Garmin Privacy Policy

OptiFit Security and Privacy Policy

Last Updated: July 7, 2025

At OptiFit (“we,” “us,” or “our”), we are committed to protecting the privacy and security of our users’ personal information. This Security and Privacy Policy (“Policy”) explains how we collect, use, store, share, and protect the data we obtain through your use of our mobile application (“App”), which integrates with the Garmin API to import and process activities from Garmin watches. By using the App, you agree to the terms outlined in this Policy.

1. Information We Collect

We collect the following types of information to provide and improve our services:

1.1. Personal Information
  • Account Information: When you sign up for or use the App, we may collect your name, email address, and any other information you provide to create or manage your account.
  • Garmin API Data: With your explicit consent, we access and import activity data from your Garmin account via the Garmin API. This may include:
    • Fitness and activity data (e.g., steps, distance, heart rate, calories burned, sleep data, etc.).
    • Device information (e.g., Garmin watch model, device ID).
    • Other health or wellness data you authorize us to access.
    • User-Provided Information: Any additional information you voluntarily provide, such as feedback, preferences, or survey responses.
1.2. Non-Personal Information
  • Usage Data: We collect anonymized data about how you interact with the App, such as session duration, features used, and navigation patterns.
  • Device Information: We may collect information about your mobile device, including device type, operating system, IP address, and unique device identifiers.
  • Analytics Data: We use third-party analytics tools to collect aggregated data to understand app performance and user behavior.
1.3. Sensitive Data

We treat health and fitness data as sensitive personal information and apply enhanced safeguards to protect it.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide Services: To import, process, and display your Garmin watch activity data within the App.
  • To Improve the App: To analyze usage patterns, troubleshoot issues, and enhance functionality and user experience.
  • To Communicate: To send you updates, notifications, or respond to your inquiries.
  • To Personalize: To tailor content or features based on your preferences or activity data.
  • To Comply with Legal Obligations: To meet applicable legal or regulatory requirements.
  • For Security: To detect, prevent, and respond to security incidents or fraudulent activity.

3. Legal Basis for Processing

We process personal information based on the following legal grounds:

  • Consent: You explicitly consent to the collection and processing of your Garmin activity data and other personal information when you connect your Garmin account or use the App.
  • Contractual Necessity: To fulfill our obligations to provide the App’s services as per our Terms of Service.
  • Legitimate Interests: For purposes such as improving the App, ensuring security, and analyzing usage trends, where these interests do not override your rights.
  • Legal Obligations: To comply with applicable laws or regulations.

4. How We Protect Your Information

We implement industry-standard security measures to safeguard your data, including:

4.1. Data Security

Encryption: All data transmitted between your device, the Garmin API, and our servers is encrypted using TLS (Transport Layer Security).
Access Controls: Access to personal data is restricted to authorized personnel only, with strict authentication protocols.
Secure Storage: Data stored on our servers is protected with encryption at rest and hosted in secure, compliant data centers.
Regular Audits: We conduct regular security assessments and audits to identify and mitigate vulnerabilities.
API Security: We adhere to Garmin’s API security guidelines and use secure OAuth 2.0 authentication to access your Garmin data.

4.2. Data Minimization

We collect only the data necessary to provide the App’s functionality and do not retain data longer than required for the purposes outlined in this Policy.

4.3. Incident Response

In the unlikely event of a data breach, we will:

  • Notify affected users promptly, in accordance with applicable laws.
  • Take immediate steps to contain and mitigate the breach.
  • Cooperate with authorities and provide transparency about the incident.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your data only in the following circumstances:

  • With Garmin: To access your activity data via the Garmin API, as authorized by you.
    Service Providers: With trusted third-party providers (e.g., cloud hosting, analytics, or customer support services) who are contractually obligated to protect your data and comply with applicable privacy laws.
  • Legal Requirements: If required by law, regulation, or legal process (e.g., court order or subpoena), we may disclose your information to comply with such obligations.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to equivalent privacy protections.
  • With Your Consent: We may share your data with other parties if you provide explicit consent.

