1. Introduction
GymJam ("we", "our", or "us") operates the GymJam mobile application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our app.
By using GymJam, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
Account Information: When you create an account, we collect your name, email address, and authentication credentials through Apple Sign-In or Google Sign-In. We do not store your password.
Profile Information: You may optionally provide a username, profile photo, and fitness-related details such as your body weight, experience level, primary goals, training preferences, equipment access, and injury information.
Workout Data: We collect data you enter during workouts, including exercises performed, sets, reps, weights, workout duration, and session feedback (effort level, energy, pain).
Health Data: With your explicit permission, we access Apple HealthKit to read and write workout data (calories burned, workout duration, activity type). We never sell HealthKit data or use it for advertising.
Community Content: Posts, comments, likes, and follow relationships you create within the app.
Usage Data: We collect analytics events such as screens viewed, features used, and session duration to improve the app experience.
Device Information: Device type, operating system version, and push notification tokens for delivering notifications.
3. How We Use Your Information
- Provide and personalize the GymJam service, including AI-generated training plans and coach recommendations
- Track your workout progress and generate performance insights
- Enable social features (community feed, follows, comments)
- Send push notifications for relevant activity (new followers, likes, comments)
- Improve and optimize the app based on usage patterns
- Provide customer support
4. AI Features
GymJam uses OpenAI to power AI coach chat, training plan generation, and workout suggestions. Your fitness profile (goals, experience, equipment, injuries) and recent workout history may be sent to OpenAI to generate personalized responses. We do not send your name, email, or other personally identifying information to OpenAI.
5. Data Sharing
We do not sell, trade, or rent your personal information to third parties. We share data only with:
- Supabase: Authentication and database hosting
- OpenAI: AI-powered features (anonymized fitness data only)
- Firebase: Push notifications and analytics
- Apple: HealthKit data sync (stays on-device and in iCloud per Apple's policies)
6. Data Storage and Security
Your data is stored securely on Supabase-hosted PostgreSQL databases with encryption at rest and in transit (TLS). Authentication uses industry-standard JWT tokens validated via JWKS. We implement row-level security policies to ensure users can only access their own data.
7. Your Rights
You have the right to:
- Access your personal data through the app
- Update your profile and fitness information at any time
- Delete your account and all associated data by contacting us
- Revoke HealthKit permissions through your device Settings
- Opt out of push notifications through your device Settings
8. Data Retention
We retain your data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days. Anonymized, aggregated data may be retained for analytics purposes.
9. Children's Privacy
GymJam is not intended for children under 17. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the app after changes constitutes acceptance of the revised policy.
11. Contact Us
If you have questions about this Privacy Policy or your data, contact us at: