Last updated: March 29, 2026. Written in English, not legalese.
We don't see your data because the system was designed so we can't.
veloVigil is a data-sovereign architecture. Your biometric data is captured on your device, processed on your device, and stored in your own backend. The AI analysis runs on your own Claude account. We built the pipe. You own everything that flows through it.
Heart rate, HRV metrics (RMSSD, SDNN, pNN50), power, cadence, speed, GPS coordinates, elevation, and accelerometer data from your Polar H10. All of this is captured and initially processed on your Karoo head unit. Crash detection runs entirely on-device. We never receive crash alerts - your device handles them.
If you use the cloud sync features, your telemetry is stored in a Cloudflare D1 database. On the free tier, we host this for you with 7-day retention. On paid tiers, retention is unlimited. Either way, the data is associated with your rider ID and accessible only through your API endpoints.
If you deploy your own Cloudflare Worker (which we encourage and document), the data never touches our infrastructure at all. It goes from your Karoo to your Worker to your D1 database. We are not in that path.
When you connect Claude as your cycling coach, it reads your ride data through the API. That conversation happens between you and Anthropic. We are not a party to it. We don't see your prompts, your analysis, or your coaching recommendations.
Almost nothing.
That's the complete list.
This is the more important list.
We don't use cookies. Not first-party, not third-party, not "strictly necessary" cookies that somehow track you anyway. The site works without them. The extension works without them. There is no cookie banner because there are no cookies.
We don't share your data with third parties because we don't have your data to share. The architecture makes this a structural guarantee, not a policy promise.
The only third party involved is Stripe, if you choose a paid tier. Stripe receives your payment information to process your subscription. That's it.
If you're using our hosted backend (free tier): your data auto-deletes after 7 days. If you want it gone sooner, contact us and we'll wipe it.
If you're on a paid tier: delete your Cloudflare D1 database anytime. Your data, your delete button.
If you've deployed your own Worker: you have full control. We couldn't delete your data if we wanted to, because we don't have access to it.
To delete your account and any associated email: email robert@northwoodssentinel.com. We'll confirm deletion within 48 hours.
veloVigil is not directed at anyone under 13. We don't knowingly collect information from children. If you're a parent and believe your child is using veloVigil, contact us and we'll address it.
If we change this policy, we'll update the date at the top and post the changes here. For material changes (like if we ever started collecting data we don't currently collect), we'll notify users via email if we have their address.
The structural guarantee doesn't change: we built the system so your data stays yours. That's an architectural decision, not a policy decision. You can't policy-update your way out of an architecture.
Questions about privacy, data, or anything else:
Northwoods Sentinel LLC, Wisconsin, USA.