Last updated: May 2026
Legal & Privacy Policy
This page covers the terms of use and GDPR privacy policy for Podium.
Terms of Use
1. Service description
Podium is an athlete portfolio platform that lets you track your personal records, race participations, and training activities, and share them via a public profile page.
2. Access and account
You must be at least 16 years old to create an account. You are responsible for maintaining the confidentiality of your login credentials and for all activity under your account.
3. Your content
You retain ownership of the data you enter. By using Podium you grant us a limited licence to store and display your content for the purpose of operating the service.
4. Prohibited conduct
You may not use Podium to publish false information, infringe third-party rights, attempt to circumvent security measures, or use the service in any way that violates applicable law.
5. Service availability
Podium is provided "as is". We do not guarantee uninterrupted availability and may modify or discontinue features at any time.
6. Limitation of liability
To the extent permitted by law, Fabien Schwob shall not be liable for indirect, incidental, or consequential damages arising from use of the service.
7. Governing law
These terms are governed by French law. Any dispute shall be submitted to the competent courts of France.
Privacy Policy
Data controller
Fabien Schwob
[Your address — required by GDPR]
Contact: [email protected]
Data we collect
- Account data: email address, username, password (hashed)
- Profile data: display name, bio, avatar photo, sports, city/country
- Athletic data: activities (type, distance, duration, date), personal records, race participations and results
- Strava connection: OAuth access token and refresh token (stored encrypted), your Strava athlete ID
Why and on what legal basis
| Purpose | Legal basis |
|---|---|
| Creating and managing your account | Contractual necessity (Art. 6.1.b) |
| Displaying your public profile | Contractual necessity / Legitimate interest (Art. 6.1.f) |
| Syncing activities from Strava | Consent — you explicitly connect your Strava account (Art. 6.1.a) |
| Sending transactional emails | Contractual necessity (Art. 6.1.b) |
| Error monitoring and service security | Legitimate interest (Art. 6.1.f) |
Third-party processors
| Processor | Role | Location |
|---|---|---|
| Strava, Inc. | OAuth authentication, activity import | USA |
| Sentry (Functional Software, Inc.) | Error tracking — may capture IP addresses and user identifiers | USA |
| OVH SAS | Web hosting and data storage | France (EU) |
| Fastmail Pty Ltd | Transactional email delivery | Australia |
Transfers to the USA (Strava, Sentry) are covered by Standard Contractual Clauses or equivalent safeguards.
Your rights
Under GDPR you have the right to: access your data, correct inaccurate data, request deletion of your data, receive a copy of your data in a portable format, restrict or object to processing, and withdraw consent for Strava at any time by disconnecting via the Integrations page.
To exercise any of these rights, contact: [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the CNIL.
Cookies
Podium uses a single session cookie (strictly necessary) to keep you logged in. No advertising or analytics cookies are used.
Data retention
Your data is retained for as long as your account is active. On account deletion, personal data is removed within 30 days, except where we are required to retain it by law.
Changes to this policy
We may update this page. The "last updated" date at the top indicates when changes were last made. Continued use of Podium after changes constitutes acceptance.