🔐 Privacy Policy 🔄 Last Updated: 12 February 2026

Privacy Policy

This Privacy Policy explains how ISAK Lazybot (“we”, “us”) handles information when you use our student wellness rewards Service. The program is designed for students (typically ages 15–19) and is run as a non-profit school initiative.

Plain-English summary: We connect to Strava only to calculate your weekly points. Your Strava-derived data is visible only to you. We don’t show maps. We don’t sell data. We delete activity-specific scoring data after the current week (and never keep Strava data cached for more than 7 days).

1) Information we collect

We collect only what we need to run the weekly points program.

  • From Strava (with your permission): activity summary metrics required for scoring, such as distance, pace, and elevation gain (and any other minimal fields needed to compute points).
  • Basic identifiers: a Strava athlete identifier and/or a Service account identifier so we can match activities to your account and compute your points.
  • Support messages: if you email us, we receive the contents of your message and your email address.
  • WhatsApp Communication: We may communicate with users via direct message on WhatsApp for program administration (for example: support, points questions, and reward coordination). When you message us on WhatsApp, we and WhatsApp may process your phone number/WhatsApp account identifier, the content of messages you send, and related metadata (such as timestamps and delivery status). WhatsApp is a third-party service and your use of it is subject to WhatsApp/Meta’s own terms and privacy practices. Please avoid sending sensitive personal information via WhatsApp. You can opt out of WhatsApp communication at any time by contacting us at hamrozqosimov@gmail.com.

We do not display activity maps, and we do not collect unnecessary profile details for scoring.

2) How we use information

  • Weekly points calculation and verification.
  • Fraud/abuse prevention (e.g., detecting obvious manipulation or anomalous patterns).
  • Support (helping you disconnect Strava, fix issues, or answer questions).

We do not use Strava data for advertising, targeted advertising, or marketing.

3) Sharing and disclosure

We do not sell personal information and we do not share Strava-derived data with other users.

  • Other users: your Strava-derived activity data is visible only to you inside the Service unless you give explicit consent.
  • Service providers: we may use basic infrastructure providers (e.g., hosting) to run the Service. They process data only to provide the infrastructure and not for their own purposes.

4) Retention and deletion

  • Weekly deletion: activity-specific scoring data is stored only for the duration of the current week, then automatically and permanently deleted.
  • Cache limit: we do not keep Strava data cached longer than 7 days.
  • Disconnect or request deletion: if you revoke Strava access or ask us to delete your data, we delete Strava-derived data we control as soon as reasonably possible.

5) Security

We use reasonable administrative and technical safeguards to protect data (e.g., access controls and encrypted connections such as HTTPS). However, no system can be guaranteed 100% secure.

6) Your choices and controls

  • Disconnect Strava: you can revoke the Service’s access in your Strava settings at any time.
  • Request deletion: you can email us to request deletion of your Service account identifiers or data.
  • Access: you can request a copy of the data we currently hold about you.

7) Strava-specific notes

  • Strava Data for a specific user is shown only to that user inside the Service unless the user explicitly consents otherwise.
  • Strava may collect and use usage data related to our access to the Strava API.
  • Strava API Agreement: https://www.strava.com/legal/api

8) Contact

Questions or deletion requests:

hamrozqosimov@gmail.com

🗓️ Weekly deletion 🙅 No maps 🙈 No sharing to others ⛔ No targeted ads