Never Let Them See You Sweat

Never Let Them See You Sweat
Steve Dille | February 2, 2021

The global pandemic hasn’t been bad for one company. Peloton, the maker of internet and social media connected exercise bikes has seen an explosion of demand from exercise shut-ins. Peloton bikes let you stream live classes, communicate with other riders, and integrate with social media. President Biden rides a Peloton which has raised some security eyebrows with the NSA. So, just how secure and private is your information on Pelton? Here are answers to some common questions.

How Visible am I?
The Peloton bike has a camera and microphone. But, can Peloton instructors watch me workout and hear me? According to the Peloton Privacy Policy, the camera and microphone can only be activated by you to accept a video chat from another user. The instructors cannot see you.

What Data does Peloton Collect?
When you set up your profile, Peloton asks you to provide information such as a username, email address, weight, height, age, location, birthday, phone number and an image. Only the email address and username are required. Payment information is collected for the monthly subscription but only stored at secure third-party processors.

Peloton also collects information about your exercise participation – date, class, time, total output, and heart rate monitor information. Peloton user profiles are set to public by default, allowing other registered Peloton users to view your fitness performance history, leaderboard name, location and age (if provided). Those users can also contact or follow you through the Peloton service. You have the option to set your profile to “Private,” so only members you approve as followers can see your profile and fitness history.

As you navigate the service, certain passive information is collected through cookies. Peloton uses personal information and other information about you to create anonymized, aggregated demographic, location and device information. This information is used to measure rider interest and usage of various features of the Peloton services.

Does Peloton Sell My Information to Advertisers?
Peloton’s privacy policy states “We currently do not “sell” your information as we understand this term.” However, they seem to “share” your information. The privacy policy contains a section on “Marketing – Interest-Based Advertising and Third-Party Marketing.” Peloton does make your data available for interest-based advertising and may use it in making services available to you that would seem of interest. Peloton enables you to minimize sharing of your information with third parties for marketing purposes with this form.

What About Pelton and Social Media?
This is an area where your privacy can be violated in ways hard to envision if you chose to participate. Peloton offers publicly accessible blogs, social media pages, private messages, video chat, community forums and the ability to connect to Facebook and other fitness gadgets like Fitbit. When you disclose information about yourself in any of these areas, Peloton collects and stores the information. Further, if you choose to submit content, to any public area of the Peloton Service or any other public sites, such content will be considered “public” and will not be subject to the Peloton privacy protections. This can be problematic for riders posting their new personal record to an instructor’s Facebook page. Whether they realize it, they just made some previously private profile information public.

Once you start connecting your Peloton information to social networks, it becomes very possible for others to piece information together about you. For example, Amazon, has a leaderboard group called “Pelozonians.” When you join that group, it is now known that you work at Amazon to anyone on Peloton or the free app.

What Can I Do to Protect My Privacy?
Configuring your settings wrong can allow others to look into your personal information. Remember, your default profile is public so make sure you don’t include private information you don’t want shared like city or age. Better yet, set your profile to private. Make sure your username isn’t easily associated with you offline or on social media so others can’t piece together information about you. Do you really need to post your rides on Facebook? This just opens another complex layer of connection between your personal life and information on Peloton. Remember to use the forms from Peloton to opt out of interest-based advertising.

The Peloton is a wonderful bike requiring a “privacy” update to an old, humorous politeness adage. Today, when you meet someone new, it’s now impolite to ask their age, weight or Peloton leaderboard name.

Peloton Privacy Policy
https://www.onepeloton.com/privacy-policy

Peloton Terms of Service
https://www.onepeloton.com/terms-of-service