Privacy Policy

Effective date: March 30, 2026

Your Privacy Preferences

Manage how PurGrit uses your data. Changes take effect immediately.

Essential CookiesAlways On

Required for login, session management, and app functionality. Cannot be disabled.

Analytics

Helps us understand how features are used so we can improve the app. Data is pseudonymised.

Marketing Communications

Receive tips, new feature announcements, and promotional offers via email.

PurGrit (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy describes what personal data we collect, how we use it, who we share it with, and the rights you have regarding your information.

1. Data We Collect

Account Information

When you create an account we collect your email address, display name, and (if using social login) your Google or Apple account identifier. We do not store your Google or Apple password.

Workout and Performance Data

We collect the workout sessions you log, including exercise selections, sets, reps, weights, rest periods, and workout duration. This data is used to power progress tracking, personal records, and AI coaching recommendations.

Body Metrics

If you choose to enter them, we collect bodyweight, height, and other body composition metrics you voluntarily provide. This information is stored in your profile and never shared with advertisers.

Health Connect / Apple Health Data

On Android, with your explicit permission, PurGrit may read from and write to Android Health Connect (heart rate, steps, active calories). On iOS, similar permissions apply via HealthKit. You may revoke these permissions at any time through your device settings. Health data is processed on-device and is never uploaded to our servers without your explicit action.

Device and Usage Information

We automatically collect device type, operating system version, app version, IP address (truncated), session duration, and feature interaction events for the purpose of diagnosing issues and improving the Service.

User-Generated Content

Form-check videos, progress photos, challenge posts, and other content you voluntarily submit are stored in association with your account and, where you choose to share publicly, displayed to other users.

2. How We Use Your Data

Provide, maintain, and improve the Service;
Personalize your workout recommendations and AI coaching feedback;
Track your progress, calculate personal records, and display insights;
Process subscription payments and manage your account;
Send transactional emails (account verification, password reset, receipts);
Send promotional communications where you have opted in;
Detect, investigate, and prevent fraud, abuse, and security incidents;
Comply with applicable legal obligations.

We do not sell your personal data to third parties. We do not use your health or body metrics data for advertising purposes.

3. Data Storage and Security

Your data is stored in Supabase (a managed PostgreSQL service) on servers located in the United States. Supabase implements encryption at rest (AES-256) and in transit (TLS 1.2+). Workout data you have not synced remains on your device only.

We implement appropriate technical and organisational security measures, including access controls, audit logging, and periodic security reviews. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

We retain your personal data for as long as your account is active or as needed to provide the Service. You may request deletion at any time (see Section 6).

4. Third-Party Services

Service	Purpose	Data Shared
Supabase	Database & Auth	Account, workout data
Google OAuth	Social login	Email, display name
Apple Sign In	Social login	Email (relayed or real)
Android Health Connect	Health data sync	Read/write on device only
Stripe	Payment processing	Billing details (PCI-compliant)
Analytics Provider (TBD)	Product analytics	Pseudonymous usage events
Error Monitoring (TBD)	Crash reporting	Anonymised stack traces

All third-party processors are contractually bound to process your data only on our behalf and in accordance with applicable privacy law.

5. Cookies and Tracking

We use essential cookies and localStorage tokens to maintain your session and preferences (theme, consent state). We do not use third-party advertising cookies. Where analytics cookies are used, they are only set after you grant consent (see the preference panel above).

6. Your Rights

Depending on your jurisdiction you may have the following rights:

Access: Request a copy of all personal data we hold about you.
Rectification: Correct inaccurate or incomplete data.
Erasure: Request deletion of your account and all associated personal data.
Portability: Export your workout history and profile data in a machine-readable format (JSON/CSV) from Account → Settings → Export Data.
Restriction: Ask us to stop processing your data in certain circumstances.
Objection: Object to processing based on legitimate interests.
Withdraw consent: Revoke consent for analytics or marketing at any time using the toggles above.

To exercise any of these rights, email contact@purgrit.app. We will respond within 30 days. For account deletion, you may also go to Account → Settings → Delete Account.

7. GDPR (European Users)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your data under the following legal bases:

Contract performance — to provide the Service you signed up for;
Legitimate interests — security monitoring, fraud prevention, and product improvement (always balanced against your rights);
Consent — analytics tracking and marketing communications (revocable at any time);
Legal obligation — where required by law.

You have the right to lodge a complaint with your local data protection authority (e.g., the ICO in the UK, or your national DPA in the EEA).

8. CCPA (California Users)

California residents have the right to know what personal information we collect and how it is used, to request deletion, to opt out of the sale of personal information (we do not sell personal information), and to non-discrimination for exercising their rights.

To submit a verifiable consumer request, contact us at contact@purgrit.app.

9. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or an in-app banner. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

11. Contact

Questions, requests, or concerns about this Privacy Policy:

PurGrit Privacy
contact@purgrit.app

← Back to PurGrit