Privacy Policy

Effective date: 10 March 2026

WodStrat ("we", "our", "us") is a functional fitness workout strategy platform. This policy explains what data we collect, how we use it, and your rights.

1. Data We Collect

When you use WodStrat, we collect:

• Google account information — email address, display name, and profile photo (provided by Google when you sign in)
• Athlete profile — name, date of birth, gender, height, weight, experience level, and training goals (entered by you)
• Workout data — workout descriptions you enter for AI analysis
• Workout results — scores, post-workout feedback answers, and AI-generated performance reports
• Workout images — photos you upload for AI-powered text extraction (OCR). Images are processed in-memory and are not permanently stored on our servers
• Benchmark results — personal fitness performance records you log, including historical entries
• Skill progression data — unlocked skills, progression levels, and step completions across skill categories (Pulling, Pushing, Gymnastics, Olympic Lifting, Cardio)
• AI skill plan data — self-reported assessments (reps, weights, notes), time commitments, and AI-generated training plans
• Gamification data — earned badges, workout streaks, and experience points
• My Hub coaching data — AI-generated fitness analysis, daily programmes, objectives, and recovery insights
• Subscription data — your subscription tier and status (managed by RevenueCat; we do not store payment card details)
• Usage counters — daily AI request counts for rate limiting

2. How We Use Your Data

• App functionality — to display your profile, track benchmarks, manage skill progressions, and record workout results
• AI strategy generation — your workout text and athlete profile context (experience level, gender, weight — no name or email) are sent to Google Gemini to generate personalised workout strategies
• AI coaching (My Hub) — your benchmarks, workout history, skill progress, and profile context are sent to Google Gemini to generate daily fitness analysis and training programmes
• AI skill plans — your self-reported assessment and skill progression data are sent to Google Gemini to generate personalised training plans
• Post-workout reports — your workout scores and feedback are sent to Google Gemini to generate performance reports
• Image processing (OCR) — uploaded workout images are sent to Google Gemini for text extraction. Images are processed ephemerally and not retained
• Community percentile rankings — your benchmark results are compared against other WodStrat users' results to calculate percentile rankings. Rankings are segmented by gender when sufficient data exists (minimum 5 athletes), otherwise a combined pool is used. Individual users cannot see other users' data — only their own percentile position
• Subscription management — to enforce tier-based feature limits
• Rate limiting — to manage daily AI request quotas

3. Third-Party Services

We use the following third-party services:

• Google Sign-In (OAuth 2.0) — for authentication. Google's privacy policy: policies.google.com/privacy
• Google Gemini API — for AI-powered workout strategy generation, coaching insights, skill plan generation, post-workout reports, and image text extraction. Athlete profile context (experience level, gender, weight) is included to personalise responses; no personal identifiers (name, email) are sent
• RevenueCat — for subscription and in-app purchase management. Device identifiers are shared with RevenueCat for subscription tracking. RevenueCat's privacy policy: revenuecat.com/privacy
• Apple App Store / Google Play Store — for processing subscription payments

4. Data Storage and Security

• Your data is stored in a PostgreSQL database hosted on Railway (cloud infrastructure)
• All communication between the app and our servers uses HTTPS encryption
• Authentication tokens are stored in your device's encrypted keychain (iOS Keychain / Android Keystore)
• We do not store payment card details — these are handled entirely by Apple/Google through RevenueCat
• Uploaded workout images are processed in-memory for text extraction and are not permanently stored

5. Data Sharing

We do not sell your data. Your data is only shared with the third-party services listed above, solely for the purposes described. We do not use advertising SDKs or analytics tracking.

Your benchmark results are used in aggregate to calculate community percentile rankings. Other users cannot see your individual data — only their own ranking position within the community.

6. Data Retention and Deletion

• Your data is retained for as long as your account is active
• You can delete your account at any time from Settings in the app. This permanently deletes all your data (profile, workouts, workout results, benchmarks, skill progress, skill plans, badges, streaks, AI insights cache, hub content, subscription records) immediately
• See our Account Deletion page for more details

7. Your Rights

You have the right to:

• Access your data (visible within the app)
• Correct your data (editable within the app)
• Delete your data (via Settings > Delete Account)
• Contact us with questions about your data

8. Children's Privacy

WodStrat is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with data, please contact us.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes through the app or by updating the effective date above.

10. Contact Us

If you have questions about this privacy policy or your data, contact us at: wodstratinfo@gmail.com