Privacy Policy

1. Introduction

Welcome to Trainix ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience while using our mobile application and services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using Trainix, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide to Us

• Account Information: When you create an account, we collect your email address, display name, and password (stored securely using industry-standard hashing).
• Profile Information: Height, weight, gender, training goals, experience level, and other fitness-related information you choose to provide.
• Workout Data: Exercises performed, sets, reps, weights, rest periods, workout notes, and training history.
• Nutrition Data: Food logs, meal plans, macro targets, and nutritional information you enter or scan.
• Social Information: If you use social features, we collect information you share, such as workout posts, PRs, and friend connections.
• Communication Data: Messages you send through the app, feedback, support requests, and any other communications with us.

2.2 Automatically Collected Information

• Usage Data: How you interact with the Service, features used, time spent, pages viewed, and navigation patterns.
• Device Information: Device type, operating system, unique device identifiers, mobile network information, and device settings.
• Log Data: IP address, browser type, access times, app crashes, and performance data to help us improve the Service.
• Location Data: With your permission, we may collect location data for features like gym check-ins or location-based recommendations. You can disable location services at any time.

2.3 Third-Party Integrations

When you connect third-party services to Trainix, we may receive information from those services:

• Garmin Connect: If you connect your Garmin account, we receive workout data, heart rate, steps, sleep data, and other fitness metrics you authorize us to access.
• Strava: If you connect Strava, we receive activity data, routes, performance metrics, and other information you choose to share.
• Apple Health: If you grant permission, we may access health and fitness data from Apple HealthKit, including workouts, heart rate, and other metrics.
• Google Fit: Similar to Apple Health, we may access fitness data from Google Fit if you grant permission.
• Payment Processors: When you make purchases, payment information is processed by third-party payment processors (Stripe, Apple, Google). We do not store your full payment card details.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide, maintain, and improve the Service, including AI workout generation, progress tracking, and personalized recommendations.
• Account Management: To create and manage your account, authenticate users, and provide customer support.
• Personalization: To customize your experience, generate personalized workout plans, and provide relevant content and recommendations.
• Analytics and Improvement: To analyze usage patterns, identify trends, fix bugs, and improve app performance and user experience.
• Communication: To send you important updates, service notifications, respond to your inquiries, and provide customer support.
• Marketing: With your consent, to send you promotional communications about new features, updates, and special offers. You can opt out at any time.
• Safety and Security: To detect, prevent, and address fraud, security issues, and other harmful activities.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and enforce our Terms of Service.

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

4.1 Service Providers

We work with trusted third-party service providers who help us operate the Service:

• Cloud Hosting: Supabase (database and authentication services)
• AI Services: OpenAI (for AI workout generation and coaching features)
• Analytics: Service providers that help us understand app usage and performance
• Payment Processing: Stripe, Apple, and Google for payment processing

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Social Features

If you use social features, certain information may be visible to other users:

• Public profile information (display name, profile picture if you choose to add one)
• Workouts and PRs you choose to share
• Progress comparisons and leaderboard rankings (if you participate)

You can control what information is shared through your privacy settings.

4.3 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to:

• Comply with legal obligations
• Protect and defend our rights or property
• Prevent or investigate possible wrongdoing
• Protect the personal safety of users or the public
• Protect against legal liability

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: Data in transit is encrypted using TLS/SSL. Sensitive data at rest is encrypted.
• Authentication: Secure authentication systems with password hashing and optional two-factor authentication.
• Access Controls: Limited access to personal information on a need-to-know basis.
• Regular Security Audits: We regularly review and update our security practices.
• Secure Infrastructure: Our services are hosted on secure, reputable cloud platforms with robust security measures.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

6. Your Rights and Choices

You have the following rights regarding your personal information:

6.1 Access and Portability

You can access, view, and download your data at any time through the app settings. You can also request a copy of your data in a machine-readable format.

6.2 Correction and Updates

You can update or correct your personal information at any time through your account settings.

6.3 Deletion

You can delete your account and all associated data at any time through the app settings. Deletion is permanent and cannot be undone. Some information may be retained as required by law or for legitimate business purposes.

6.4 Opt-Out

You can opt out of marketing communications at any time by:

• Using the unsubscribe link in marketing emails
• Adjusting your notification preferences in app settings
• Contacting us directly

6.5 Third-Party Integrations

You can disconnect third-party integrations (Garmin, Strava, etc.) at any time through your account settings. Disconnecting will stop data sharing but will not delete previously synced data.

6.6 Location Data

You can disable location services through your device settings. Some features may not work without location data.

7. Children's Privacy

Trainix is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

For users between 13 and 18, we recommend that parents or guardians review and approve their use of the Service.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using the Service, you consent to the transfer of your information to these countries.

We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy, regardless of where it is processed.

9. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal, regulatory, or legitimate business purposes (such as preventing fraud, resolving disputes, or enforcing agreements).

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You can request information about the categories and specific pieces of personal information we collect, use, and disclose.
• Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
• Right to Opt-Out: You can opt out of the sale of personal information (we do not sell personal information).
• Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right of Access: You can request a copy of your personal data.
• Right to Rectification: You can request correction of inaccurate or incomplete data.
• Right to Erasure: You can request deletion of your personal data ("right to be forgotten").
• Right to Restrict Processing: You can request that we limit how we use your data.
• Right to Data Portability: You can request your data in a structured, machine-readable format.
• Right to Object: You can object to processing of your personal data for certain purposes.
• Right to Withdraw Consent: Where processing is based on consent, you can withdraw consent at any time.

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated Privacy Policy in the app
• Sending you an email notification (if you have provided an email address)
• Displaying a prominent notice in the app

The "Last updated" date at the top of this Privacy Policy indicates when it was last revised. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within a reasonable timeframe and in accordance with applicable law.

14. Third-Party Services

Our Service may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services you use, including:

• Garmin Connect: Garmin Privacy Policy
• Strava: Strava Privacy Policy
• Apple: Apple Privacy Policy
• Google: Google Privacy Policy
• Stripe: Stripe Privacy Policy

15. Consent

By using Trainix, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree with any part of this Privacy Policy, please do not use our Service.