Privacy Policy
This policy explains what Workout Buddy (“the app”, “we”) collects, why, where it lives, and how to delete it. If anything here is unclear, email support@work-out-buddy.com.
Who we are
Workout Buddy is a personal workout tracker. It is published by an individual developer based in the United States. We do not sell user data, share it with advertisers, or use it for cross-app tracking.
What we collect
We only collect what the app needs to work. Everything below is tied to your account and stored in our database (Supabase, hosted in the United States) unless noted.
Account & profile
- Email address (used to sign in and to recover your account)
- Display name (set by you, or pulled from your Apple/Google account on first sign-in)
- Authentication identifiers from Apple or Google when you use Sign in with Apple / Google
- Per-account preferences: weight unit, theme, accent color, rest timer settings
Profile photo (optional)
- If you choose a profile picture, the image you pick is uploaded to our storage (Supabase Storage, United States) and linked to your account so it shows on your other devices.
- This is the only reason the app asks for photo-library access, and only when you tap to change your picture. You can remove the photo any time from the Profile screen, which deletes it from storage.
Workout & fitness data you create in the app
- Bodyweight entries (weight + date) you log
- Workouts: programs, days, exercises, sets, reps, weights, completion status, and post-session feedback (recovery / pump / volume ratings)
- Custom exercises you create (name, muscle group)
- Session timestamps and duration
Buddy, the AI coach (Anthropic)
- When you chat with Buddy, your messages and a snapshot of your training context — your programs, recent sessions, post-workout feedback, personal records, bodyweight, and display name — are sent to Anthropic (the maker of Claude) so Buddy can answer as your coach. We send only what's needed to respond.
- Anthropic processes these messages on our behalf to generate the reply and, under their commercial API terms, does not use them to train their models. We never use your chats for advertising.
- We store a per-month message count and a small cost figure for your account in our database to enforce fair-use limits. We do not sell or share your chats with anyone else.
Subscriptions (only if you subscribe)
- Workout Buddy may offer an optional auto-renewing subscription. All payments are handled by Apple — we never see or store your card or billing details.
- We use RevenueCat to tell us whether your subscription is active so we can unlock premium features. RevenueCat receives an anonymous identifier tied to your account and your purchase / renewal status, not your payment information.
Apple Health (iOS only, opt-in)
- If you turn on “Sync with Apple Health” on the Profile screen, the app reads your bodyweight samples (
HKQuantityTypeIdentifierBodyMass) from the Health app and merges them into your bodyweight log. The most recent sample for each day is kept. - HealthKit-sourced entries are uploaded to your account in Supabase the same way manually-typed entries are, so your weight log stays in sync across your iOS devices.
- We only read bodyweight. We do not read any other Health data type, and we never write to Apple Health.
- You can revoke access at any time in iOS Settings → Privacy & Security → Health → Workout Buddy. Already-imported entries stay in your log unless you delete your account.
Diagnostics (Sentry)
- Crash reports and unhandled errors, including stack trace, device model, OS version, and app version
- A small sample of performance traces (20% in production)
- Your account ID and email are attached to crash reports so we can debug your specific issue
- Screenshots are not captured
Product analytics (PostHog)
- App lifecycle events (open, background, etc.) and a small set of in-app events used to improve the product
- Your account ID and email are attached so we can answer questions like “did this user hit the bug we fixed?”
- Hosted on PostHog Cloud (United States)
Stored only on your device
- Cached workouts, programs, and preferences (so the app works offline)
- Authentication tokens needed to keep you signed in
What we do not collect
- Location (precise or coarse)
- Your camera, microphone, or contacts (we only read a photo you explicitly pick for your profile picture — see above)
- Google Fit data
- Any Apple Health data type other than bodyweight, and only when you opt in (see above)
- Browsing or search history outside the app
- Advertising identifiers (IDFA / GAID)
- Your payment card or billing details — Apple processes all purchases and we never receive them
How we use it
- Run the app: sign you in, sync your workouts across devices, render your history.
- Fix bugs: crash and error reports help us reproduce issues you hit.
- Improve the product: anonymous-ish usage patterns help us see which features are used.
We do not use your data for advertising, do not share it with data brokers, and do not link it with data from other companies’ apps or websites for tracking purposes.
Who we share it with
Data is processed by these service providers on our behalf:
| Provider | Purpose | Where |
|---|---|---|
| Supabase | Authentication, database, file storage | United States |
| Anthropic | Buddy AI coach (processes your chats) | United States |
| RevenueCat | Subscription status (if you subscribe) | United States |
| Sentry | Crash reporting | United States |
| PostHog | Product analytics | United States |
| Apple | Sign in with Apple; subscription billing | Per Apple’s policy |
| Sign in with Google (if used) | Per Google’s policy |
That’s the full list. We do not share data with anyone else.
How long we keep it
- Account & workout data: kept until you delete your account.
- Buddy chats: kept on your device, not stored on our servers; the per-month usage count resets each month.
- Crash reports: retained by Sentry per their default retention (typically 90 days).
- Analytics events: retained by PostHog per their default retention.
How to delete your data
Open the app → Profile → Delete Account, type DELETE to confirm. This:
- Deletes your Supabase user, which cascades and removes your profile, programs, sessions, sets, custom exercises, and bodyweight log in a single transaction.
- Signs you out on the device.
If you can’t access the app for any reason, email support@work-out-buddy.com from the address on your account and we will delete it manually.
To purge analytics or crash records tied to your old account, mention that in the email and we’ll forward a deletion request to Sentry / PostHog.
Children
Workout Buddy is not directed at children under 13 and we do not knowingly collect data from them. If you believe a child has created an account, email us and we’ll remove it.
Your rights
Depending on where you live (e.g., GDPR in the EU, CCPA in California), you may have the right to access, correct, export, or delete the data we hold about you. The in-app delete flow handles deletion. For access or export, email support@work-out-buddy.com and we’ll respond within 30 days.
Security
- All traffic between the app and our backend uses HTTPS / TLS.
- Supabase enforces row-level security so one account can never read or modify another account’s data.
- Authentication tokens are kept in the app’s own sandboxed on-device storage, protected by your device’s OS-level encryption. Other apps cannot read them.
No system is perfectly secure. If you discover a vulnerability, please report it to support@work-out-buddy.com before disclosing it publicly.
Changes to this policy
If this policy changes, we will update the “Last updated” date at the top and, for material changes, prompt you in the app on next launch.
Contact: questions, deletion requests, or privacy concerns — support@work-out-buddy.com.