Privacy Policy
Last updated: 20 April 2026
This Privacy Policy explains how GYM: GETTING YOU MOVING collects, uses, and stores your personal data. We take your privacy seriously and are committed to keeping your data secure.
1. Who We Are
GYM: GETTING YOU MOVING is operated by the app owner. For data-related enquiries, please use the feedback section within the app.
2. Data We Collect & Why
The following data is collected when you use the app:
Sex, age & fitness level
Collected at onboarding to personalise AI training plans and workout recommendations.
Device ID
A unique identifier linked to your account, used to store and sync your data across sessions.
Workout logs
Exercise name, weight, sets, reps, rest periods, and date — stored to track your progress and generate AI training plans.
Cardio logs
Distance, duration, pace, and heart rate — stored to power the AI Pace Maker and generate personalised cardio plans.
Class logs
Class name, duration, and heart rate timeline — stored to enable performance review and heart rate comparison between sessions.
Walk logs & step count
Daily step data, walk distance, and duration — stored to power the step counter, consistency score, and predictive catch-up feature.
GPS route data
Stored only when you choose to save a route for the AI Pace Maker ghost racer feature. Location is not tracked continuously or in the background.
Smart Notes
Injury flags and fatigue notes you enter — stored so the AI can safely adjust future workout recommendations based on your physical condition.
Push notification token
Used only to send workout reminders and milestone celebration notifications. Never used for marketing.
PT enquiry messages
Messages sent through the Personal Training chat — stored so the app owner can vet and respond to your enquiry.
Anonymised lift data
Exercise name, weight lifted, sex, and age bracket — used in aggregate only to build average strength benchmarks across the user base. This data is never linked back to an individual user, never sold, and never shared with third parties.
3. Where Your Data Is Stored
- All data is stored securely in Supabase, a cloud database hosted in the EU, and locally on your device via encrypted AsyncStorage.
- Your data is never sold to third parties under any circumstances.
- No advertising data is collected, tracked, or shared.
- We do not use cookies or third-party tracking SDKs.
4. Data Sharing
We do not share your personal data with any third parties except as strictly necessary to operate the app (e.g. the Supabase database provider, who processes data under a Data Processing Agreement). No data is shared for marketing, advertising, or analytics purposes.
5. Data Retention & Account Deletion
Your data is retained only for as long as it is necessary to provide the app's features. You can delete your account and all associated data at any time from within the app: Profile → Delete Account. On confirmation, your account, workout history, shared logs, game records, and social connections are permanently removed.
6. Your Rights (UK GDPR)
If you are located in the UK or European Union, you have the following rights regarding your personal data:
- Right of access — you can request a copy of the data we hold about you.
- Right to rectification — you can ask us to correct inaccurate data.
- Right to erasure — you can request that we delete all your data (or use the in-app Delete Account option).
- Right to restriction — you can ask us to limit how we use your data.
- Right to portability — you can request your data in a portable format.
To exercise any of these rights, contact us via the Feedback section within the app. We will respond within 30 days.
7. Children's Privacy
This app is not intended for use by anyone under the age of 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
8. Security
We take reasonable technical and organisational measures to protect your data against unauthorised access, loss, or misuse. All data in transit is encrypted using HTTPS/TLS.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via the app. Continued use of the app after a change constitutes acceptance of the updated policy.
10. Compliance
This app complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
11. Contact
For any privacy-related questions or to exercise your rights, please contact us through the feedback section within the app.