1. Introduction
Welcome to trAIner ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").
2. Information We Collect
2.1 Personal Information
We collect information that you provide directly to us:
- Account information: Name, email address, password (encrypted)
- Profile information: Age, weight, height, gender, fitness goals
- Health data: Daily calorie and macro intake, workout logs, body measurements
- Media: Photos (progress photos, physique scans), videos (form review)
- Payment information: Processed securely through Stripe (we do not store credit card details)
2.2 Automatically Collected Information
- Device information: Device type, operating system, unique device identifiers
- Usage data: Features used, time spent, navigation patterns
- Location data: Approximate location based on IP address (not precise GPS)
- Cookies and similar technologies: For authentication and preferences
2.3 AI-Generated Data
When you use our AI features (workout generation, form review, physique scans, meal planning), we send your data to third-party AI providers (OpenAI, Anthropic Claude, Google Gemini). These providers process data according to their privacy policies and do not use your data to train their models.
3. How We Use Your Information
We use your information to:
- Provide and maintain the Service
- Generate personalized workout plans, meal plans, and fitness recommendations
- Analyze your form in uploaded videos and provide feedback
- Track your progress and provide insights
- Process payments and manage subscriptions
- Send you service-related notifications (streak reminders, workout alerts)
- Improve our Service and develop new features
- Detect, prevent, and address technical issues or fraudulent activity
- Comply with legal obligations
4. Data Sharing and Disclosure
4.1 Service Providers
We share data with trusted third-party service providers:
- Clerk: Authentication and user management
- Supabase: Database hosting and storage
- Stripe: Payment processing
- OpenAI: Workout generation and nutrition tips
- Anthropic (Claude): Meal plan generation
- Google (Gemini): Video form analysis and physique scans
- Vercel: Web hosting and analytics
- Resend: Email notifications
4.2 Legal Requirements
We may disclose your information if required by law or in response to valid requests by public authorities.
4.3 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your data may be transferred. We will notify you via email and/or prominent notice on our Service.
5. Data Security
We implement appropriate technical and organizational security measures to protect your data:
- Encryption in transit (HTTPS/TLS) and at rest
- Regular security audits and updates
- Access controls and authentication (Row-Level Security in database)
- Secure payment processing (PCI DSS compliant via Stripe)
However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
6. Your Rights
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal data
- Correction: Update inaccurate or incomplete data
- Deletion: Request deletion of your data (see Data Deletion)
- Portability: Receive your data in a structured, machine-readable format
- Objection: Object to processing of your data
- Restriction: Request restriction of processing
- Withdraw Consent: Withdraw consent at any time (does not affect prior processing)
To exercise these rights, email us at help@trainerapp.ai
7. Data Retention
We retain your data for as long as your account is active or as needed to provide services. When you delete your account, we will delete your data within 30 days, except:
- Data required for legal, tax, or accounting purposes (7 years)
- Anonymized data used for analytics (no personal identifiers)
- Backup data (deleted after 90 days)
8. Children's Privacy
Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us.
9. International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) when transferring data internationally.
10. Health Data Disclaimer
This Service is not a medical device and does not provide medical advice. Our AI-generated recommendations are for informational and educational purposes only. Always consult with a qualified healthcare provider before starting any fitness or nutrition program. We are not liable for any injuries or health issues that may result from using our Service.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by:
- Posting the new policy on this page with an updated "Last updated" date
- Sending an email notification to registered users
- Displaying an in-app notification
Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.
12. Contact Us
If you have questions or concerns about this Privacy Policy, please contact us:
13. GDPR Compliance (EU Users)
If you are located in the European Economic Area (EEA), you have additional rights under GDPR:
- Legal Basis: We process your data based on consent, contract performance, legitimate interests, or legal obligations
- Data Protection Officer: Contact us at drew@trainerapp.ai
- Supervisory Authority: You have the right to lodge a complaint with your local data protection authority
- Automated Decision-Making: Our AI features involve automated processing but do not make decisions with legal or significant effects without human oversight
14. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected
- Right to know whether personal information is sold or disclosed
- Right to opt-out of sale of personal information (we do not sell your data)
- Right to deletion of personal information
- Right to non-discrimination for exercising CCPA rights
To exercise these rights, email help@trainerapp.ai