Privacy First
We built Gainz to track gains, not you. Your workout data is protected with industry-standard safeguards and never sold.
The Short Version
We collect only what's needed to run the app and protect it with appropriate safeguards. We never sell your data. You can request access to your account data or delete your account anytime. That's it.
1. What We Collect
Account Data
- Email: To create your account and send important updates
- Name: Optional, for personalization
Workout Data
- Exercises, sets, reps, weights: To track your progress
- Body measurements: Optional, if you choose to track
Device Data
- Device type, OS version: To fix bugs and improve the app
- Error diagnostics: Technical details needed to investigate and fix issues
Identifiers and Product Interaction
- Account and device identifiers: Your Gainz user ID and an app-generated device identifier support authentication, optional sync, conflict resolution, and account security.
- Product interaction: We record events such as onboarding steps, workout completion, subscription activity, screens or features used, timestamps, session identifiers, platform, and app version to operate Gainz and understand product reliability and use.
- Account linkage: Product-interaction records are associated with your Gainz user ID when you are signed in. Diagnostic reports may include technical context such as app version, platform, stack traces, and error details.
- Optional app analytics: If you allow Usage Analytics in the app, Google Analytics for Firebase receives an app-instance identifier, device and app details, approximate region derived from the network address (not precise location), stable screen names, sanitized product events, high-level App Store purchase/subscription metadata (such as product, price/currency, and status), and an opaque Gainz account ID when signed in. Names, emails, raw workout or HealthKit values, photos, messages, search text, purchase receipts, and error details are excluded.
- Optional app session replay: If you separately allow Session Replay, UXCam records interaction on selected static help and legal screens. Paywall content is fully hidden while taps and approved parameter-free conversion markers may be captured for aggregate heatmaps and funnels. Inputs are masked, while workout, health, profile, photo, social, payment-management, support, admin, and free-text screens are blocked.
Website and Support Data
- Website analytics and session insights: If you allow website analytics, we collect page views, campaign and referrer details, approximate region, device category, and general interactions such as clicks, section views, and scroll depth. If you separately allow replay and Microsoft Clarity is enabled, it can provide click and scroll heatmaps and masked session recordings. Form inputs, dropdown values, support search, and the contact form are masked; the training-readiness page is blocked from recording.
- Support email: The website can prepare an email draft containing the name, email address, topic, and message you enter. The draft stays in your email app until you choose to send it. Messages you send are processed by your email provider and ours so we can support you.
What We Don't Collect
- We do not use advertising SDKs, ad networks, or tracking identifiers (such as IDFA) for advertising purposes.
2. Your Rights
Access
Request a copy of your account data from support
Delete
Request full account deletion anytime
Access
See exactly what data we have about you
Website Opt Out
Use “Cookie settings” at the lower left of any page to change website analytics and session-recording consent
In the app, use Settings → Privacy Settings to control Usage Analytics and Session Replay separately. Withdrawing either choice does not affect workout logging.
These rights apply to all users. EU residents have additional rights under GDPR. California residents have additional rights under CCPA.
3. Apple Health Integration
Gainz integrates with Apple Health (HealthKit) to read and write fitness data including workouts, weight, body fat, heart rate, HRV, resting heart rate, sleep, steps, and active calories. This data is used solely to track your fitness progress and recovery within the app.
- Gainz does not sell, share, or use your Health data for advertising or marketing
- Health data is read on your device. Workout and body metrics you choose to save can become part of your local Gainz data and optional account sync
- Raw HealthKit data is not sent to app or website analytics, session replay, or advertising services
- You can disconnect Apple Health at any time in Settings
- Apple Health integration is optional and only available on iPhone
4. Security
We use industry-standard safeguards appropriate to the data and service, including secure transport for cloud communication and managed authentication. We never store passwords in plain text.
5. Third Parties
We use the following third-party services to operate Gainz:
- Supabase: Optional cloud sync, authentication, and Supabase-backed error reporting
- RevenueCat: Subscription and purchase-entitlement management
- Apple: App Store billing and optional Apple Health integration
- Google Analytics for Firebase: Optional, consent-gated app product analytics using sanitized events and pseudonymous identifiers
- UXCam: Optional, separately consent-gated app replay and heatmaps on selected static help/legal screens, with paywall content hidden
- Google Analytics and Google Tag Manager: Consent-gated website measurement and optional tag delivery, loaded only after a visitor accepts analytics cookies
- Microsoft Clarity: Optional click and scroll heatmaps and masked website session recordings, loaded only when configured and after a visitor separately allows replay
Workout logging is local-first with optional account sync. Support email, subscription records, and the operational data described above are processed by the relevant service. We do not sell or share your data with any third party for advertising or marketing purposes.
6. Data Retention
- Workout and profile data is retained as long as your account is active
- Deleted workouts are soft-deleted and permanently purged after 30 days
- Account deletion removes your account and associated cloud product data, subject to limited retention required for security, fraud prevention, dispute resolution, or law
- Support messages are kept only as long as reasonably needed to answer the request, preserve support context, prevent abuse, and meet legal obligations
- Product-interaction and diagnostic records are retained only as long as reasonably needed for product operations, security, reliability, and legal obligations
7. Children's Privacy
Gainz is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
Questions about your data?
We read every message and respond as soon as we can.
You can also email us directly at support@gainz-pro.com.