Legal

Privacy Policy

Effective date: January 1, 2026  ·  Last updated: April 1, 2026

Who we are

Tahomai is a product of Robots & Gizmos Inc., a Delaware S Corporation.

This Privacy Policy describes how Tahomai collects, uses, and protects information about you when you use the Tahomai mobile application and website at tahomai.app.

If you have questions, contact us at [email protected].

What data we collect

Account information

When you create a Tahomai account, we collect your name and email address via Firebase Authentication. Tahomai does not store your password directly.

Health and fitness data from connected sources

Tahomai connects to third-party devices and apps you choose to link — such as Strava, Garmin, WHOOP, Oura, Apple Health, and any other source you explicitly authorize. When you connect a source, Tahomai reads data including:

  • Activity and workout data (runs, rides, swims, strength sessions, and similar)
  • Health metrics (heart rate, heart rate variability, resting heart rate)
  • Sleep data (duration, quality, sleep stages)
  • Recovery and readiness scores
  • Nutrition and hydration logs (where provided by connected sources)
  • Location data embedded in activity files (such as GPS routes), as provided by the source app

Nutrition data you log directly

If you log meals, foods, or nutritional information directly through the Tahomai app, that data is stored in your account to power coaching recommendations.

Calendar and schedule data

If you grant Tahomai access to your calendar, we read schedule information to help your coach understand your time constraints. We do not store or share your calendar events beyond what is needed to generate coaching context for you.

Usage data

We collect standard usage data such as app interactions, device type, operating system version, and crash reports. This data helps us improve reliability and performance and is not tied to your health data.

How we use your data

To provide personalized coaching

All connected source data is used exclusively to generate personalized coaching insights for you — the authenticated user who connected that source. This is the sole purpose.

Your data is only ever shown to you. Tahomai never shares your health or fitness data with other users. Your data is never used to train AI models or any machine learning systems. Your data is never sold to third parties or used for advertising.

To improve the app

We use aggregated, de-identified usage data (never health data) to understand how the app is used and where we can improve the experience.

To communicate with you

We may use your email address to send important service updates, onboarding information, or responses to support requests. We will not send marketing email without your consent.

Strava-specific disclosure

Tahomai uses the Strava API to read activity data from users who explicitly connect their Strava account. In accordance with Strava's API Agreement:

  • Strava data is used only to generate personalized coaching feedback for the individual authenticated user
  • Strava data is never displayed to other users
  • Strava data is never aggregated across users in a way that could identify individuals
  • Strava data is never used to train AI or machine learning models
  • Strava may monitor and collect data related to Tahomai's use of the Strava API, in accordance with Strava's own privacy policy

How data is stored and protected

All data in transit is encrypted using HTTPS/TLS. Access to production data is restricted to authorized personnel. Authentication is managed by Google Firebase.

Data retention and deletion

We retain your data for as long as your account is active. You may request deletion of your account and all associated data at any time by emailing [email protected]. We will complete deletion requests within 30 days.

Third-party services

Tahomai uses the following third-party services, each governed by their own privacy policies:

  • Firebase Authentication (Google) — account management and sign-in
  • Strava API — activity data, read-only, user-initiated OAuth
  • Garmin Connect API — activity and biometric data, user-initiated
  • Apple HealthKit — health and fitness data including Apple Watch, iOS permission-gated
  • Additional sources (including WHOOP, Oura, and others) will be added in future releases; this list will be updated accordingly

Tahomai does not use advertising networks or sell data to data brokers.

Your rights

Depending on your location, you may have rights including access, correction, deletion, portability, and objection. Contact [email protected] to exercise any of these.

Children

Tahomai is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13.

Changes to this policy

When we make material changes, we will update the "Last updated" date and notify you by email or in-app notification where appropriate.

Contact

Robots & Gizmos Inc. / Tahomai
[email protected]