top of page

Privacy Policy

Your data privacy is our priority at Burnner.

This policy applies to the Burnner app and burnner.com.

Last updated: March 2026

Who we are

Burnner is a social challenge platform where people create fitness challenges, set forfeits, and track outcomes. This Privacy Policy explains how we collect, use, share, and protect personal data across the Burnner app and burnner.com.

Contact

Privacy questions and requests: info@burnner.com

Please include “Privacy Request” in the subject line for access/deletion/rights requests.

What this policy covers

This policy explains:

 

  • What personal data we collect (including social features like feeds, groups, and leagues)

  • Why we collect it and the legal bases we rely on (UK GDPR where applicable)

  • How we use, store, and protect it

  • When we share it and with whom

  • How long we keep it

  • Your choices and rights

Information we collect

A) Information you provide

 

  • Account details (email, username, password or auth credentials)

  • Profile information (profile photo, display name, bio — if you add these)

  • Challenge and forfeit details you create (titles, descriptions, deadlines, outcomes)

  • Feed content you post (posts, captions/text, comments, reactions/likes; photos/videos if enabled)

  • Group/community features (group membership, invitations, roles, league participation and standings — if enabled)

  • Messages or support requests you send to us

 

B) Information collected automatically

 

  • Device and app data (device type, OS, app version, language)

  • Log and security data (IP address, timestamps, crash logs, performance metrics)

  • Usage data (features used, screens viewed, actions taken)

 

C) Information from third parties (only if you connect them)

 

  • Strava: forfeit verification only. We access limited activity fields under your permission. See our dedicated “Strava Data & Privacy” page for full details.

  • Payments/checkout providers (if you buy merch): order and fulfilment details. Payment card details are handled by the payment provider and are not stored by Burnner.

How we use your information

We use your information to:

  • Create and manage your account

  • Provide core features (create challenges, set forfeits, track outcomes, show stats)

  • Run social features (feeds, groups, community bets, and leagues where enabled)

  • Show challenge status and outcomes, including non-completion where applicable

  • Provide customer support and respond to requests

  • Improve reliability and security (fraud prevention, abuse prevention, debugging)

  • Send service messages (important updates, policy changes)

  • If you buy merch: process orders, fulfilment, returns, and customer service

Who we share information with

We do not sell your personal data. We share information only with service providers for app functionality, challenge participants, and legal authorities if required by law.

Note on Strava: We strictly adhere to Strava API Terms; your synced fitness data is used only for challenge verification within the app.

Who we share information with

We do not sell your personal data.

 

We share information only in these situations:

 

A) With other users (social features)

 

  • Depending on your settings and how the product works, other users may see your username/profile, challenges you participate in, and challenge outcomes/status (including non-completion) in the feed and in groups/leagues.

  • If you do not complete a forfeit within the allotted time, Burnner may display a non-completion status in the feed (“named and shamed”). If you later complete the forfeit, Burnner may update or remove that non-completion status as part of normal operation.

  • We do not share raw third-party fitness activity data (e.g., raw Strava activity records) with other users.

 

B) With service providers (processors)

We use trusted vendors to host data, deliver the app/site, send emails, provide analytics/crash reporting, and provide customer support tools. They process data on our behalf under contractual obligations.

 

C) For legal and safety reasons

We may share information if required to comply with law, enforce our policies, investigate abuse, or protect users, the public, or Burnner.

Legal bases for processing (UK/EU users)

Where UK GDPR/EU GDPR applies, we process personal data based on:

 

  • Contract: to provide the app and services you request

  • Legitimate interests: to secure, maintain, and improve Burnner (e.g., analytics, fraud prevention, safety, support)

  • Consent: where required (e.g., optional marketing emails, certain cookies). You can withdraw consent at any time.

  • Legal obligation: where we must comply with law or lawful requests

Data retention

We keep personal data only as long as necessary for the purposes described in this policy, including to provide the service, comply with legal obligations, and resolve disputes.

 

Examples:

 

  • Account data: kept while your account is active

  • Challenge/feed content: kept while needed to operate the service and maintain records of outcomes

  • Logs/security records: retained for a limited period for security, debugging, and fraud prevention

  • Merch orders: retained as required for fulfilment, returns, accounting/tax, and legal obligations

 

You can request deletion of your account. Some information may be retained where required by law or for legitimate interests (e.g., preventing fraud/abuse).

Your choices and rights

Depending on your location, you may have rights to:

  • Access your personal data

  • Correct inaccurate data

  • Delete your data (subject to certain exceptions)

  • Object to or restrict processing

  • Data portability

  • Withdraw consent (where processing is based on consent)

  • To make a request, email info@burnner.com with “Privacy Request” in the subject line.

Security

We use reasonable technical and organisational measures to protect your information. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security.

Cookies and tracking

We may use cookies and similar technologies to:

• Keep the site working (security, preferences)

• Understand how the site is used (analytics)

• Improve performance

 

You can control cookies through your browser settings and, where available, our cookie banner/settings.

Children’s privacy

Burnner is not intended for children under 16. We do not knowingly collect personal data from children under that age. If you believe a child has provided personal data, contact us and we will take steps to delete it.

International transfers

Your information may be processed in countries other than where you live, including where our service providers operate. Where required, we use appropriate safeguards to protect your data.

Strava Data & Privacy

If you connect Strava, please read our dedicated “Strava Data & Privacy” page. It explains:

• What Strava data we access

• Why we access it (forfeit verification only)

• Who can see it (only you)

• What we store (progress figures only, not raw activity data)

• How to disconnect (and what happens)

View Strava Data & Privacy
Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the “Last updated” date above.

Questions?

If you have questions about this Privacy Policy, contact us at  info@burnner.com

bottom of page