Privacy Policy
Last Updated: January 2026
Welcome to Calisthenics Lab. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our mobile application and services.
1. Information We Collect
1.1 Personal Information
When you create an account, we collect:
- Email address
- Name (optional)
- Profile information
- Authentication credentials (securely hashed)
1.2 Health and Fitness Data
Important: We collect the following health-related data to personalize your training experience:
- Age
- Weight and height
- Gender
- Fitness goals and experience level
- Physical restrictions or limitations
This data is considered sensitive under GDPR. We only collect it with your explicit consent and use it solely to provide personalized workout recommendations.
1.3 Usage Data
We automatically collect information about your use of our services:
- Workout logs and exercise history
- Training plan progress
- App usage statistics
- Device information and operating system (iOS/Android)
- IP address and approximate location
1.4 Payment Information
We do not directly collect or store payment information. All payments are processed securely through:
- Apple App Store (iOS)
- Google Play Store (Android)
- RevenueCat (subscription management)
1.5 User-Generated Content
Content you voluntarily provide:
- Progress photos
- Workout notes and comments
- Custom training plans
2. How We Use Your Information
We use your information to:
- Provide and maintain our services
- Personalize your training experience
- Generate AI-powered workout recommendations
- Track your progress and achievements
- Send important updates and notifications
- Improve our application and features
- Ensure security and prevent fraud
- Comply with legal obligations
3. Data Sharing and Disclosure
We do not sell your personal information. We may share your data with:
- Service Providers: Third-party services that help us operate our platform (e.g., Supabase for authentication, Cloudinary for media storage, OpenAI for AI recommendations)
- Legal Requirements: When required by law or to protect our rights
- Business Transfers: In connection with a merger, sale, or acquisition
4. Third-Party Services
Our application integrates with the following third-party services:
- Neon (PostgreSQL): Database hosting with encryption at rest
- Cloudinary: Media storage and delivery for exercise videos and progress photos
- OpenAI: AI-powered workout recommendations (anonymized data only)
- RevenueCat: Subscription and payment management
- Vercel: Application hosting
These services have their own privacy policies governing the use of your information. We encourage you to review them.
5. Data Security
We implement industry-standard security measures to protect your data:
- Encryption of data in transit and at rest
- Secure authentication using JWT tokens
- Regular security audits and updates
- Access controls and monitoring
However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
6. Data Retention
We retain your personal information for as long as your account is active or as needed to provide our services. When you delete your account:
- Your personal data is permanently deleted within 30 days
- Anonymized usage statistics may be retained for analytics
- Data required for legal compliance may be retained as required by law
7. Your Rights
You have the right to:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate information
- Erasure: Request deletion of your data ("right to be forgotten")
- Portability: Export your data in a machine-readable format
- Opt-out: Unsubscribe from marketing communications
- Withdraw consent: Revoke previously given consent
How to Exercise Your Rights
To exercise any of these rights:
- Delete account: Go to Settings → Account → Delete Account in the app
- Export data: Contact us at info@calisthenicslab.net
- Other requests: Email us at info@calisthenicslab.net
We will respond to your request within 30 days.
8. Children's Privacy
Our services are not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this privacy policy.
10. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience, analyze usage patterns, and improve our services. You can control cookie preferences through your browser settings.
11. Changes to This Privacy Policy
We may update this privacy policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last Updated" date.
12. Contact Us
If you have questions or concerns about this privacy policy or our data practices, please contact us at:
- Email: info@calisthenicslab.net
- Website: www.calisthenicslab.net
13. GDPR Compliance (EU Users)
If you are in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):
- Right to be informed about data collection and use
- Right of access to your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
14. California Privacy Rights (CCPA)
California residents have specific privacy rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected
- Right to know whether personal information is sold or disclosed
- Right to opt-out of the sale of personal information
- Right to deletion of personal information
- Right to non-discrimination for exercising CCPA rights
Note: We do not sell personal information.