Privacy Policy

Gym Tracker · Effective date: May 27, 2025

Gym Tracker ("we", "our", or "us") is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights regarding your data when you use our mobile application.

1. Information We Collect

Account & Profile

Email address (used to create and manage your account)
Display name and optional username
Profile photo (optional, uploaded by you)
Age, gender, height, and weight (optional, used only to personalise recommendations)

Fitness & Health Data

Workout logs: exercises performed, sets, reps, and weights lifted
Workout duration and timestamps
Personal records and progress history
Fitness goals and self-reported fitness level

Purchase Information

Subscription status and transaction history (processed by RevenueCat and Google Play)
We never store or see your payment card details

Device & Usage

Push notification token (if you grant permission, used only to send workout reminders)
Crash and diagnostic data (anonymous, via Expo)

2. How We Use Your Information

To create and maintain your account
To store your workout history and display your progress
To generate AI-powered workout recommendations (anonymised workout statistics are sent to Anthropic's Claude API — no personally identifiable information is included)
To process and verify your subscription through RevenueCat
To send workout reminders if you have enabled push notifications
To improve the app and fix bugs

3. Third-Party Services

We use the following third-party services to operate the app:

Supabase — authentication and cloud database. Privacy Policy
RevenueCat — subscription and in-app purchase management. Privacy Policy
Anthropic (Claude AI) — AI workout recommendations. Anonymised workout statistics (no name, email, or identifiable data) are sent only when the AI feature is active. Privacy Policy
Expo / EAS — app delivery and over-the-air updates. Privacy Policy

These services act as data processors and are contractually bound to handle your data only as instructed by us.

4. Data Storage & Security

Your data is stored on Supabase-managed servers (hosted on AWS). All data is transmitted over encrypted HTTPS connections. Row-level security policies ensure each user can only access their own data.

Workout data is also stored locally on your device using SQLite for offline access. This local data is not accessible to other apps.

5. Data Sharing

We do not sell, rent, or trade your personal information to third parties. Data is shared only with the service providers listed in Section 3, solely to operate the app's features.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data and workout history will be permanently deleted within 30 days.

7. Your Rights

You have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your account and all associated data
Export your workout data
Withdraw consent for push notifications at any time via device settings

To exercise any of these rights, contact us at privacy@gymtrackerai.app.

8. Children's Privacy

Gym Tracker is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by updating the effective date at the top of this page. Continued use of the app after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this privacy policy or your data, contact us at:
privacy@aihamibrahim.com

Last updated: May 27, 2025