Privacy Policy
Last updated: February 6, 2026
SpaceGYM Workout Tracker (“SpaceGym”, “we”, “our”, or “us”) respects your privacy. This Privacy Policy explains what information we collect, how we use it, and the choices available to you when you use our mobile application and related services.
If you do not agree with this Privacy Policy, please do not use SpaceGym.
1. Scope
This Privacy Policy applies to the SpaceGYM mobile app (iOS and Android), including in-app features such as workout logging, wearables integrations, reminders/notifications, backups, and optional cloud sync.
2. Information We Collect
A. Account and Identity Data
When you create or use an account, we may collect:
- Name
- Email address
- Authentication/session identifiers
B. Profile and Fitness Data
You may provide and we may store:
- Profile details (for example, birth date, sex, location/country, goals)
- Body measurements and training preferences (units, settings)
- Program and workout data (custom programs, exercises, sets, logs, notes, reminders, notifications)
- Session summaries (including workout completion metrics)
C. Health and Wearables Data (Permission-Based)
If you grant permission, we may read:
- Heart rate
- Steps
- Distance/activity metrics
Sources can include Apple Health, Health Connect, and Google Fit, depending on platform and your configuration.
D. Media Data (Optional, On-Device Only)
If you use Personal Studio features, photos and notes are stored locally on your device. SpaceGym does not upload or sync Personal Studio media to our servers.
E. Device, Diagnostics, and Telemetry Data
We may collect operational data such as:
- Device install identifier
- Platform and app version/build info
- App diagnostics, crash data, and event telemetry
- Sync state and error metadata (for reliability/debugging)
F. Backup Data
If you export/import backups, your app state may be written to/read from JSON files under your control.
3. How We Use Information
We use collected information to:
- Provide core app functionality (workouts, programs, reminders, progress tracking)
- Sync your data across devices/accounts (when account sync is enabled)
- Integrate wearables and health metrics you authorize
- Improve reliability, performance, and product quality
- Troubleshoot crashes/errors and monitor service health
- Communicate in-app product announcements and guidance
4. Permissions We Request
Depending on platform/features used, SpaceGym may request access to:
- Health data permissions (heart rate, steps, distance)
- Notifications (rest timer and workout reminders)
- Camera and/or photo library (Personal Studio capture/import)
- Activity/body sensor permissions on Android where required
You can revoke these permissions in your device settings at any time.
5. Legal Bases (Where Applicable)
Depending on your region, we process personal data under one or more legal bases:
- Performance of a contract (providing app functionality)
- Your consent (for example, health permissions, notifications, optional features)
- Legitimate interests (security, diagnostics, fraud prevention, product reliability)
- Compliance with legal obligations
6. Data Sharing and Service Providers
We do not sell your personal data.
We may share data with trusted processors that help us operate SpaceGym, including:
- Supabase (authentication, database/sync, backend infrastructure)
- Sentry (crash/error monitoring)
- Platform services (Apple/Google/Expo components needed for app delivery and runtime operations)
These providers process data under their own terms and privacy commitments.
7. Data Retention
We retain data for as long as needed to provide the service and for legitimate operational/legal purposes, including:
- While your account is active
- Until data is deleted by you or upon valid deletion request
- As required for security, audit, dispute resolution, and legal compliance
Backup files you export are controlled by you.
8. Security
We use reasonable technical and organizational safeguards. Examples include:
- Authentication/session handling through managed auth services
- Secure OS-provided storage for sensitive auth tokens
- Access controls in backend systems
No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
9. International Data Transfers
Your information may be processed in countries other than your own where our providers operate. We take reasonable steps to protect data in cross-border processing contexts.
10. Your Rights
Depending on your location, you may have rights to:
- Access your personal data
- Correct inaccurate data
- Request deletion
- Object to or restrict certain processing
- Data portability (where applicable)
To make a request, contact: support@picknick.dev
11. Children
SpaceGym is not directed to children under 13 (or equivalent minimum age in your jurisdiction). If you believe a child has provided personal data, contact us and we will take appropriate action.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will post the updated version with a new “Last updated” date. Continued use of SpaceGym after updates means you accept the revised policy.
13. Contact
For privacy questions or requests, contact:
support@picknick.dev