6. Data Retention

  • Activity Data: We retain your Garmin activity data only for as long as necessary to provide the App’s services or as required by law. You may request deletion of your data at any time (see Section 9).
  • Account Data: If you delete your account, we will remove your personal information from our systems, except where retention is required for legal or auditing purposes.
  • Anonymized Data: We may retain anonymized, aggregated data for analytical purposes indefinitely.

7. Third-Party Services

The App integrates with the Garmin API, which is subject to Garmin’s own Privacy Policy. We encourage you to review Garmin’s policies to understand how they handle your data. We are not responsible for the privacy practices of Garmin or other third-party services linked to or from the App.

8. International Data Transfers

If you are located outside the United States, your data may be transferred to and processed in the United States or other countries where our servers or service providers are located. We ensure that such transfers comply with applicable data protection laws, including the use of Standard Contractual Clauses or other safeguards where required.

9. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your data, subject to legal retention requirements.
  • Restriction: Request that we restrict the processing of your data.
  • Portability: Request a copy of your data in a structured, machine-readable format.
  • Objection: Object to certain types of data processing (e.g., for marketing purposes).
  • Withdraw Consent: Revoke your consent for data processing at any time, which may limit your ability to use the App.

To exercise these rights, contact us at [insert contact email]. We will respond to your request within the timeframes required by applicable law (e.g., 30 days under GDPR).

10. Children’s Privacy

The App is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected such data, we will promptly delete it.

11. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes via the App, email, or other reasonable means. The updated Policy will be effective as of the “Last Updated” date at the top of this document.

12. Contact Us

If you have questions, concerns, or requests regarding this Policy or our data practices, please contact us at:

OptiFit
info@dataindicators.com

Major Healthcare Supply Chain Management Company Reduces Cloud Storage Cost and Optimizes Spend Analytics

Multi-Cloud Optimization and Analytics Use Case

Optimized cloud spend analytics, resulting in a significant reduction in expenses, automated cost-center chargebacks, and granular insights for IT leaders

Project Scope

Data Indicators was engaged to help the client reduce cloud storage cost and optimize cloud spend analytics. The development project’s goal was to understand the costs of GCP and AWS, report accurate cost-center chargebacks, understand GKE namespace usage and costs, and create combined cloud spend views for IT leaders. The team also aimed to create optimization/tagging alerts to help the client manage their costs effectively.

Results delivered by Data Indicators

  • The Client was able to establish an optimized cloud spend analytics data platform with actionable insights across IT business partners.
  • Finance was able to charge each cost center the appropriate amount without the help of a full-time data analyst, as all the logic was automated in LookML.
  • IT leaders could analyze their spend down to the project, environment, resource, SKU, or day to identify opportunities and make changes.
  • The Client’s IT team also has the ability to change the data model as the business changed.
  • By retiring the need for CloudAbility, the client saved the growing expense of 0.5% of their annual cloud spend.

Technology stack used for the project

Google BigQuery, Google Cloud SQL for PostgreSQL and Microsoft SQL Server, Google Virtual Machines, Google Cloud Storage, and Apache Airflow. To support data cataloging across the data mesh, we are implementing Secoda. For data governance, we have chosen Immuta. In addition, we used Docker where appropriate and Terraform for infrastructure management.

Enabling data-driven decision making at a major healthcare company

Enabling data-driven decision-making Use Case

Standardized tooling and centralized data management supports fast onboarding and regulatory compliance for data teams

Summary

A large healthcare client needed a solution to help them make data-centric decisions, and a project was created to deliver this. The solution involved the collection and curation of large amounts of data and providing The Client with critical insights to inform decision-making. With the help of the Data Indicators team, a scalable, secure, and easily accessible solution was developed and deployed using GCP hosting and tools.

Solution

Data Indicators developed and delivered a core suite of processes and tooling that allowed The Client’s teams to retain ownership and responsibility over their product data while providing governance and data cataloging capabilities. This enabled The Client to ensure that data usage agreements and regulatory requirements are adhered to. The solution has resulted in a 400% faster time-to-onboarding for data teams and provided a standardized suite of tooling for ETL and data quality, as well as a centralized data catalog and centralized data access governance, including rights management for data usage agreements and support for regulatory compliance and auditability.

