Privacy Policy

Last updated: September 13, 2025

This Privacy Policy explains how [Company/Developer Name] (“we”, “us”, “our”) collects, uses, and shares information when you use Barbellry (the “App”).

We built Barbellry to track workouts and progress. We do not run third-party ads, do not use advertising/marketing trackers, and do not sell or “share” your personal information for cross-context behavioral advertising.

If you have questions, contact us at [support email] and [postal address].

1) Information We Collect

a) Account & Contact Information

• Email address and username (for account creation, login, and communication).
• Credentials: we store your password hashed (never in plain text).

b) Fitness & App Content You Provide

• Workout programs, exercise logs (e.g., sets, reps, weight, duration), goals, and completion history.

c) Device & Diagnostics (Crash/Performance)

We use Sentry to help us find and fix crashes. Sentry may receive: crash logs/stack traces, device/OS/app version, and event breadcrumbs. We do not send Sentry your email or user ID unless noted here (we don’t). You can configure Sentry to scrub PII; we have scrubbing enabled. Sentry Docs

We do not collect: payment info (purchases happen outside the app), contacts, precise location, photos/videos/audio, or advertising identifiers for tracking.

2) How We Use Information

• Provide & improve the App (create accounts, save workouts, show stats, restore data across devices).
• Support & communications (respond to support requests, important service updates).
• Diagnostics & quality (crash/performance monitoring via Sentry). Sentry Docs
• Security & fraud prevention (detect abuse, protect accounts).

3) Legal Bases (EEA/UK only)

Where GDPR applies, we process:

• Contract (Art. 6(1)(b)): to provide the App and its core features.
• Legitimate interests (Art. 6(1)(f)): diagnostics, security, and product improvement (balanced against your rights).
• Consent (Art. 6(1)(a)): where required. You can withdraw consent at any time. See Your Rights below. GDPR

4) Sharing & Disclosure

Service Providers (Processors): We use carefully selected vendors to operate the App. Today, that’s Sentry for crash/performance monitoring. Sentry documentation describes what may be collected and how data scrubbing works. We send the minimum necessary and do not attach user emails/IDs to Sentry events. Sentry Docs

Legal, safety, and compliance: We may disclose information to comply with law, enforce terms, or protect rights, safety, and security.

No sale or “sharing” for cross-context behavioral advertising (CPRA). California Privacy Protection Agency

5) Data Retention

Account & fitness data: kept while your account is active. If you delete your account, we delete or irreversibly anonymize your personal data subject to legal/operational requirements (e.g., fraud prevention, dispute resolution).

Diagnostics (SaaS Sentry): retained by Sentry for a limited, plan-dependent window (historically up to ~90 days; some data types moving to ~30 days on select plans in late 2025). Retention is configurable per plan/workspace. Sentry Help Center

6) Security

We use technical and organizational measures appropriate to the risk (encryption in transit, hashed passwords, access controls). No method of transmission or storage is 100% secure.

7) Your Privacy Rights

EEA/UK (GDPR): right of access, rectification, erasure, restriction, portability, and objection; and the right to lodge a complaint with your supervisory authority. GDPR

California (CCPA/CPRA): right to know, delete, correct, and limit certain uses of sensitive data, plus the right to opt-out of sale/share (not applicable here because we don’t sell/share). You won’t be discriminated against for exercising these rights. California Attorney General

Emerging U.S. consumer health data laws: some states (e.g., Washington’s My Health My Data Act and Nevada’s SB 370) impose additional transparency and consent requirements for consumer health data (which can include fitness data). We align our practices with those obligations where applicable. Washington State Legislature

How to exercise your rights: email [support email]. We may need to verify your identity and jurisdiction.

8) International Transfers

If we transfer data internationally (e.g., to service providers), we rely on appropriate safeguards (such as standard contractual clauses) and implement additional measures where needed.

9) Children’s Privacy

The App is not directed to children under 13 and we do not knowingly collect personal information from them. If you believe a child has provided personal information, contact us and we will delete it. See the U.S. COPPA rule for more about children’s privacy. Federal Trade Commission

10) Changes to This Policy

We may update this Policy. We’ll post the new version with a new “Last updated” date and, where required, notify you.

11) Contact Us

Barbellry Developer Team
Contact Support
DPO/Privacy Contact (if applicable): Barbellry Privacy Team