Privacy Policy

1. Introduction

REPVEX ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

By using REPVEX, you consent to the data practices described in this policy. If you do not agree with any part of this policy, please do not use our Service.

2. Information We Collect

2.1 Personal Information

• Email address and name (for account creation)
• Profile photo (optional)
• Date of birth (for age verification)
• Fitness goals and experience level

2.2 Health & Fitness Data

• Workout history, exercise data, and performance metrics
• Body measurements and progress photos
• Nutrition logs and meal data
• Sleep and recovery data (via connected devices)

2.3 Third-Party Integrations

When you connect third-party services (Strava, Oura Ring), we receive data according to the permissions you grant. This may include activity data, heart rate, sleep patterns, and readiness scores.

2.4 Device Information

• Device type, operating system, and app version
• IP address and general location (city/country)
• App usage analytics and crash reports

3. How We Use Your Information

• Provide personalized workout recommendations using AI
• Track your fitness progress over time
• Enable social features (with your consent)
• Send workout reminders and notifications
• Improve our algorithms and service quality
• Process subscriptions and payments
• Respond to support requests

4. Information Sharing

We do not sell your personal information. We may share data with:

• Service Providers: Cloud hosting (Supabase), payment processing (RevenueCat/Stripe), analytics
• AI Processing: Google Gemini API for workout recommendations (anonymized)
• Legal Requirements: When required by law or to protect rights
• Social Features: Information you choose to share publicly

5. Data Security

We implement industry-standard security measures including:

• TLS/SSL encryption for data in transit
• AES-256 encryption for sensitive data at rest
• Secure token storage using platform-native security
• Rate limiting and authentication on all API endpoints
• Regular security audits and updates

6. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate information
• Erasure: Request deletion of your data
• Portability: Export your data in a machine-readable format
• Withdraw Consent: Revoke permissions at any time

To exercise these rights, contact us at [email protected]

7. Children's Privacy

REPVEX is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover we have collected data from a child under 13, we will delete it immediately.

Users aged 13-15 have restricted access to social features in compliance with applicable laws.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide services. You may request deletion at any time. After account deletion, we may retain anonymized data for analytics purposes.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place in compliance with applicable data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or to exercise your rights: