GainGridGainGrid← Back to site
Privacy Policy

Privacy Policy

Effective date: April 22, 2026

We wrote this in plain language because fitness data is personal. If anything is unclear, email us at privacy@gaingrid.app.

1. Who we are

GainGrid is an iOS fitness-tracking app that lets you log workouts, nutrition, and body metrics, and optionally share activity with followers. GainGrid is operated by Lake Pry as an individual doing business as GainGrid.

This policy explains what we collect, how we use it, and your rights. "GainGrid", "we", "us" refer to the operator. "You" refers to the person using the app or this website.

2. What we collect

Account information

When you sign up, we collect your email address and a password (stored hashed, never in plaintext). You can optionally add a username, display name, profile picture, bio, and body metrics (weight, height). You control whether your profile is public or private.

Activity data you log

  • Workouts: exercises, sets, reps, weight, drop sets, timestamps
  • Nutrition: foods logged, calories, macros, water intake, meal templates
  • Body metrics: body weight entries you choose to record
  • Social actions: follows, follow requests, and the activity events you choose to publish to your feed

Device & diagnostic data

With your permission, we collect an Expo push token to deliver notifications. We use minimal app telemetry (crash reports, error logs) to keep the app stable. We do not use third-party advertising trackers.

What we do NOT collect

  • Location data
  • Contacts from your phone
  • Browsing history or data from other apps
  • Advertising identifiers (IDFA, etc.)

What we do NOT do with your data

  • We do not sell your data.
  • We do not share it with advertisers.
  • We do not train third-party AI models on your data.

3. How we use your data

  • Run the core features of the app (log, visualize, and analyze your training)
  • Show your activity to followers based on your privacy and feed-visibility settings
  • Send push notifications you've opted in to receive
  • Detect and prevent abuse, investigate bugs, and keep the service running
  • Communicate service-critical messages (account verification, security alerts, critical bug notices)
  • Send marketing emails only if you explicitly opt in. Every marketing email includes an unsubscribe link, and unsubscribing takes effect immediately.

4. Sharing & visibility

What other users can see

If your profile is public, anyone with a GainGrid account can view your profile, consistency heatmap, badges, follower counts, and any activity events you've chosen to publish (PRs, completed workouts, streaks, badges earned). If your profile is private, only approved followers can see this content.

You control each event type individually via Edit Profile → Feed Visibility — for example, you can keep PRs public but hide completed workouts.

Service providers

We rely on a small set of trusted providers to run the app. Each processes data on our behalf under their own security and privacy terms, and we do not authorize them to use your data for their own marketing.

  • Supabase — database, authentication, storage (hosted in the United States)
  • Expo — push notification delivery
  • Apple — TestFlight and App Store distribution, App Store payments
  • Resend — transactional email (account verification, security alerts, and opt-in marketing emails)

Legal requests

We will disclose data if required by a valid legal order, or to protect the rights, safety, or property of GainGrid, our users, or the public. We push back on overbroad requests.

5. Your rights and controls

You can, at any time:

  • Edit or delete any workout, meal, or body metric entry from within the app
  • Switch your profile to private, remove followers, or opt out of individual event types in your feed
  • Export your data — email privacy@gaingrid.app and we'll send you a copy of your account data in a machine-readable format
  • Delete your account — from within the app under Settings → Delete Account, or by emailing us. See Section 6 for how long deletion takes.
  • Revoke push notifications via iOS Settings or the in-app notification preferences
  • Unsubscribe from marketing emails via the link in any marketing email, or by emailing us

To exercise any data right — access, correction, deletion, portability, or objection — email privacy@gaingrid.app. We respond within 30 days, and faster when we can.

6. Data retention

We keep your account data for as long as your account is active. When you delete your account, we permanently erase your personal content within 30 days. Encrypted backups are rotated within 90 days. Aggregated and anonymized statistics (e.g., total workouts logged across all users) may be retained indefinitely.

We retain certain records longer where required for legal, tax, or security compliance — for example, App Store payment receipts where applicable.

7. Security

  • All network traffic uses HTTPS/TLS encryption in transit.
  • Data at rest in Supabase databases and storage is encrypted.
  • Passwords are hashed using industry-standard algorithms; we never see or store plaintext passwords.
  • Row-level security policies at the database layer enforce who can read or write what, so a compromised client cannot exfiltrate data for other users.
  • We apply the principle of least privilege to our own access: data isn't queried by humans except for specific debugging or support cases with your consent.

No system is perfectly secure. If we learn of a breach that affects you, we'll notify you promptly and honestly with the facts we have.

8. Children

GainGrid is rated 12+ on the App Store. We do not knowingly collect data from children under 12. Users between 13 and 18 must have parental or legal-guardian consent to use the app.

If you're a parent or guardian and believe your child under 12 has provided us with personal data — or that a child between 13 and 18 is using GainGrid without your consent — please email privacy@gaingrid.app. We respond to verified parental reports within 48 hours, and will delete the account and associated data upon verification.

9. International users

GainGrid is operated from the United States. If you use the app from outside the US, you understand that your data will be transferred to, stored in, and processed in the United States, where data-protection laws may differ from those of your country. By using GainGrid, you consent to this transfer.

10. Cookies & website

Mobile app: GainGrid does not use cookies in the mobile app.

Website (gaingrid.app): We use a minimal set of cookies — only what's needed to remember your preferences on the site (such as accepting a cookie notice, if shown). We do not use:

  • Third-party tracking pixels
  • Advertising cookies
  • Cross-site tracking of any kind
  • Analytics that identify you personally

If we introduce privacy-respecting analytics (e.g., aggregate page-view counts without personal identifiers) in the future, we'll update this section before enabling them.

11. Contact us

Questions, concerns, or data requests? Email privacy@gaingrid.app. We respond within 5 business days for general questions, within 48 hours for verified parental reports, and within 30 days for formal data-rights requests.

For general support, use support@gaingrid.app.