PROOF is verified-effort
loyalty infrastructure.
Brands reward their athletic customers for real, GPS-verified activity. Athletes connect their fitness platform — Strava or Garmin Connect — once. Every GPS-verified activity earns loyalty currency at every enrolled brand. This page orients Strava and Garmin Connect API reviewers, plus brand prospects, to what PROOF does and how it handles fitness-platform data.
Effort becomes loyalty currency.
Athletic brands (apparel, nutrition, gear) want to reward their best customers for being athletes — not just for buying things. PROOF makes that practical.
Connects their Strava or Garmin Connect account once — through the storefront of any enrolled brand. PROOF reads their verified activities, normalizes effort across sports (the PROOF Effort Index — PEI), and credits their lifetime profile plus every brand's loyalty ledger the sport qualifies for. Thresholds crossed = rewards earned at the brand, redeemable on the brand's own storefront.
Installs PROOF into their Shopify storefront. Configures sport allowlist, reward thresholds, welcome bonus rules. Athletes who connect via their site see a loyalty section on their account page rendered in the brand's theme. When an athlete crosses a threshold, PROOF issues a single-use Shopify discount code and fires a webhook to the brand's email platform so the brand can notify the athlete in their own voice.
Infrastructure. We verify the effort, maintain the cross-brand identity ledger, and fire webhook events. We don't send brand-voiced emails. We don't own the athlete's storefront experience. We don't sell data — the athlete's activity data is used only to compute PROOF miles and credit brand ledgers for brands the athlete has explicitly enrolled with.
One connection. Every verified activity. Every enrolled brand.
What an athlete sees from sign-up through redemption. Every surface described below is live at proof.verifiedeffort.com.
Platform OAuth, inside the brand's experience
The athlete is on the brand's Shopify storefront, signed into their customer account. They click 'Connect Strava' or 'Connect Garmin' on the loyalty section. The platform's standard OAuth consent screen loads with the scopes PROOF requests and the PROOF brand clearly identified. Shown below: Strava's consent flow — Garmin Connect follows the same pattern. On approval, the platform returns the access token to PROOF, which begins verifying activities going forward. Historical backfill and brand welcome bonuses roll out as part of launch preparation.
Athlete dashboard — the cross-brand home
After connecting, the athlete's PROOF home is a utility surface: a compact status strip (tier, Lifetime PM, pace category, trend direction) sits at the top, followed by connected brands with per-brand progress to next milestone, available rewards, recent verified activities through the 9-gate pipeline, and identity controls. The athlete manages their connected platform — Strava or Garmin Connect — and can revoke access from here at any time. Lifetime PM never resets — the permanent ledger is anchored to this surface.
Public profile — portable identity across the network
Opt-in public profile with a trophy-treatment tier display, verified-effort narrative, multi-sport breakdown, and enrolled brands. This is the athlete's identity that travels with them: every brand in the PROOF network sees this profile when the athlete connects. Never shows individual activity details, routes, or photos — only the aggregated signal (tier, Lifetime PM, pace, trend, sport mix).
![PROOF public athlete profile at proof.verifiedeffort.com/athlete/[handle]](/demo/public-profile.png)
Loyalty section rendered in the brand's theme
What an athlete sees on the brand's Shopify customer account page. The loyalty section is a Liquid template designed to render brand PM, progress to next milestone, and active rewards in the brand's own theme — not an embedded PROOF iframe. The brand owns the rendering: typography, color, voice. PROOF generates a single-use Shopify discount code when the athlete claims a reward, scoped via the brand's existing Shopify discount-template configuration so collection restrictions, minimum order, and exclusions all apply automatically.
Configure once. Operate continuously.
What a brand sees in the PROOF operator dashboard. Brand operators configure the program, monitor member health, and iterate on thresholds without writing code.
Program health at a glance
Top-level operator view: active members on a 90-day window (the billing metric), verification success rate across the fraud pipeline, rewards issued, redemption rate, activity volume by sport. Brands get real-time visibility into whether the loyalty investment is delivering — and a case-study-ready view of revenue attributed to redeemed rewards.
Segmented member list
Filterable by tier (Recruit through Apex), pace category, trend direction, connection date, and brand PM. Click through to an individual member for their full activity and reward history with this brand. Brands never see an athlete's platform credentials or raw activity data — only the aggregated PROOF miles credited to their program.
Threshold-to-reward ladder
Brand configures the milestone ladder (e.g., 500 brand PM → $10 credit; 1,000 → $20; 2,500 → $35 + free shipping; 5,000 → $50 + free shipping). Brand's budget, brand's economics. PROOF executes against the configuration — fires a webhook when an athlete crosses a threshold, generates the Shopify discount code on redemption. Thresholds iterate without code changes.
