TrailKin

Privacy Policy

Last updated: April 2026

Who We Are

TrailKin is a crowd-sourced trail running platform. When we refer to "TrailKin", "we", "us", or "our" in this policy, we mean the TrailKin service and its operators. If you have questions about your data, contact us at .

What Data We Collect

  • Account data: Email address, username, gender (optional), and location (optional) — provided by you during registration.
  • Profile data: Avatar image, trail memories, training routes, and shoe records — all provided voluntarily by you.
  • Activity data: Meetups you create or register for, race interests you mark, and tips you submit.
  • Authentication data: We use Supabase's magic-link (passwordless) email authentication. We do not store passwords. Session tokens are managed by Supabase.

Why We Collect Your Data

  • To provide and operate the TrailKin service (legal basis: contract performance).
  • To display your profile and content to other users (legal basis: legitimate interest).
  • To send authentication magic links to your email address (legal basis: contract performance).
  • We do not sell your data to third parties, and we do not use your data for advertising purposes.

Data Storage & Security

Your data is stored securely via Supabase, which is hosted on AWS infrastructure in the EU region. Supabase is GDPR-compliant and acts as a data processor on our behalf. Data is encrypted at rest and in transit.

Cookies

TrailKin uses functional cookies and local storage to operate the service — specifically to maintain your authenticated session. We also use PostHog, a privacy-friendly analytics tool, to understand how the app is used and to improve the experience. PostHog may store cookies or local storage for this purpose. We do not use advertising cookies or third-party tracking cookies.

Data Retention

We retain your personal data for as long as your account is active. When you delete your account, all your personal data is permanently and immediately deleted from our systems, including your profile, content, and authentication credentials.

Your Rights Under GDPR

If you are in the European Economic Area (EEA), you have the following rights:

  • Right to access: Export all your data at any time from your profile page.
  • Right to erasure: Delete your account and all associated data permanently from your profile page.
  • Right to rectification: Update your profile information at any time from your profile page.
  • Right to object or restrict: Contact us at and we will respond within 30 days.
  • Right to lodge a complaint: You may file a complaint with your local data protection authority.

Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes by email. The "last updated" date at the top of this page reflects the most recent revision.

Questions about your data?