Back to DIALED

Privacy Policy

Last updated: February 20, 2026

1. Introduction

DIALED ("we", "us", "our") is a smart cycling coach platform operated by Krix Digital, based in the Netherlands. This privacy policy explains how we collect, use, store, and protect your personal data when you use our platform at dialed.krix.nl.

We are committed to protecting your privacy and processing your data in accordance with the General Data Protection Regulation (GDPR/AVG) and other applicable Dutch and European privacy laws.

2. Data We Collect

2.1 Account Information

  • Name, email address
  • Password (stored encrypted with bcrypt, never in plain text)
  • Cycling profile: FTP, weight, date of birth, max heart rate
  • Training preferences: available days, hours, indoor/outdoor

2.2 Garmin Connect Data

When you connect your Garmin Connect account, we may access and store the following data with your explicit consent:

  • Activity data: cycling activities, power data, heart rate, GPS routes, duration, distance
  • Health metrics: resting heart rate, HRV (Heart Rate Variability), sleep quality and duration, Body Battery, Training Readiness, stress levels
  • Device information: Garmin device type for workout compatibility

We use this data solely to provide personalized training plans and coaching advice. We never sell, share, or disclose your Garmin data to third parties.

2.3 Intervals.icu Data

When you connect your Intervals.icu account, we access your cycling activities and fitness metrics (CTL, ATL, TSB) via the Intervals.icu API to display training analytics and generate personalized plans.

2.4 Training Plans

Generated training plans, workout history, and schema progress are stored to provide continuity in your training program.

3. How We Use Your Data

We use your personal data exclusively for the following purposes:

  • Personalized training plans: generating structured cycling workouts tailored to your fitness level, goals, and availability
  • Adaptive coaching: adjusting training load based on your recovery status, HRV, sleep, and completed workouts
  • Workout delivery: pushing structured workouts to your Garmin device via Garmin Connect
  • Fitness analytics: displaying your fitness progression, form, and fatigue charts
  • Daily coaching advice: providing daily training recommendations

We do not use your data for advertising, profiling for third parties, or any purpose unrelated to your training experience.

4. Data Storage and Security

  • Your data is stored on secured servers located in the European Union (Akamai/Linode, Frankfurt region)
  • All communication is encrypted via TLS/HTTPS
  • Passwords are hashed using bcrypt and never stored in readable form
  • API keys and credentials are stored encrypted in our database
  • Server access is restricted to SSH key authentication only
  • We employ firewalls, intrusion detection (Fail2ban), and automatic security updates

5. Third-Party Services

DIALED integrates with the following third-party services:

  • Garmin Connect — to sync workouts to your Garmin device and retrieve health/activity data. Your Garmin credentials are handled securely via OAuth tokens. See Garmin's Privacy Policy.
  • Intervals.icu — to retrieve your cycling activities and fitness metrics. Data is accessed via your personal API key. See Intervals.icu Privacy Policy.
  • Model provider — for model-generated coaching advice. Only anonymized training context is sent; no personally identifiable information is shared with external providers.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data, training plans, and connected service credentials will be permanently removed within 30 days.

7. Your Rights (GDPR/AVG)

Under the GDPR, you have the following rights:

  • Right of access: request a copy of all data we hold about you
  • Right to rectification: correct inaccurate personal data
  • Right to erasure: request deletion of your account and all associated data
  • Right to data portability: receive your data in a machine-readable format
  • Right to withdraw consent: disconnect Garmin Connect or Intervals.icu at any time
  • Right to object: object to specific data processing activities

To exercise any of these rights, contact us at privacy@krix.nl. We will respond within 30 days.

8. Cookies

DIALED uses only essential cookies required for authentication (session tokens). We do not use tracking cookies, analytics cookies, or advertising cookies.

9. Children

DIALED is not intended for use by children under 16 years of age. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

11. Contact

If you have questions about this privacy policy or how we handle your data, please contact:

Krix Digital

Email: privacy@krix.nl

Website: dialed.krix.nl

Location: The Netherlands

© 2026 DIALED — Krix Digital. All rights reserved.