ESP-agnostic webhook delivery
Brand pastes their ESP webhook endpoint and API key (Klaviyo, Mailchimp, Sendgrid, Customer.io, or any HTTP endpoint), tests the connection with a sample payload, then builds reward-delivery email flows in their own ESP in their own brand voice. PROOF fires HMAC-signed webhook events on athlete connect, activity verified, and milestone reached; pace-change and tier-advance events roll out as the underlying signals stabilize. Brand authors the emails; PROOF authors the data.
Verification rail, not identity surface.
Transparency on the scopes we request, what we do with the data, how long we retain it, and how an athlete revokes access. This section is the primary subject of platform-review evaluations.
PROOF requests the minimum scopes necessary to compute verified effort. Read-only on both platforms — never write, modify, or delete.
Strava
- activity:read_all — read all activities including private ones, required to compute lifetime PROOF miles and pace accurately. Private activities are used for computation only; they are never displayed publicly and never shared with brands.
Garmin Connect
- Activity-read scopes equivalent to Strava's activity:read_all — final scope list confirmed during Garmin's API review and updated here ahead of launch. Same private-activity handling: computation only, never displayed publicly, never shared with brands.
On both platforms, PROOF does not request activity-write or profile-write scopes. PROOF never modifies activities or profile data on the connected platform.
Each verified activity from a connected athlete is processed through a multi-gate fraud-and-validity pipeline (GPS presence, velocity ceilings, daily cap enforcement, duplicate detection, manual-entry rejection, ownership validation). Activities that clear the pipeline are converted into PROOF miles via the PROOF Effort Index — a sport-normalization table calibrated on MET-minutes per unit of distance.
Credited PROOF miles update two ledgers: the athlete's lifetime profile (visible to them on proof.verifiedeffort.com and to brands they've enrolled with) and the brand-specific ledger for every active brand connection where the sport is in the brand's allowlist. Brands never see raw activity data from the connected platform — only aggregated PROOF miles credited to their program.
Activity metadata (activity ID, start time, sport, distance, computed PROOF miles, verification status) is retained indefinitely while the athlete's PROOF account is active — this data constitutes the athlete's permanent effort ledger, which is a core feature of the platform.
Raw API response bodies — from Strava and Garmin Connect alike — are retained for 90 days for debugging and fraud-pipeline audit, then pruned. Only the computed results (normalized PROOF miles, verification status) persist beyond that window.
PROOF does not store, process, or index third-party user content such as photos, route GPX traces, or comments attached to fitness-platform activities. We read only the metadata needed to verify and normalize the effort.
Athletes can revoke PROOF's platform access from two places: the PROOF athlete dashboard at proof.verifiedeffort.com, and the connected platform's own authorized-apps settings (Strava: Settings → My Apps; Garmin Connect: Account → Account Information → Connected Apps). Both revoke the OAuth token immediately.
On revocation: no further activities are ingested. The athlete's historical ledger is preserved (so that past verified effort remains recognized at enrolled brands) but marked as rail_disconnected. If the athlete separately requests account deletion via proof.verifiedeffort.com (distinct from revoking platform access), all personal data and activity records are deleted within 30 days, per standard GDPR/CCPA handling.
Brand operators never see the athlete's platform credentials, tokens, or raw activity data at any point in the integration.
- We do not sell or share activity data with advertisers, data brokers, or any third party outside the athlete's explicitly enrolled brand connections.
- We do not train machine-learning models on athlete activity data.
- We do not build social features, leaderboards, or public feeds on top of fitness-platform activity data. The public athlete profile is opt-in and shows only aggregated stats — never individual activity details.
- We do not modify, write to, or delete anything in the athlete's connected platform account (Strava or Garmin Connect).
Powered by Strava. Powered by Garmin Connect.
PROOF complies with the Strava Brand Guidelines and the Garmin Connect Developer Program terms. Verification-rail attribution is shown wherever activity data is displayed.
On every athlete-facing surface where activity data is rendered, PROOF displays a "Powered by" attribution naming the connected fitness platform with the correct trademark styling. On the brand account page (rendered on the brand's storefront), the attribution appears in the loyalty section footer.
PROOF marketing materials, dashboards, and athlete-facing copy never imply that Strava or Garmin endorses, sponsors, or partners with PROOF. The integration is described as a verification rail — a technical data source — never as a partnership or co-brand relationship.
PROOF uses the Strava wordmark in its official trademark form (Strava orange, unmodified) and the Garmin Connect wordmark per Garmin's brand guidelines (Garmin blue, unmodified) wherever required. We do not use the Strava arc/S mark or the Garmin triangle device on marketing materials. Usage on both platforms is confined to attribution contexts and OAuth buttons ("Connect Strava" / "Connect Garmin").
PROOF's data handling complies with the Strava API Agreement, Strava's data handling requirements, and Garmin Connect Developer Program terms. Athlete data is stored in encrypted databases, access is role-limited within PROOF, and admin actions and state changes are logged to a tamper-evident audit trail.
Questions, credentials, or clarifications.
If you're reviewing PROOF for API access or a brand partnership and need more detail on anything on this page, or want credentialed access to touch the live OAuth flow, reach out directly. Response within 24 hours on weekdays.