Legal

Privacy Policy

Last updated: 19 June 2026

This Privacy Policy explains how Challengger Limited ("Challengger", "we", "us", or "our") collects, uses, shares and protects your personal data when you use the Challengger app and website (the "Service").

We are the data controller responsible for your personal data. If you have any questions about this policy or how we handle your data, contact us at info@challengger.com.

1. Who we are

Challengger is a social running challenge app. You can create, join and complete running challenges, including personal, group, club and public challenges. Your runs can be recorded to your account and counted towards the challenges you take part in. To do this, the Service may connect to fitness data sources you choose to link, such as Garmin and, where available, Apple Health.

Challengger Limited is a company registered in England and Wales, company number 16295617. Registered address: 20 Wenlock Road, London, England, N1 7GU.

2. The personal data we collect

We collect and process the following categories of personal data:

Account and profile information

Connection credentials for linked services

Activity, fitness and location data

Challenge and social participation data

Device, usage and diagnostic data

Support and communication data

3. How and why we use your data

Purpose What this involves Lawful basis under UK GDPR
Provide the Service Create and manage your account, let you create, join and view challenges, and provide the core app features. Performance of a contract
Import and process activity data Record your runs to your account and evaluate each run against the rules of challenges you have joined, such as distance targets, minimum distance per run, time windows, frequency requirements and consistency requirements. Explicit consent and performance of a contract
Display your progress Show your activities, progress, completion status, leaderboard position and profile statistics within the app. Performance of a contract
Social and challenge visibility Show limited profile and challenge information to other users where this is needed for group, club, public or shared challenges. Performance of a contract and legitimate interests
Notifications Send in-app and push notifications about challenge progress, activity updates, invitations, reminders and important service messages. Performance of a contract, legitimate interests and consent where required
Service operation and security Maintain, secure, troubleshoot and improve the Service, prevent misuse, investigate errors and protect users. Legitimate interests
Communicate with you Respond to support requests, send essential service messages and manage account or data requests. Performance of a contract and legitimate interests
Legal compliance Comply with legal obligations, enforce our terms, respond to lawful requests and protect our rights and users. Legal obligation and legitimate interests
Note on health-related data and consent. Activity data from fitness devices or activity tracking services may be treated as data concerning health under UK GDPR, which is a special category of data requiring additional protection. Where this applies, we rely on your explicit consent, given when you choose to connect a fitness data source or use activity tracking features. You can withdraw this consent at any time by disconnecting the relevant service. This stops us importing new activity data from that source. You can also request deletion of previously imported activity data or delete your account.

We do not use your activity data for advertising, and we do not sell your personal data.

4. Information visible to other users

Challengger includes social and shared challenge features. Depending on the challenge type, your participation and your privacy settings, other users may be able to see limited profile and challenge information, such as:

We do not intentionally make your email address, authentication details, access tokens or private account information visible to other users.

5. How we share your data

We share personal data only as described below:

Service providers

We use trusted service providers to operate the Service. These may include authentication providers, hosting providers, database and infrastructure providers, analytics or crash reporting providers, email and support providers, and push notification providers. These providers process personal data only as needed to provide their services to us and are not permitted to use it for their own independent purposes.

Fitness data sources you connect

Other users

Limited profile, challenge and progress information may be visible to other users as described in Section 4.

Legal reasons

We may disclose data if required by law, to enforce our terms, to respond to lawful requests, or to protect the rights, safety or property of our users, Challengger or others.

Business transfers

If the Service is involved in a merger, acquisition, reorganisation or sale of assets, your data may be transferred as part of that transaction, subject to this policy and applicable law.

6. International transfers

Some of our service providers may process personal data outside the UK. Where we transfer personal data outside the UK, we ensure an appropriate safeguard is in place, such as an adequacy decision, standard contractual clauses, the International Data Transfer Agreement, or another lawful transfer mechanism.

7. How long we keep your data

We keep your personal data for as long as your account is active and as needed to provide the Service. Specifically:

8. Your choices and controls

9. Your rights under UK GDPR

You have the right to:

To exercise any of these rights, contact us at info@challengger.com. We will respond within one month, unless a longer period is permitted by law.

If you are unhappy with how we handle your data, you can complain to the UK Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

10. Security

We take appropriate technical and organisational measures to protect your personal data, including encryption in transit via HTTPS, hashed passwords, access controls and operational security measures. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Children

The Service is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, contact us and we will delete it.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version here and update the Last updated date. If we make material changes, we may provide additional notice in the app or by another appropriate method.

13. Contact us

If you have any questions about this Privacy Policy or your personal data, contact us at:

Challengger Limited
info@challengger.com