a child has an account here, email support@shoecycleapp.com and we'll delete the account and the data attached to it.
Changes to this policy
When we make material changes, we'll update the effective date at the top of this page and, where appropriate, notify you in the app or by email.
Contact
Questions, requests, or concerns: support@shoecycleapp.com.