Key benefits

  • Faster time-to-onboarding for data teams.
  • Standardized suite of tooling for ETL and data quality.
  • Centralized data catalog.
  • Centralized data access governance.
  • Supports regulatory compliance and auditability.

Technology stack used for the project

Google BigQuery, Google Cloud SQL, Google Cloud Storage, Google App Engine, Java, Spring Boot, Typescript, RESTful, Python and Google Apigee.

Architectural Guidance Use Case

Architectural Guidance Use Case

Comprehensive architectural guidance on foundational, structural, semantic, and organizational levels of interoperability, covering interconnectivity, data format and models, governance, and best practices.

Summary

Client needed a partner to provide architectural guidance on the four levels of interoperability, which include:
Foundational: Interconnectivity requirements between systems.
Structural: Defining the format, syntax, and organization of data.
Semantic: Underlying data models and use of data elements.
Organizational: Governance, legal policies, standards, and best practices.

Project Scope: Data Indicators was tasked with the following deliverables

  • Provide an overview of the current state and architecture
  • Conduct discovery workshops with Client’s business and IT units to understand their short-term and long-term needs.
  • Prepare a gap analysis of the current versus future state based on Client’s strategic outlook.
  • Advise on the best architectural practices and technology recommendations.
    Document best practices and common languages in the application integration and interoperability architecture space.
  • Furnish a high-level depiction of the future state.
  • Assist in the level of effort required to execute the architectural recommendations to the Client.
  • Support the final state interoperability architecture, including API management, event-based architecture (IoT and other events), and HL7 events

In-scope services delivered by Data Indicators

  • Worked with the Client team to build on GCP’s Apigee (API) pipeline.
  • Developed modernized API services using GCP’s components and libraries.
  • Conducted unit and integration testing of the developed code and functionality.
  • Deployed to various environments and provided guidance on production environments.
  • Provided training and handoff support.

Technology stack used for the project

•Java, Spring Boot, Typescript, RESTful, Python, MongoDB, Apigee

MarTech Infrastructure, Real-Time Engagement, and Enhanced Data Lake Maintenance Use Case

MarTech Infrastructure, Real-Time Engagement, and Enhanced Data Lake Maintenance Use Case

Unlock company’s potential with centralized customer profile store, real-time engagement, data segmentation, governance, and event-based data streaming pipelines.

Summary

The client was seeking a reliable partner to help them establish an integrated MarTech infrastructure that could support the creation of a centralized API-driven customer profile store, real-time customer engagement, content personalization, segmentation, and data science. They also required support in enhancing and maintaining their Hadoop-based data lake, implementing event-based data streaming pipelines, and ensuring data governance, privacy, and regulatory compliance. The client was looking for a trusted advisor to guide them through this process and help them achieve their marketing goals.

Project Scope

Data Indicators was tasked with the following deliverables:

  • Supporting enhancements to current state and architecture
  • Conducting discovery workshops with Client’s business/marketing and IT units to understand their short-term and long-term needs
  • Preparing a gap analysis of the current versus future state based on Client’s strategic objectives.
  • Advising on the best architectural practices, methodology and technology recommendations.
  • Documenting best practices and common languages in the application integration and interoperability architecture space.
  • Furnishing a high-level depiction of the future state.
  • Assisting in the level of effort required to execute the architectural recommendations to Client.
  • Data and software engineering, within teams across the organization
 

In-scope services delivered by Data Indicators

  • Developed data ingestion, streaming pipelines and modernized API services
  • Conducted unit and integration testing of the developed code and functionality.
  • Deployed to various environments and provided guidance on production environments.
  • Provided training and handoff support.

Technology stack used for the project

Apache Spark ( Python and Scala ), Apache NiFi for real-time orchestration and transformation, Apache Airflow for batch orchestration and transformation, Snowflake Data Warehouse,  Snowflake Snowpipe real time ingestion, Snowflake Snowpark , AWS S3, AWS EC2, Docker, Kubernetes and Adobe Experience Cloud