Privacy Policy

Effective Date: March 20, 2026 · Last Updated: March 20, 2026

1. Introduction

Repwise (“we,” “us,” or “our”) operates the Repwise mobile application (the “App”). This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our App.

By using Repwise, you agree to the collection and use of information as described in this policy.

2. Information We Collect

Account Information

Email address, name, profile photo URL, and OAuth provider IDs — used for account creation, login, and personalization. All stored encrypted at rest.

Body & Health Data

Height, weight, and body fat percentage — used for TDEE calculation, body composition tracking, and coaching recommendations. Encrypted at rest.

Activity & Nutrition Data

Nutrition logs and training logs — used for calorie/macro tracking, progressive overload analysis, and PR detection. Encrypted at rest.

Media

Progress photos for visual progress tracking — stored encrypted in Cloudflare R2 object storage.

Device & Technical Data

Push tokens, analytics events (PostHog), and crash reports (Sentry) — used for notifications, improving features, and fixing bugs.

3. How We Use Your Information

  • Provide core functionality (nutrition tracking, training logging, adaptive TDEE)
  • Calculate and adjust personalized nutrition targets
  • Deliver coaching recommendations and weekly check-in reminders
  • Process subscription payments
  • Monitor app performance and fix crashes
  • Analyze usage patterns to improve the App

We do not sell your personal data to third parties.

4. Third-Party Services

We share limited data with Apple App Store, Google Play Store, RevenueCat, Sentry, PostHog, Firebase (FCM), Cloudflare R2, and AWS SES to operate the App. Repwise never handles payment card data directly — all payments are processed through Apple or Google via in-app purchases.

5. Data Storage and Security

  • All data stored in managed PostgreSQL with encryption at rest
  • All data in transit encrypted via TLS/HTTPS
  • Passwords hashed using bcrypt
  • JWT authentication with short-lived access tokens (15 min) and rotating refresh tokens
  • Users can only access their own data

6. Data Retention

Your data is retained while your account is active. Upon deletion request, a 30-day grace period begins. After 30 days, all personal data is permanently and irreversibly removed — including account info, body measurements, nutrition logs, training logs, progress photos, and device tokens.

7. Your Rights

  • Access — view all your data within the App
  • Correction — update your information directly in the App
  • Deletion — request account deletion via account settings
  • Data Portability — request a machine-readable export by contacting us

California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it is used
  • Request deletion of your personal information
  • Opt out of the sale of your personal information (we do not sell personal information)
  • Non-discrimination for exercising your privacy rights

To exercise these rights, contact us at privacy@repwise.app.

Children's Privacy

Repwise is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at privacy@repwise.app.

8. Contact Us

Questions about this Privacy Policy? Email us at support@repwise.app

Get Repwise Free