1. Who We Are
workoutOS is provided by forresTech ("workoutOS", "we", "us", "our"). This policy applies to the workoutOS mobile app, website, APIs, and related services.
Contact: aiden@forres.tech
2. Data We Collect
| Category | Examples | Source |
|---|---|---|
| Account and identity data | Email address, authentication metadata, account timestamps | You |
| Profile and preference data | Name, age, weight, fitness goal, theme preference, rest timer settings, weight unit | You |
| Training and workout data | Workout templates, exercises, sets, reps, weight, RPE, timed sessions, workout logs, personal records | You |
| Training plan data | Calendar entries, training blocks, session schedules, plan structure and progression | You and AI-generated |
| AI interaction data | Coaching prompts, AI-generated plans and adjustments, action batches, coach memory (injuries, preferences, equipment, notes) | You and generated by workoutOS |
| Device data | Device identifiers, device type, last seen timestamps | Your device |
| Subscription and billing status | Premium status, expiration date, RevenueCat app user ID, entitlement state | Apple billing and RevenueCat |
| Support and operational data | Error logs, task diagnostics, feedback submissions | System generated and you |
3. How We Use Data
- Authenticate your account and deliver the core workoutOS experience.
- Provide training features including plan creation, workout tracking, calendar management, and progress views.
- Generate AI-powered coaching, plan adjustments, and personalised training suggestions.
- Sync and validate subscription status for premium access.
- Deliver notifications such as session reminders and plan updates.
- Support data export/deletion requests and meet legal obligations.
- Monitor reliability, prevent abuse, and improve app quality and safety.
4. Legal Bases for Processing (EEA/UK)
- Contract: to provide workoutOS features you request.
- Legitimate interests: security, fraud prevention, service reliability, product improvement.
- Consent: device-level permissions such as push notifications.
- Legal obligations: compliance with applicable laws and law-enforcement requests.
5. Sharing and Service Providers
We do not sell personal data and do not share personal data for cross-context behavioural advertising.
We share data only when needed to provide the service, including with:
- Apple for authentication and push notification delivery.
- RevenueCat for subscription entitlement and webhook/sync processing.
- AI providers used by workoutOS to process coaching prompts and generate training plans.
- Hosting and storage providers used to run workoutOS infrastructure and store files.
- Email service providers for transactional and operational emails.
We may also disclose data if required by law, legal process, or to protect safety, rights, or security.
6. Data Retention
We keep data only as long as needed for the purposes above, then delete or de-identify it.
| Data Type | Typical Retention |
|---|---|
| AI job records and action batches | 90 days |
| Feedback submissions | Until resolved, or 1 year |
| Data export files | 24 hours for file availability |
| Account, workouts, training data, and preferences | Until account deletion or earlier if no longer required |
7. International Transfers
Your data may be processed in countries other than where you live, depending on service-provider infrastructure. Where required, we use appropriate safeguards for international transfers.
8. Your Controls and Rights
In-app controls
- Update profile and preference fields in your account.
- Disable push notifications in app settings and your device settings.
- Delete your account in-app (this removes associated account data from workoutOS systems, subject to limited operational retention).
Data rights requests
- Access and portability: request or export your data.
- Deletion: delete your account in-app or contact us for help.
- Correction: update inaccurate profile data in-app or contact support.
- Objection/restriction: where applicable, request limits on certain processing.
- California and similar laws: you may request disclosure, deletion, and correction, and we do not sell personal data.
To exercise rights, contact aiden@forres.tech. We may need to verify your identity before completing requests.
9. Security
We use technical and organisational safeguards designed to protect personal data. No system is completely secure, and we cannot guarantee absolute security.
10. Children's Privacy
workoutOS is not intended for children under 13. If you believe a child under 13 has provided personal data, contact us and we will take appropriate steps.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will post updates here with a revised effective date. Your continued use of workoutOS after updates means you accept the revised policy.
12. Contact and Complaints
For privacy questions or complaints, email aiden@forres.tech. If you are in the UK/EEA, you may also contact your local data protection authority.