Privacy Policy
Last updated: May 17, 2026
Snap My Gym ("we", "us", "the app") provides AI-assisted strength training programs, workout logging, and reflective journaling. This Privacy Policy explains what data we collect, how we use it, and what choices you have. We believe in collecting the minimum needed to make the product useful, and we never sell your personal data.
What we collect
- Account info — email, display name, and (if you sign in with Google or Apple) a stable account identifier from those providers.
- Training data you create — workouts logged, programs built or generated, custom exercises, gyms, bodyweight entries, 1-rep maxes, and journal entries.
- Health signals you choose to connect — when you opt in to Apple HealthKit or a third-party wearable (e.g., Oura), we read only the categories you grant: workouts, weight, sleep, readiness, heart rate, and similar recovery metrics. You can disconnect at any time from your device settings or our Settings page.
- Usage and diagnostic data — anonymized request logs, error reports (via Sentry, with user identifiers limited to your account ID), and basic device info.
- Payment data — handled by Stripe and/or Apple. We never see your full card number. We store your subscription tier and status.
How we use it
- Provide the core product: store and display your workouts, generate AI programs, surface recovery and progress insights.
- Send transactional emails (password resets, receipts, account notifications). We do not send marketing email without your consent.
- Improve the product — debug issues, fix bugs, and measure aggregate feature usage. AI inputs may be sent to OpenAI or Anthropic to generate program recommendations and insight text; we do not include your name or email in those prompts.
- Comply with our legal obligations.
How we share it
We do not sell your personal data. We share it only with the service providers we need to run the product:
- Stripe / Apple — billing.
- OpenAI / Anthropic — AI inference for program generation and journal insight.
- Google Cloud Storage / Replit Object Storage — image and file storage.
- Sentry — error monitoring.
- Oura, Apple HealthKit, and other wearables you connect — only the data categories you explicitly authorize.
We may disclose information if required by law, valid legal process, or to protect the rights or safety of users.
Your rights and controls
- Access & export — you can view all your workout history and journal entries in-app. Email us to request a full data export.
- Deletion — you can delete your account from Settings; we permanently remove your data within 30 days, except where retention is legally required (e.g., billing records).
- Disconnect wearables — revoke Apple HealthKit / Oura / wearable access from your device's privacy settings or our Settings page; we stop pulling data immediately.
- EU/UK users (GDPR) — you have the right to access, rectify, erase, restrict processing, and port your data. Contact us to exercise these rights.
- California users (CCPA) — you have the right to know what we collect, request deletion, and opt out of any "sale" (we do not sell data).
Data retention
Account and training data are retained as long as your account is active. If you delete your account, we erase your data within 30 days, except records we are legally required to keep (such as billing records, typically 7 years).
Children
Snap My Gym is not directed at children under 13, and we do not knowingly collect personal data from them. If you believe a child under 13 has created an account, contact us and we will delete it.
Security
We use HTTPS for all traffic, encrypt data at rest where the provider supports it, and limit access to your data to the operators who need it. No system is 100% secure; we will notify affected users promptly in the event of a confirmed breach.
Changes to this policy
We may update this policy as the product evolves. Material changes will be announced in-app or by email before they take effect. The "Last updated" date at the top reflects the most recent revision.
Contact
Questions, requests, or privacy concerns: rodeliodoria@gmail.com