Privacy Policy

Gym Mate — Last updated: March 1, 2026

Introduction

Gym Mate (“we”, “our”, “the app”) is a workout tracking application developed by Warren Pistorius. This privacy policy explains what data we collect, how we use it, and your rights regarding your information.

Data We Collect

Account Information

• Email address, display name, and profile photo (provided during registration or Google Sign-In)
• Authentication credentials are managed by Firebase Authentication (Google)

Workout Data

• Training programs (exercises, sets, reps, rest times, schedules)
• Workout sessions (weights lifted, reps completed, effort ratings, duration, notes)
• Personal records and progression history
• Custom exercises you create

Nutrition Data

• Meal logs (foods, portions, calories, macronutrients)
• Saved meals and recent foods
• Daily nutrition goals

Body Metrics

• Body weight logs

Health Data (Read-Only)

• Step count and sleep data read from Apple HealthKit (iOS) or Health Connect (Android)
• This data is read for display purposes only and is not stored on our servers

User Preferences

• Measurement units, rest timer defaults, weight increments, theme preference

Trainer-Client Data (Optional)

• If you connect with a trainer, your trainer can view your workout sessions and training programs
• Trainer notes and program assignments are stored to facilitate coaching
• Connections require mutual agreement and can be revoked at any time

How We Use Your Data

• To provide core app functionality (tracking workouts, nutrition, and progress)
• To sync your data across devices via cloud storage
• To enable trainer-client coaching features (only when you opt in)
• To improve app stability through crash reporting

We do not use your data for advertising, sell your data to third parties, or build behavioral profiles.

Third-Party Services

Firebase (Google)

• Authentication: Manages sign-in credentials
• Cloud Firestore: Stores your workout, nutrition, and profile data
• Cloud Storage: Stores profile photos
• Crashlytics: Collects anonymous crash reports and error logs for app stability

Firebase data is stored on Google Cloud infrastructure. See Google's Privacy Policy.

Open Food Facts

• Food name and barcode queries are sent to the Open Food Facts API to retrieve nutritional information
• No personal data is included in these requests
• See Open Food Facts Privacy Policy

Nutrition Label Scanning (Optional)

• If you use the label scanning feature, a photo of the nutrition label is sent to OpenRouter (AI processing service) for text extraction
• Photos are processed temporarily and not stored permanently
• No personal data is included with the photo
• This feature requires you to provide your own API key

Data Storage and Security

• All data is transmitted over HTTPS
• Access to your data is protected by Firebase Authentication and Firestore Security Rules
• Users can only access their own data; trainers can only view client data after an explicit connection is established
• Data is stored on Google Cloud servers

Data Retention

• Your data is retained for as long as your account is active
• Trainer invite codes expire automatically after 48 hours
• Crash reports are retained per Google Firebase's standard retention policy

Your Rights

You have the right to:

• Access your data through the app at any time
• Delete your account and associated data by contacting us
• Disconnect from any trainer relationship at any time, revoking their access to your data
• Revoke health data permissions (steps, sleep) through your device settings at any time

Children's Privacy

Gym Mate is not directed at children under 13. We do not knowingly collect data from children under 13.

Changes to This Policy

We may update this privacy policy from time to time. Changes will be noted by updating the “Last updated” date above.

Contact

For questions about this privacy policy or to request data deletion, contact:

Email: warren.pistorius@gmail.com