Terms of Service

Last updated:

Privacy Policy

Last updated: February 2026

Business Details: Rocket Endurance Pty Ltd Website: joinrocket.app Email: admin@joinrocket.app Location: Sydney, NSW, Australia

1. Introduction

This Privacy Policy explains how Rocket Endurance Pty Ltd (“we”, “us”, or “our”) collects, uses, discloses, and protects your personal information, including health information, in accordance with applicable privacy laws including:

  • Privacy Act 1988 (Cth) and Australian Privacy Principles (APPs) for Australian users
  • General Data Protection Regulation (GDPR) (EU) 2016/679 for European Economic Area (EEA) users
  • Other applicable data protection laws worldwide

By using Rocket, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

Account Information

We may collect:

  • Name
  • Email address
  • Date of birth
  • Gender
  • Username and password
  • Profile photo (optional)
  • Country/region
  • Language preferences

Health and Fitness Data

We may collect:

  • Physical activity data (steps, distance, workouts, exercise duration)
  • Biometric data (heart rate, weight, height, BMI)
  • Sleep patterns and quality
  • Calorie intake and nutritional information
  • Health goals and fitness objectives
  • Training plans
  • Race goals
  • Performance metrics

Device and Usage Information

We may collect:

  • Device type
  • Operating system
  • Unique device identifiers
  • IP address
  • Approximate location data (with your consent)
  • App usage patterns
  • Features accessed
  • Performance data
  • Crash reports and diagnostic information

Third-Party Integration Data

We may collect data from:

  • Connected fitness devices and smartwatches
  • Garmin Connect
  • Strava
  • Apple HealthKit
  • Google Fit
  • Social media accounts (if connected)

This data is collected only with your permission.

3. How We Collect Information

We collect information:

  • Directly from you when you create an account or use the app
  • Automatically through device sensors and app usage
  • From connected third-party devices and applications (with consent)
  • Through cookies and similar tracking technologies

4. Garmin Connect Integration

With your explicit consent, Rocket may access the following Garmin Connect data:

  • Activity data
  • Heart rate data
  • Training status
  • Body composition
  • Sleep data
  • Daily summaries
  • Device information

This data is used exclusively to:

  • Personalise your training plan
  • Auto-populate completed workouts
  • Push scheduled workouts to your device
  • Calculate fitness scoring
  • Monitor compliance and recovery
  • Provide progress insights

We do not use Garmin Connect data for:

  • Advertising
  • Marketing profiling
  • Sale to third parties

All data is encrypted:

  • In transit using TLS 1.2+
  • At rest using AES-256

You may disconnect Garmin Connect at any time through:

Settings → Integrations → Garmin Connect → Disconnect

Or via Garmin Connect at:

connect.garmin.com

5. Strava Integration

With your explicit consent via OAuth 2.0, Rocket may access:

  • Activity data
  • Athlete profile
  • Performance metrics

This data is used exclusively to:

  • Sync completed activities
  • Match against planned workouts
  • Inform plan adaptations
  • Display progress trends

You may disconnect Strava at any time through:

Settings → Integrations

Or via:

strava.com/settings/apps

6. Legal Basis for Processing (GDPR)

For EEA users, we process personal data based on:

  • Consent — GDPR Article 9(2)(a)
  • Contract Performance — Article 6(1)(b)
  • Legitimate Interests — Article 6(1)(f)
  • Legal Obligation — Article 6(1)(c)

7. How We Use Your Information

We use your information to:

  • Provide and personalise fitness and health tracking services
  • Analyse activity patterns and provide insights
  • Monitor progress toward goals
  • Send notifications and reminders (with consent)
  • Improve app features and user experience
  • Provide customer support
  • Conduct research and analytics using aggregated or de-identified data
  • Ensure security and prevent fraud
  • Comply with legal obligations
  • Send marketing communications (only with consent)

8. Disclosure of Your Information

We may share information with:

  • Service providers (cloud storage, analytics, support, payment processing, email services)
  • Healthcare professionals (only with explicit consent)
  • Legal authorities when required by law
  • Parties involved in business transfers such as mergers or acquisitions

We do not sell personal information to third parties for marketing purposes.

9. International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence.

For EEA users, transfers are protected through:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • Explicit consent
  • Other safeguards under GDPR Article 46

10. Data Security

We implement security measures including:

  • Encryption in transit (TLS/SSL)
  • Encryption at rest (AES-256)
  • Secure authentication
  • Multi-factor authentication options
  • Regular security audits
  • Access controls
  • Incident response procedures

However, no method of transmission or storage is completely secure.

11. Data Retention

We retain information:

  • While your account is active
  • As necessary to provide services
  • As required by law
  • For legitimate business purposes

Financial records may be retained for up to 7 years where legally required.

When data is no longer needed, it is securely deleted or anonymised.

12. Your Rights

Australian Users

You have rights to:

  • Access your data
  • Correct your data
  • Request deletion
  • Make complaints

EEA Users

You have rights under GDPR including:

  • Right of access (Article 15)
  • Right to rectification (Article 16)
  • Right to erasure (Article 17)
  • Right to restriction (Article 18)
  • Right to data portability (Article 20)
  • Right to object (Article 21)
  • Right to withdraw consent (Article 7(3))

Response Times

  • Australian users: within 30 days
  • EEA users: within 1 month

Contact: admin@joinrocket.app

13. Managing Your Information

You may:

  • Update your profile in Settings
  • Control device permissions and integrations
  • Export your data via Settings → Data Export
  • Adjust notification preferences
  • Delete your account via Settings → Account → Delete Account

14. Children's Privacy

Rocket is not intended for children under 16 years of age.

We do not knowingly collect personal information from children without parental consent.

15. Third-Party Services

Rocket may integrate with:

  • Garmin Connect
  • Strava
  • Apple HealthKit
  • Google Fit
  • Wahoo
  • COROS
  • Payment processors

These third parties maintain their own privacy policies.

16. Changes to This Policy

We may update this Privacy Policy periodically.

Material changes may be communicated through:

  • Email
  • In-app notifications
  • Updated website postings

Continued use of Rocket indicates acceptance of the updated policy.

17. Complaints

Australian Users

Contact us at:

admin@joinrocket.app

We will respond within 30 days.

You may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

www.oaic.gov.au

EEA Users

You may lodge a complaint with your local supervisory authority.

18. Contact Us

Rocket Endurance Pty Ltd Email: admin@joinrocket.app Website: joinrocket.app Location: Sydney, NSW, Australia

19. Consent for Sensitive Information

By using Rocket and providing health and fitness data, you expressly consent to our collection, use, and disclosure of sensitive health information as described in this Privacy Policy.

You may withdraw consent at any time through Settings, although doing so may limit app functionality.