Legal

Privacy Policy

ScaleBridge exists to forward body measurements from your Withings account to Garmin Connect. To do that we collect the minimum needed: your email address, OAuth access and refresh tokens for Withings, a Garmin session token obtained through their mobile SSO flow, and the measurements themselves.

What we store

• Your email address and (if applicable) a hashed password.
• Encrypted OAuth tokens for Withings, held in an authenticated encryption envelope (AES-256-GCM).
• An encrypted Garmin session token produced by their mobile SSO flow. We never store your Garmin password.
• Body measurements (weight, body fat %, muscle mass, bone mass, hydration, BMI) that we receive from Withings.
• Sync attempt logs for troubleshooting (success/failure + error message).

Who we share with

Four third parties are involved:

• Withings — as the source of your measurements, under their own privacy policy.
• Garmin Connect — as the destination where your weigh-ins are written.
• Stripe — for payment processing on paid subscriptions.
• Google Analytics — for aggregate product analytics (which pages are visited, roughly from where). Only loaded after you accept cookies on first visit. Decline and nothing is sent. You can change your choice any time from the footer's "Cookie preferences" link.

We do not sell data, run advertising, or share measurements with anyone else. Analytics data is aggregate — it never includes your weigh-ins.

Your rights

You can delete your account at any time from Settings → Account. Deletion removes your row, both stored tokens, measurement history, and sync logs within 24 hours. Withings and Garmin keep the records you created on their side; we can't delete those for you.

Retention

We retain measurement and sync-log history for as long as your account exists. Sync-attempt logs older than 90 days are automatically rotated.

Contact

Questions: [email protected].