Privacy Policy

Last Updated: February 24, 2026

1. Introduction

Welcome to Workout AI ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website or use our mobile application (the "App").

2. Data We Collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data: includes first name, last name, username or similar identifier.
  • Contact Data: includes email address.
  • Health Data: includes workout logs, body metrics, and training preferences you input into the App.
  • Usage Data: includes information about how you use our App and website.
  • Device Data: includes device type, operating system, unique device identifiers, and mobile network information.

3. How We Use Your Data

We use your personal data for the following purposes:

  • To provide and maintain our Service
  • To generate personalized AI workout recommendations
  • To manage your account and subscription
  • To communicate with you about updates, support, and promotional offers
  • To analyze usage patterns and improve our Service
  • To detect, prevent, and address technical issues

4. Third-Party Services

We use the following third-party services to operate and improve our App:

  • Supabase: For secure database hosting and authentication.
  • RevenueCat & Superwall: To manage subscriptions and paywalls.
  • AI Providers (Google Gemini, Anthropic Claude, OpenAI GPT): To provide AI-powered workout recommendations, coaching, and program generation. We may use one or more of these providers.
  • Google Analytics & Mixpanel: To analyze user behavior and improve our services.

4a. AI Data Processing

To provide personalized AI coaching and workout program generation, the following data may be sent to our AI providers (Google Gemini, Anthropic Claude, or OpenAI GPT) for processing:

  • Profile Information: Name, age, gender, and fitness experience level.
  • Fitness Data: Fitness goals, workout history, exercise performance, and custom goal descriptions.
  • Chat Messages: Messages and images you send through the AI coaching chat.
  • Photos: Body or progress photos you voluntarily upload for AI analysis.
  • Health Metrics: If you optionally connect Apple Health, recovery-related metrics (heart rate, sleep, active calories) may be included to optimize training recommendations.

Important: Your data is sent to AI providers solely for processing your requests and generating personalized responses. AI providers do not store your data after processing. After AI processing is complete, your data is encrypted and stored securely in our databases. Your personal data is never sold to third parties.

Apple Health (HealthKit) data is read-only and is used solely to calculate recovery scores for workout adjustments. Connecting Apple Health is entirely optional.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Account Data: Retained while your account is active and for 30 days after deletion request.
  • Workout History: Retained while your account is active. Deleted upon account deletion.
  • Analytics Data: Aggregated and anonymized data may be retained indefinitely for service improvement.
  • Transaction Records: Retained for 7 years as required by tax and financial regulations.

6. Your Rights and Choices

You have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data (see Account Deletion section below).
  • Portability: Request a copy of your data in a machine-readable format.
  • Opt-out: Unsubscribe from marketing communications at any time.

To exercise any of these rights, please visit our support page.

7. Account Deletion

You may delete your account at any time. To delete your account:

  • Open the App and go to Settings → Account → Delete Account
  • Or visit our support page to contact us

Upon deletion request, we will:

  • Delete your account within 30 days
  • Remove all personal data including profile information, workout history, and preferences
  • Cancel any active subscriptions (you may need to also cancel through Apple if billed via App Store)
  • Retain only anonymized, aggregated data that cannot identify you

Note: Some data may be retained as required by law (e.g., transaction records for tax purposes).

8. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from a child under 13 without verification of parental consent, we will take steps to remove that information from our servers.

9. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: You can opt out of the sale of your personal information. Note: We do not sell your personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise your CCPA rights, visit our support page.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We use Supabase for data storage, which may store data in the United States.

When we transfer your data internationally, we take appropriate safeguards to ensure your information remains protected in accordance with this privacy policy and applicable law.

11. Tracking and Advertising

We may use analytics tools to understand how users interact with our App. You can control tracking through:

  • iOS App Tracking Transparency: When prompted, you can choose whether to allow the App to track your activity across other companies' apps and websites.
  • Device Settings: You can limit ad tracking in your device settings.

We do not sell your personal information to advertisers or third parties.

12. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We use enterprise-grade encryption provided by Supabase. All data transmitted between your device and our servers is encrypted using TLS/SSL.

13. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last Updated" date. For significant changes, we will provide a more prominent notice, such as an in-app notification or email.

We encourage you to review this privacy policy periodically for any changes.

14. Contact Us

If you have any questions about this privacy policy or our privacy practices, please visit our support page.