Last updated: June 2026
Structur ("we", "us", "our") is a fitness coaching platform that enables coaches to create structured training plans and distribute them to athletes, and to sync activity and health data from connected sources such as Garmin (via SweatStack) and Apple Health.
The data controller for your personal data is the Company Secretary of Structur.
This policy applies to all users of the Structur platform, including coaches and athletes. Structur is not intended for use by persons under the age of 18. By creating an account, you confirm that you are 18 years of age or older. If we become aware that a user is under 18, we will promptly delete their account and associated data.
We collect the following categories of personal data:
Account Data
Name, email address, and hashed password collected when you register. Club name and sporting discipline provided during onboarding.
Profile Data
Profile picture uploaded voluntarily.
Training Data
Workouts created by coaches, workout assignments, training schedules, and fitness activity and health-metric data (such as activities, resting heart rate, heart-rate variability, sleep, and body composition) synced from connected sources.
Health Data (special category)
Where a coach uses the Physical Activity Readiness Questionnaire (PAR-Q), we collect the health information you provide in it — including answers to health-screening questions and any injuries, medical conditions, medications and allergies you choose to disclose. This is "special category" personal data under UK GDPR Article 9, and we process it only on the basis of your explicit consent (Article 9(2)(a)), which you give when submitting the form and can withdraw at any time. See "Your Rights" below.
Device Connection Data
When you connect a device, we store the OAuth access and refresh tokens needed to sync data on your behalf. Garmin data is synced through our integration partner SweatStack; you authorise Structur by signing in to SweatStack, and we never see or store your Garmin or SweatStack password. (Direct COROS integration is not currently available.)
Apple Health Data (iOS app)
If you use the Structur iOS app and grant permission, the app reads workout and health-metric data from Apple Health (HealthKit) on your device and sends it to Structur to display your training. You control this permission on your device and can revoke it at any time in the iOS Settings app.
Communications Data
Messages sent between coaches and athletes within the platform.
Usage Data
We use Google Analytics (via Google Tag Manager) to collect anonymised data about how users interact with the platform, including pages visited, session duration, and device type. These analytics cookies load only after you accept them in our cookie consent banner.
Technical Data
IP address, browser type, and access logs collected automatically by our hosting infrastructure.
| Purpose | Legal Basis (UK GDPR) |
|---|---|
| Creating and managing your account | Contract performance |
| Delivering workouts to athletes | Contract performance |
| Syncing workouts and activity/health metrics to and from connected sources | Contract performance / Consent |
| Health screening (PAR-Q) to assess readiness to train | Explicit consent (Art. 9(2)(a)) |
| Sending transactional emails (invites, notifications) | Contract performance / Legitimate interests |
| Coach-athlete messaging | Contract performance |
| Improving the platform via analytics | Consent |
| Complying with legal obligations | Legal obligation |
We do not sell your personal data. We share data only with the following third-party service providers, solely for the purpose of operating the platform:
All third-party providers are required to handle your data in accordance with applicable data protection law and are subject to appropriate data processing agreements.
Some of our third-party service providers may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as UK International Data Transfer Agreements (IDTAs) or adequacy decisions, in accordance with UK GDPR Chapter V.
We retain your personal data for as long as your account is active. When you delete your account (in-app or by request):
You have the following rights regarding your personal data:
Some of these you can exercise directly in the app:
For any other right — including access to a copy of your data — contact us at privacy@structur.fit. We will respond within 30 days.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
We use essential session cookies necessary for authentication and platform operation; these do not require consent under UK GDPR. We also use non-essential analytics cookies (Google Analytics / Tag Manager), which load only after you accept them via our cookie consent banner — you can decline, and your choice is remembered. A dedicated cookie policy with the full list of cookies will be published alongside this policy.
We implement appropriate technical and organisational measures to protect your personal data, including password hashing, encrypted data transmission (HTTPS), and access-controlled infrastructure. No system is entirely secure, and we cannot guarantee absolute security of data transmitted over the internet.
We may update this Privacy Policy from time to time. Where changes are material, we will notify you by email or via a notice within the platform. The "last updated" date at the top of this page will always reflect the most recent version.
For any questions, concerns, or data subject requests relating to this Privacy Policy, please contact: