Privacy Policy
Version 1.4 · Effective 8 April 2026
1. Who we are
TillerWise (“we”, “us”, “our”) is operated by TillerWise, trading as TillerWise, based in England, United Kingdom. We are the data controller for the personal data processed through this application. If you have questions about how we handle your data, contact us at lucas@tillerwise.com. If you need our postal contact details for a legal notice or data-rights request, email us and we will provide them promptly.
2. What data we collect and why
We only collect data that is necessary to provide the sailing analytics service. The table below lists each category of personal data, the purpose of processing, and the legal basis under UK GDPR.
| Data | Purpose | Lawful basis |
|---|---|---|
| Email & display name | Account creation and authentication | Contract performance (Art 6(1)(b)) |
| Profile details | Personalise your account (bio, location, boat type, experience level, club affiliation, avatar) | Legitimate interest (Art 6(1)(f)) |
| GPS track files & derived data | Core service: replay maps, metrics, coaching insights, session scoring | Contract performance (Art 6(1)(b)) |
| Location coordinates (weather) | Sent to Open-Meteo (reduced precision) to enrich sessions with weather context | Legitimate interest (Art 6(1)(f)) |
| GPS coordinates (map rendering) | Sent to Mapbox in your browser to render the replay map | Legitimate interest (Art 6(1)(f)) |
| Strava / Garmin connections | Connect your account and request activity imports from connected providers | Consent (Art 6(1)(a)) |
| Imported provider activity data | Activity identifiers, titles, sport types, timestamps, track streams, and related metadata received from Strava or Garmin when you connect them | Consent (Art 6(1)(a)) |
| Support requests | Respond to questions and resolve issues you report | Contract performance (Art 6(1)(b)) |
| Browser-side analytics | Understand how the service is used in the browser (page views, feature usage, click patterns). Only collected if you accept the analytics consent banner. No name or email is transmitted. | Consent (Art 6(1)(a)) |
| Server-side analytics & error monitoring | Record key actions (sessions uploaded, exports requested, integrations connected) and capture server-side exceptions to improve reliability. Events are keyed to your internal user ID — no name or email is transmitted. | Legitimate interest (Art 6(1)(f)) |
| Anti-abuse challenge data | Verify sign-in and sign-up attempts using Cloudflare Turnstile and reduce automated abuse, credential stuffing, and spam | Legitimate interest (Art 6(1)(f)) |
Some personal data is collected from you directly, and some comes from other services when you ask us to connect to them. If you connect Strava or Garmin, we receive provider account identifiers, activity metadata, and eligible GPS track data from those services at your request.
3. Automated decision-making
TillerWise uses algorithms to generate session scores, coaching insights, manoeuvre quality labels, and VMG analysis from your GPS track data. These are informational aids to support your training. No decisions with legal or similarly significant effects are made solely by automated processing.
4. Who we share data with
We share personal data only with the processors listed below, and only to the extent necessary to operate the service.
| Processor | Data shared | Purpose | Location |
|---|---|---|---|
| Supabase | All account, session, and file data | Database, authentication, file storage | EU / US |
| Open-Meteo | Approximate location coordinates and session timestamps | Historical weather enrichment | Germany (EU) |
| Mapbox | GPS coordinates (client-side only) | Interactive map rendering in your browser | US |
| Strava | OAuth tokens, activity sync requests, provider identifiers | Activity import (when you connect) | US |
| Garmin | OAuth tokens, activity sync requests, provider identifiers | Activity import (when you connect) | US |
| Cloudflare Turnstile | Challenge request metadata, browser and device signals, IP-derived anti-abuse signals, and challenge tokens | Bot detection and abuse prevention on auth forms | EU / US |
| PostHog | Internal user ID and behavioural event metadata (e.g. activity type, export format, support category). No GPS data, email, or display name. | Product analytics and server-side error monitoring | EU |
Where processors are located outside the UK, we rely on UK adequacy regulations or UK International Data Transfer Agreements (IDTAs) to ensure your data remains protected.
If you connect Strava, Strava may monitor and collect usage data related to your use of the Strava API within TillerWise and may use that data for its own business purposes, as described in the Strava API Agreement. If you delete an activity on Strava, TillerWise will reflect that deletion within 48 hours.
5. How long we keep your data
| Data | Retention |
|---|---|
| Account and profile | Until you delete your account |
| Sessions and GPS data | Until you delete the session or your account |
| Data exports | 7 days after generation, then automatically deleted |
| Support requests | Until you delete your account |
| Provider connections | Until you disconnect or delete your account |
| Deletion audit records | 3 years (to demonstrate compliance) |
6. Your rights
Under UK GDPR you have the right to:
- Access — request a copy of all personal data we hold about you.
- Rectification — correct inaccurate or incomplete data via your profile settings.
- Erasure — delete your account and all associated data from your profile page.
- Data portability — download your data in a machine-readable format from your profile page.
- Restrict processing — request that we limit how we use your data.
- Object — object to processing based on legitimate interest.
- Withdraw consent — disconnect Strava or Garmin at any time from your integrations page, and turn browser analytics on or off from the privacy controls below or from your profile page.
To exercise any of these rights, use the controls on your profile page or contact us at lucas@tillerwise.com. We will respond within one month.
7. Browser storage, analytics, and abuse prevention
TillerWise uses browser localStorage (not cookies) for two purposes:
- Authentication (strictly necessary) — to maintain your login session. This storage is essential for the service to function and does not require consent.
- Product analytics (consent required) — if you accept analytics, PostHog stores a pseudonymous identifier in localStorage to link your in-app actions (page views, feature usage) across a session. This identifier is a random UUID associated with your internal account ID after login. No name or email address is transmitted to PostHog.
We do not set tracking cookies or advertising pixels. Under PECR, localStorage used for non-essential purposes such as analytics requires your consent. When you first visit TillerWise, a consent banner is displayed. Analytics data is only collected if you accept. You can change your choice at any time using the controls below or from the privacy section of your profile page.
If you decline analytics, PostHog will not capture any browser-side events or store any analytics identifiers. Authentication storage continues to function regardless of your analytics choice.
We also load Cloudflare Turnstile on sign-in and sign-up forms to help block bots and credential abuse. Turnstile is used as a security control rather than for advertising or product analytics.
In addition to browser-side analytics, our servers send pseudonymous events (keyed to your internal user ID, not your email or name) to PostHog’s EU infrastructure when you perform actions such as uploading a session, requesting an export, or connecting an integration. Server-side exception autocapture is also enabled to help us detect and fix errors. These server-side events are processed under legitimate interest (Art 6(1)(f)) and are not affected by your browser consent choice.
Analytics preferences
Browser-side product analytics are optional. Strictly necessary authentication storage and anti-abuse checks continue to operate regardless of this choice.
You have not chosen a browser analytics preference yet.
8. Children
TillerWise is not directed at children under 13. By creating an account you confirm that you are at least 13 years old, in accordance with the UK Data Protection Act 2018.
9. Security
We implement appropriate technical and organisational measures to protect your data, including encrypted connections (TLS), row-level security on all database tables, scoped storage access policies, and regular dependency updates. No system is completely secure, and we encourage you to use a strong, unique password for your account.
10. Changes to this policy
We may update this policy from time to time. If we make material changes, we will notify you by email or through the application before they take effect. The version number and effective date at the top of this page will always reflect the latest revision.
11. Complaints
If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
- Website: ico.org.uk
- Telephone: 0303 123 1113