Privacy Policy

What Data We Collect

  • Email address and display name (for account identification)
  • Hashed password (we never store or see your password in plain text)
  • Body weight (used for workout score calculations — see below)
  • Workout entries: exercise names, sets, reps, weights, and dates
  • Sport activity entries: sport name, duration, intensity, and dates
  • Feedback submissions you voluntarily provide

Body Weight Data

Your body weight is collected during signup and can be updated from the account section on the Info page. It is used solely for exercise score calculations (normalizing workout intensity for bodyweight exercises like pull-ups and push-ups). Body weight data is never shared with third parties or used for any purpose other than computing your personal workout scores.

How We Use It

  • Account management and authentication
  • Delivering core features: workout tracking, charts, progress analytics
  • Improving the application based on feedback

We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes. We do not use your data to build user profiles for advertising.

Data Retention

Your data is retained for the duration of your active account. If you delete your account from the Info page, the app deletes your account, workout data, auth data, coefficient overrides, and in-app feedback rows from the application database immediately.

Operational feedback copies mirrored to Google Sheets may require manual cleanup separately if you previously submitted feedback with contact details. Database backups are retained according to the hosting provider's retention policy and will be rotated out automatically.

Third-Party Services (Sub-processors)

We use the following third-party services to operate this application. Your data may be processed by these services as part of their normal operation:

  • Neon — database hosting (stores all app data; US/EU regions)
  • Netlify — application hosting and CDN
  • Resend — transactional email (password resets only)
  • Google OAuth — optional authentication provider (only used if you sign in with Google)
  • Google Sheets — operational mirror for feedback review (feedback text only)

Cookies and Session Data

The app uses a single strictly-necessary session cookie (wt_session) for authentication. This cookie:

  • Contains a signed JWT token identifying your session
  • Is httpOnly and Secure — it cannot be accessed by JavaScript or sent over unencrypted connections
  • Expires after 7 days unless you sign out sooner or reset your password
  • Is not used for advertising, analytics, or cross-site tracking

We do not use any analytics cookies, tracking pixels, or third-party scripts that collect user behavior data.

Your Rights

You have the following rights regarding your personal data:

  • Access — view your data within the app at any time
  • Correction — edit your profile on the Info page and workout entries in History
  • Deletion — delete your account and all associated data from the Info page
  • Data portability — export all your app data as JSON from the Info page or via /api/user/export
  • Withdrawal of consent — you can stop using the service and delete your account at any time

To exercise any of these rights, use the relevant feature in the app or contact us via the feedback form. We aim to respond to data requests within 30 days.

Security

We take reasonable measures to protect your data, including encrypted database connections, hashed passwords, httpOnly session cookies, HTTPS enforcement, and same-origin request validation. However, no system is 100% secure. Please use a strong, unique password for your account.

Not Medical Advice

This application is a fitness tracking tool, not a medical device. Workout scores, coefficients, and analytics are approximations intended for personal progress tracking only. They should not be interpreted as medical advice, clinical measurements, or professional training recommendations. Consult a qualified professional before making changes to your exercise routine.

Changes to This Policy

We may update this privacy policy from time to time. Significant changes will be communicated in the app. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact

For questions about your data or this privacy policy, use the in-app feedback form or contact us directly.

This privacy policy has not been reviewed by a legal professional. It represents our best-effort disclosure of how the app handles data. If you require formal legal compliance verification, please consult a qualified attorney.