Privacy Policy

Information We Collect

Account Information

When you create an account, we collect your email address and password (stored securely via Supabase Auth, never in plain text). If you sign in with Apple or Google, we receive only a unique identifier and, optionally, your name — no passwords.

Profile Information

Information you voluntarily provide: display name, profile photo, date of birth, biological sex, height, weight, fitness goals, activity level, dietary preferences, and training preferences. All of this is used to personalise your experience.

Fitness & Health Data

• Workout sessions, sets, reps, and weights you log in the App
• Body weight measurements you submit
• Daily step counts (read from your device's motion sensors)
• Nutrition logs including meals, calories, and macronutrients
• With your explicit permission: we read Active Energy Burned and Step Count from Apple Health, and write completed workouts and body weight back to Apple Health

AI Coach Messages

Free-text messages you send to the AI Coach are forwarded to Groq, Inc. for processing. We store a daily message count server-side to enforce usage limits; message content is not stored by us.

Usage & Analytics

Anonymised event data (e.g. "workout completed", "meal logged") to understand how the App is used and to improve it. No personally identifiable information is attached to analytics events.

How We Use Your Information

• To provide and operate the App and its features
• To personalise your training plans, macro targets, and coaching experience
• To sync data with Apple Health (iOS only, with your permission)
• To process subscription payments via RevenueCat and Apple / Google
• To enforce fair-use limits on AI features
• To investigate and fix bugs and crashes (via Sentry)
• To communicate with you about your account or important updates

Third-Party Services

We use the following services to operate the App. Each has its own privacy policy linked below.

Data Retention

• Your account data is retained while your account is active
• You can delete your account at any time from Profile → Delete Account, which permanently erases all your data from our servers within 30 days
• Backups may retain data for up to 30 days after deletion

Data Security

We use industry-standard measures to protect your data:

• TLS encryption for all data in transit
• Row-level security on all database tables — each user can only access their own data
• Passwords are hashed and never stored in plain text
• Profile photos are stored in private Supabase Storage buckets

Children's Privacy

The App is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it promptly.

Your Rights

Depending on your location, you may have rights to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data — use the in-app Delete Account feature for instant deletion
• Export your data — contact us
• Opt out of analytics — contact us

Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by updating the "Last updated" date at the top of this page and, where appropriate, via an in-app notice.

Contact Us

Questions about this policy or your data? Reach out: