Data We Collect
Account data: name, email address, and a securely hashed password (we never store your password in plain text).
Training data you enter: exercises, sets, repetitions, weights, workouts, session history, and optional body metrics (weight, height) and unit preferences.
Files and photos you choose to import: spreadsheets, documents, or images of workout plans, processed to extract training data.
Subscription status: your plan, trial and renewal dates. Payment details (card numbers, billing address) are handled entirely by Apple or Google — we never receive them.
How We Use Data
To provide the App: storing your training history, computing progress statistics, and syncing your data across sessions.
To process AI imports: files or photos you submit are sent to Anthropic (Claude API), our AI processing provider, solely to extract workout data. Per Anthropic's API terms, API inputs are not used to train their models.
To manage subscriptions: we use RevenueCat to coordinate purchases made through the Apple App Store or Google Play and to keep your subscription status up to date.
To communicate essential account messages, such as password reset emails.
Who We Share Data With
We share data only with the service providers needed to run the App: Anthropic (AI parsing of files you submit), RevenueCat (subscription management), Apple / Google (payment processing), and our hosting provider (encrypted storage of the database). We never sell personal data and never share it for advertising.
Crash & Error Reporting (Sentry)
The App uses Sentry, a third-party crash and error reporting service, to detect and fix problems. When you use the App, Sentry automatically collects: crash and error reports with stack traces; performance and diagnostics data (app startup time, navigation timing, network request metrics); device and operating-system information and the app version; and privacy-masked session replays (by default 10% of sessions, and 100% of sessions where an error occurs).
Session replays are privacy-masked at capture — all on-screen text and images are blocked, so passwords, payment details, and your training data are never recorded. When you are signed in, crash and diagnostics reports are associated with your account id and email so we can correlate an issue to an affected account; this association is cleared when you sign out. Sentry processes this data on our behalf solely to keep the App stable; it is not used for advertising.
Data Retention
Your data is kept while your account exists. Deleting your account (Profile → Settings → Delete account) permanently and immediately erases your account, training data, preferences, and subscription record from our database. Store billing records are retained by Apple/Google under their policies.
Security
Data is transmitted over encrypted connections (HTTPS/TLS). Passwords are hashed with bcrypt. Access to production systems is restricted. No system is perfectly secure — please use a strong, unique password.
Your Rights
You can view and edit your profile data in the App, your training data is visible in your history, and you can delete everything via in-app account deletion. Depending on your location (e.g. GDPR, CCPA) you may have additional rights — to access, correct, port, or erase your data, or to object to processing. Contact us to exercise them.
Children
The App is not directed at children under 16 and we do not knowingly collect their data. If you believe a child has created an account, contact us and we will delete it.
Changes to This Policy
We may update this policy from time to time. Material changes will be announced in the App or by email, with the effective date above updated.
Contact
Privacy questions or requests: support@lifterlog.app