Privacy Policy

Fituner is built on the idea that your fitness data belongs to you. This policy explains what we collect, why we collect it, and how you can control it. We keep it plain English on purpose.

1. What we collect

When you create an account we collect your email address and a hashed password. During onboarding you provide fitness preferences (goals, equipment, injuries, schedule) so we can generate personalised workouts. Every set you log — exercise name, reps, weight — is stored and used to improve future workout suggestions.

We also collect standard usage data: page views, feature interactions, and performance metrics. This is aggregated and not tied to individual workout logs.

2. How we use it

Your profile and workout history are sent to the AI model that generates your daily session. No third party retains this data after the generation call completes. Your logs are used to build streak counts, volume history, and the muscle-group balance that shapes future workouts — nothing else.

We do not sell your data. We do not use it for advertising. We do not share it with any party that would use it to profile or target you.

3. Cookies and local storage

We use a session cookie to keep you signed in. Today's generated workout is cached in your browser's local storage so the app works offline and survives tab close — it expires automatically the next day. We use PostHog for product analytics; you can opt out at any time via your preferences.

4. Data retention

Your account and all associated workout logs are kept for as long as your account is active. If you delete your account, all personal data is permanently removed within 30 days. Aggregated, anonymised statistics may be retained for product improvement.

5. Your rights

You can export all your workout logs from the History page at any time. You can delete your account and all associated data from your preferences. If you are in the EU or UK, you have additional rights under GDPR including access, rectification, and portability. Contact us at privacy@fituner.com and we will respond within 30 days.

6. Security

Passwords are hashed before storage. All data is transmitted over HTTPS. Our database is hosted on infrastructure with encryption at rest. We conduct regular security reviews and follow responsible disclosure practices.

7. Changes to this policy

If we make material changes we will notify you by email or by a banner in the app at least 14 days before they take effect. The “last updated” date at the top of this page always reflects the current version.

8. Contact

Questions about this policy? Reach us at privacy@fituner.com. We are a small team and we read every message.