Your data, plainly.
Tuin is a tool shared between friends, not a company harvesting data. Here is exactly what it keeps and what it never does.
What Tuin stores
Your name and photo from Strava, your OAuth tokens (server-only, never sent to the browser), your training plan and chat history, and derived training numbers per run — distance, time, elevation, average heart rate, and computed training stress (TSS/NGP).
What Tuin never stores
Raw GPS tracks, per-second streams, or your location history. Streams are read once, in memory, to compute a run's training stress — then discarded. This is also what Strava's API agreement requires.
Who sees it
Only you see your data — every table is keyed to your athlete ID and locked behind server-only access. Run summaries, your plan, and chat are sent to Anthropic's Claude API to generate coaching, and nowhere else.
Delete everything, any time
One click on the dashboard ("Delete my data") erases your account, tokens, plan, chat, and every derived number — immediately and irreversibly, honoring the GDPR right to erasure. You can also just ask Jordi, the data custodian for this group.