1. Introduction
Welcome to Gymler ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").
We respect your privacy and process personal data in accordance with the laws of Ukraine and the General Data Protection Regulation (GDPR).
Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
2.1 Account Information
When you create an account or use our Service, you may provide us with:
- Name or nickname
- Email address (if you register or sign in)
- Profile settings (gender, age, weight, etc.)
2.2 Training and Activity Data
We collect fitness-related information including:
- Logged workouts, exercises, repetitions, weights, and progress history
- Personal training plans and notes
- Workout duration, calories, and other metrics
2.3 Technical Information
When you use our Service, we may automatically collect:
- Device type, OS version, and app version
- IP address and approximate location
- Crash logs and analytics via Firebase
2.4 Payment Information
All payments are handled by Apple In-App Purchases. We do not store or have access to your payment details.
3. How We Use Your Information
We use the information we collect to:
- Provide app functionality (log workouts, track progress)
- Sync your data across devices
- Improve performance and user experience
- Send notifications and updates (with your consent)
- Analyze anonymized data to enhance the app
- Enable social features (following, sharing achievements)
- Respond to your comments and questions
- Detect and prevent fraud or abuse
4. Data Sharing and Disclosure
We do not sell your personal information. We may share your information in the following circumstances:
- With your consent: When you explicitly agree to share information
- Social features: Your public profile and achievements may be visible to other users you follow or who follow you
- Service providers: Third-party companies that help us provide our Service (hosting, analytics)
- Legal requirements: When required by law or to protect our rights
5. Data Storage and Security
We implement appropriate technical and organizational measures to protect your personal information:
- Backend and databases hosted on Hetzner Cloud (Germany) — GDPR compliant
- Media (photos/videos) delivered through Cloudflare (EU)
- All communication uses HTTPS/TLS encryption
- Data protected with authentication, encryption, and limited access controls
- Regular security assessments
However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.
6. Third-Party Services
We use the following third-party services to provide and improve our Service:
| Service | Purpose | Location | Compliance |
|---|---|---|---|
| Firebase (Google LLC) | Analytics, crash reporting | EU | GDPR compliant |
| Apple | Payments and subscriptions | EU | GDPR compliant |
| Hetzner Cloud | Backend hosting | Germany | GDPR compliant |
| Cloudflare | Media CDN | EU | GDPR compliant |
7. Cookies and Local Storage
Gymler is a mobile application and does not use browser cookies. However, we may use the following technologies:
- Local Storage: We store your authentication token and preferences securely on your device using encrypted storage
- Firebase SDK: May use device identifiers for analytics and crash reporting purposes
- Session Data: Temporary data to maintain your logged-in state
You can clear this data by logging out of the app or uninstalling it from your device.
8. Data Retention
We store data as long as your account is active or as required by law.
When you delete your account, all data is permanently removed within 30 days.
You can delete your account directly in the app via: Profile → Delete Account.
If you experience any issues, you may also contact us at support@gymler.app.
9. Your Rights (GDPR)
Under GDPR, you have the following rights regarding your personal information:
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your personal data
- Portability: Receive your data in a portable format
- Withdrawal: Withdraw consent for data processing at any time
- Complaint: File a complaint with your local data protection authority
To exercise these rights, please contact us at support@gymler.app.
10. Children's Privacy
Gymler is intended for users aged 16 and older (or the minimum age required by local law). We do not knowingly collect personal information from children under this age. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.
11. International Data Transfers
Your information may be processed within the European Union or other jurisdictions where our service providers operate, in compliance with GDPR. We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection requirements.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.
13. Contact Us
Data Controller:
PE Stepan Savka
Ukraine, Lviv
If you have any questions about this Privacy Policy or our data practices, please contact us:
- Email: support@gymler.app
- Support: gymler.app/support