Privacy Policy

Last Updated: February 18, 2026

1. Introduction

Gainsly (“we,” “our,” or “us”) is a fitness application designed to help you log workouts, track progress, and connect with friends. This Privacy Policy describes how we collect, use, store, and protect your information when you use the Gainsly mobile application and related services.

By using Gainsly, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the application.

2. Information We Collect

We collect and store the following categories of data to provide and improve our services.

2.1 Account and Profile Information

  • Identifiers: Unique user ID (assigned by our authentication provider), username, and email address.
  • Profile: Display name, optional profile photo URL, and date joined.
  • Optional Details: Birth date, gender, height (and unit), fitness level, and fitness goals. You may provide these manually or sync them from Apple Health (see Health Data below).
  • Region: State and/or country code (optional) for local leaderboards. We do not collect precise GPS location data.

2.2 Workout and Fitness Data

  • Workouts: Workout names, dates, duration, status, notes, location names (if entered), volume, sets, and calories.
  • Exercise Data: Exercises performed, reps, weight, time, distance, RPE (Rate of Perceived Exertion), rest times, and personal records.
  • Body Measurements: Body weight history entered manually or synced from Apple Health.
  • Progress: Workout plans, streaks, achievements, and muscle recovery status.

2.3 Preferences and Settings

  • App Preferences: Unit settings (metric/imperial), timer settings, dark mode, and notification preferences.
  • Privacy Settings: Controls for who can see your profile, activity feed, streaks, and leaderboard rankings.

2.4 Social and Gamification Data

  • Social: Friend lists and pending friend requests.
  • Gamification: Achievements, rank points, and current streaks.
  • Contact Discovery (Optional): If you choose to find friends via contacts, we process hashed identifiers (SHA256) of email addresses/phone numbers on your device. We do not store your raw contact list. This feature is optional.

2.5 Usage and Device Data ("Product Interaction")

  • Device Identifiers: We collect device tokens for push notifications (if enabled).
  • Usage Data: We collect anonymous data regarding app performance, crash reports, and interaction with app features to improve stability and user experience. This includes crash logs via Firebase Crashlytics and performance monitoring via Sentry.

2.6 AI Plan Generation (Optional)

If you use our AI Workout Plan Generator:

  • Inputs: We send your specific request (goal, experience level, available equipment, and preferences) to Google Gemini to generate a workout routine.
  • Privacy: We do not share your workout history, health data, or personally identifiable information (PII) with Google Gemini. The AI processes only the inputs strictly necessary to generate the plan.

2.7 Health Data (Apple HealthKit)

You may optionally choose to connect Gainsly with Apple Health.

  • Read Access: With your permission, we read body mass, height, date of birth, and biological sex to improve calorie calculations and pre-fill your profile.
  • Write Access: With your permission, we save completed workouts (calories burned, duration) and body weight data to Apple Health.

Strict Limitation on Health Data Usage:
In accordance with Apple’s review guidelines, we do not use information gained through the use of the HealthKit API for advertising, marketing, or similar services. We do not disclose HealthKit data to third parties for data mining or advertising purposes. Health data is shared with third parties only if necessary for medical research (with your explicit consent) or as part of the core app functionality (e.g., syncing your data to our secure cloud for backup), and never for commercial exploitation.

3. Where Your Data Is Stored

LocationWhat is Stored
Your DeviceLocal database containing your profile, workouts, settings, and cached data for offline use. HealthKit data resides on your device unless you explicitly sync it to our cloud.
Our Cloud (AWS)Secure PostgreSQL database hosting your account, profile, workouts, social connections, and backups.
Third PartiesFirebase (Google): Authentication & Crashlytics.
Google Gemini: AI plan generation inputs (transient).
Sentry: Error tracking (PII stripped by default).

4. How We Use Your Information

We use your data to:

  1. Provide the Service: Create accounts, sync data across devices, and log workouts.
  2. Personalize Experience: Tailor workout plans and calculate fitness metrics based on your profile.
  3. Social Features: Display leaderboards and activity feeds based on your privacy settings.
  4. Improve the App: Analyze crash reports and usage patterns to fix bugs and enhance performance.
  5. Communications: Send push notifications (e.g., "Friend Request Received") if enabled.

We do not sell your personal data to third parties.

5. Data Sharing and Third Parties

We share data only with the service providers necessary to run the app:

  • Amazon Web Services (AWS): Cloud hosting and database storage.
  • Google Firebase: User authentication and crash reporting.
  • Google Gemini: AI generation (only if you use the feature).
  • Sentry: Backend performance monitoring.

We may disclose data if required by law, such as to comply with a subpoena or similar legal process.

6. Security

We take reasonable measures to protect your data:

  • Encryption: Data is encrypted in transit (HTTPS) and at rest in our database.
  • Access Control: Strict row-level security policies ensure users can only access their own data or data shared explicitly by friends.
  • Authentication: We use secure tokens via Firebase Authentication to verify your identity.

7. Your Choices and Deletion

  • Privacy Controls: You can adjust visibility settings for your profile, workouts, and leaderboards directly in the app.
  • Apple Health: You can revoke HealthKit permissions at any time in your iPhone’s Settings app.
  • Push Notifications: You can disable notifications in the app or iOS settings.
  • Account Deletion: You may delete your account and all associated data at any time.
  • How to delete: Go to Settings > Account > Delete Account inside the app.
  • What happens: This action permanently removes your profile, workouts, images, and history from our servers. This process is irreversible.

8. Children’s Privacy

Gainsly is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it.

9. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this page periodically for any changes.

10. Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at:

Email: support@gainsly.app