Privacy Policy
Repp — Strength Training Tracker
Last Updated: March 15, 2026 · Effective: March 15, 2026
1. Introduction
Repp ("we," "our," or "us") is a strength training tracking application developed by Dennis Santesson. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use the Repp mobile application (the "App").
By using Repp, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the App.
2. Information We Collect
2.1 Account Information
When you create an account, we collect:
- Email address — Used for authentication, account recovery, and essential communications
- Display name — Optional, used to personalize your in-app experience
2.2 Workout and Fitness Data
- Workout logs — exercises performed, sets, reps, weight, duration, and rest times
- Exercise history — historical record of your training sessions
- Personal records — best performances tracked across exercises
- Training programs — custom and saved workout programs
- Body measurements — if you choose to enter them (optional)
2.3 App Usage Data
- Feature usage patterns — which screens and features you interact with
- App performance metrics — crash reports, load times, and error rates
- Session information — app open/close events, session duration
2.4 Device Information
- Device type and operating system version — for compatibility and debugging
- Anonymous device identifier — for analytics purposes only
2.5 Information We Do NOT Collect
- We do not collect your location data
- We do not access your contacts, photos, or camera
- We do not collect health data from Apple HealthKit or Google Health Connect
- We do not collect biometric data
3. How We Store Your Data
3.1 Local Storage (On-Device)
Your workout data is primarily stored locally on your device using SQLite. Your data is available offline, stays on your device unless you enable cloud sync, and uninstalling the App will remove locally stored data.
3.2 Cloud Storage
When you create an account and use cloud features, your data is synced to our cloud infrastructure hosted on AWS within the EU. Data is encrypted in transit (TLS 1.2+) and at rest (AES-256) with row-level security.
4. How We Use Your Information
We use your information to provide the service, manage your account, improve the app through anonymous analytics, and send essential account-related communications.
We do not use your data for advertising, selling to third parties, unrelated profiling, or automated decision-making with legal effects.
5. Third-Party Services
We use Supabase (authentication, database, cloud sync), PostHog (anonymous analytics, EU servers), and Apple Sign-In (optional authentication). We do not share data with advertisers or data brokers.
6. Data Retention
- Account and workout data — retained as long as your account is active
- Analytics data — anonymized, retained up to 12 months
- Deleted accounts — all data permanently deleted within 30 days
7. Your Rights and Choices
You can delete your account and all data at any time via Profile → Danger Zone → Delete Account. You can request data exports or opt out of analytics by contacting dennis.santesson@tickettaka.se.
8. GDPR Compliance
If you are in the EEA, you have rights to access, rectification, erasure, restriction, portability, objection, and withdrawal of consent. Your data is processed within the EU. Contact dennis.santesson@tickettaka.se for GDPR inquiries. You may also lodge complaints with your local DPA — in Sweden, this is IMY.
9. CCPA Compliance
California residents have the right to know, delete, and opt-out of sale. We do not sell personal information. Contact dennis.santesson@tickettaka.se to exercise your rights; we respond within 45 days.
10. Children's Privacy
Repp is not intended for children under 13. We do not knowingly collect personal information from children.
11. Security
We implement encryption in transit (TLS 1.2+), encryption at rest (AES-256), row-level database security, secure authentication with hashed and salted passwords, and regular security reviews.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will update the "Last Updated" date and notify you for significant changes.
13. Contact Us
Email: dennis.santesson@tickettaka.se
We respond to all privacy inquiries within 30 days.