Privacy Policy

Effective Date: December 18, 2025

SHFT II ApS ("SHFT", "we", "us", or "our") is a company incorporated in Denmark under CVR number 39099926.

We value your privacy. This Privacy Policy explains how we collect, use, share, and protect personal data when you use our websites, mobile applications, connected devices, and related services (collectively, the "Services").

This Privacy Policy applies globally. Additional information and rights applicable to residents of certain regions, including the European Economic Area ("EEA") and the United States, are described in dedicated sections below.

For individuals in the United States, please also refer to our Consumer Health Data Policy.

1. Scope of This Privacy Policy

This Privacy Policy applies to:

  • The SHFT websites, including www.shft.run
  • Our webshops operated via Shopify (EU and US)
  • The SHFT mobile applications (iOS and Android)
  • SHFT physical running Pods and related firmware
  • Customer support, marketing, and communications

2. Data We Collect

2.1 Information You Provide

We may collect:

  • Account information (name, email address, username)
  • Profile and preference information
  • Communications with customer support
  • Subscription and purchase information (excluding full payment card details)

2.2 Device, App, and Usage Data

We automatically collect:

  • App usage data and interaction logs
  • Device identifiers, operating system, and app version
  • IP address and approximate location (derived from IP)

2.3 Fitness, Wellness, and Gait Data

When you use SHFT Pods and the SHFT App, we collect and process fitness and wellness data, including:

  • Running metrics (e.g. cadence, stride characteristics, pace)
  • Gait and motion data captured by SHFT Pods
  • Performance trends and activity summaries

Important: SHFT does not collect or process medical data or personal health data. The Services are designed for fitness, wellness, and performance purposes only and are not intended for medical diagnosis or treatment.

2.4 Payment Information

Payments for:

  • Hardware purchases are processed by Shopify
  • App subscriptions are processed by Apple App Store or Google Play

SHFT does not store full payment card information.

3. How We Use Data

We use personal data to:

  • Provide and operate the Services
  • Deliver coaching insights and performance analytics
  • Enable hardware–app functionality
  • Process purchases and subscriptions
  • Improve and develop our products
  • Communicate with users about updates and support
  • Comply with legal obligations

4. Legal Bases for Processing (EEA Users)

For users in the EEA, we process personal data based on:

  • Contractual necessity (to provide the Services)
  • Legitimate interests (e.g. product improvement, security)
  • Consent, where required (e.g. marketing communications)
  • Legal obligations

5. Sharing of Data

We may share personal data with:

  • Service providers and processors (e.g. cloud hosting, analytics)
  • Payment and e-commerce providers (Shopify, Apple, Google)
  • Authorities where required by law

We do not sell personal data.

6. Use of Anonymized and Aggregated Data

SHFT may create and use anonymized and aggregated data derived from the Services, including data related to fitness activities, gait patterns, and performance metrics.

This data:

  • Is processed in a manner that cannot reasonably identify any individual
  • Is irreversibly anonymized
  • Does not contain names, contact details, account identifiers, or other information that could be used to identify a user

SHFT may use such anonymized and aggregated data for purposes including:

  • Research and analysis
  • Product development and improvement
  • Statistical insights and trend analysis
  • Sharing with third parties, such as research institutions, commercial partners, or industry collaborators

Anonymized data is not personal data and is therefore not subject to data protection laws, including the GDPR.

7. International Data Transfers

SHFT operates internationally. Personal data may be transferred and processed outside your country of residence, including within the EU and other jurisdictions, using appropriate safeguards as required by law.

8. Data Retention

We retain personal data only for as long as necessary to:

  • Provide the Services
  • Fulfill legal and contractual obligations
  • Resolve disputes and enforce agreements

You may request deletion of your account at any time, subject to legal requirements.

9. Your Rights

9.1 EEA / GDPR Rights

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure
  • Restrict or object to processing
  • Data portability
  • Lodge a complaint with a supervisory authority

9.2 United States (California) Rights

California residents may have the right to:

  • Know what personal data is collected
  • Request deletion of personal data
  • Opt out of certain data sharing
  • Not be discriminated against for exercising privacy rights

10. Children

The Services are not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If we become aware that such data has been collected, we will take steps to delete it.

11. Security

We implement appropriate technical and organizational measures to protect personal data. However, no system is completely secure, and we cannot guarantee absolute security.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on our website with a revised "Last updated" date.

13. Governing Law

This Privacy Policy is governed by the laws of Denmark, without prejudice to mandatory rights under applicable data protection laws in your country of residence.

14. Contact Us

SHFT II ApS
CVR number: 39099926
Country of incorporation: Denmark
Email: privacy@shft.run
Website: https://www.shft.run

US ONLY

Consumer Health Data Policy (U.S.)

Effective Date: December 18, 2025

This Consumer Health Data Policy ("Policy") supplements the SHFT Privacy Policy and applies to the collection, use, and disclosure of consumer health data by SHFT II ApS ("SHFT", "we", "us", or "our") in relation to individuals residing in the United States.

This Policy is intended to provide disclosures required under applicable U.S. state consumer health data privacy laws, including the Washington My Health My Data Act and similar laws (collectively, "Applicable Laws").

Capitalized terms not defined in this Policy have the meanings given to them in the SHFT Privacy Policy.

1. What Is Consumer Health Data

For purposes of this Policy, Consumer Health Data means personal information that identifies or could reasonably be linked to an individual and that relates to physical health, fitness, or wellness, as defined under Applicable Laws.

In the context of SHFT, Consumer Health Data may include:

  • Fitness and activity data
  • Gait, motion, and performance metrics
  • Activity trends or summaries generated through use of the SHFT App, SHFT Pods, or connected devices

Consumer Health Data does not include data that has been irreversibly anonymized or aggregated such that it cannot reasonably be associated with an individual.

2. Categories of Consumer Health Data We May Collect

Depending on how you use the Services, SHFT may collect or process the following categories of Consumer Health Data:

  • Activity and performance measurements (such as cadence, gait patterns, and movement metrics)
  • Fitness or wellness-related data you choose to provide through the App or connected integrations

SHFT does not collect medical records or data used for medical diagnosis or treatment.

3. Sources of Consumer Health Data

We may collect Consumer Health Data from:

  • You, when you use the SHFT App or SHFT Pods
  • Connected devices or third-party services that you choose to link with the SHFT App (such as smartwatch applications), subject to your permissions

4. How We Use Consumer Health Data

We may use Consumer Health Data for the following purposes:

  • Providing and operating the SHFT App and related services
  • Delivering fitness insights, coaching guidance, and performance analytics
  • Improving and developing our products and services
  • Supporting device and application integrations
  • Complying with Applicable Laws

We do not use Consumer Health Data for purposes outside these categories without your authorization.

5. Sharing of Consumer Health Data

SHFT does not sell Consumer Health Data.

We may share Consumer Health Data only in the following circumstances:

  • With service providers and processors that perform services on our behalf under contractual obligations
  • With third parties that you explicitly authorize through integrations or account settings
  • Where required to comply with legal obligations or lawful requests
  • In connection with a corporate transaction, such as a merger or acquisition

We do not share Consumer Health Data for targeted advertising purposes.

6. Your Rights Regarding Consumer Health Data

Subject to Applicable Laws, you may have the right to:

  • Access Consumer Health Data that SHFT maintains about you
  • Request deletion of your Consumer Health Data
  • Withdraw consent for the collection or sharing of Consumer Health Data where consent is required
  • Confirm whether SHFT is collecting, using, or sharing your Consumer Health Data

You may exercise these rights by contacting us at privacy@shft.run.