Features

ES

Features

ES

ES

PRIVACY POLICY

PRIVACY POLICY

1. Who We Are

Controller:
Gains Coach PTY LTD
ABN: 78671000801
5/45 Sir Thomas Mitchell, Bondi Beach, 2026, NSW, Australia
Email: support@gravl.ai

EU Representative (GDPR Article 27):
Matias Bruno
Calle de Viloria de la Rioja, Madrid, 28050, Spain
Email: support@gravl.ai

If you have any questions regarding this Privacy Policy or your personal data, you can contact us at the above email addresses.

2. General Principles

We process personal data in a minimal and lawful manner, only as necessary to provide our services, comply with legal obligations, or improve the app experience.

Legal bases for processing:

  • Consent: When you agree to specific data processing (Art. 6(1)(a) GDPR).

  • Contractual performance: Data needed to deliver the app’s services (Art. 6(1)(b) GDPR).

  • Legal obligation: Required by law (Art. 6(1)(c) GDPR).

  • Legitimate interests: When necessary for app functionality, security, or business purposes, without overriding your rights (Art. 6(1)(f) GDPR).

Data retention: We delete or anonymize personal data once it is no longer necessary, unless retention is required by law or to fulfill contractual obligations.

3. Data We Collect

3.1 Data You Provide in the App

Includes:

  • Gender, training experience, bodyweight

  • Fitness goals, preferred muscle split, training duration, available equipment

  • Email and password (if registering)

  • Training progress data (exercises, sets, reps, weight)

Purpose: To create personalized workout plans, track progress, provide recommendations, and respond to inquiries.

Legal basis: Contractual performance (Art. 6(1)(b) GDPR).

Retention: Deleted when no longer needed or when the account is deleted.

3.2 Apple HealthKit

With your explicit consent, we access HealthKit data such as activity energy, weight, body fat percentage, and exercise.

Purpose: To display data in the app for tracking workouts and bodyweight calculations.

Retention: Deleted from our app if you delete it in Apple Health or within our app.

Legal basis: Consent (Art. 6(1)(a) GDPR).

3.3 App Usage & Log Data

We collect technical data automatically, including:

  • Device identifiers, anonymized IP, timestamps, app pages accessed, usage events

Purpose: Ensure app functionality, stability, and security.

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR).

Retention: Log files deleted after 7 days; device identifiers anonymized afterward.

3.4 Third-Party Services

We use services such as Firebase, Google Analytics, Mixpanel, RevenueCat, Facebook Ads SDK, Singular SDK, Sendgrid, Sentry, Intercom, Microsoft Azure, Expo, Supabase, and Customer.io.

Purpose: Analytics, push notifications, app improvements, marketing, and customer support.

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR) or consent where applicable.

International transfers: Personal data may be transferred outside the EU/EEA (e.g., to Australia or the U.S.). We ensure transfers comply with GDPR through safeguards such as Standard Contractual Clauses or the EU-U.S. Data Privacy Framework.

3.5 Newsletter

When subscribing, we collect your email, IP address, and registration timestamp.

Purpose: Deliver newsletters and prevent misuse.

Legal basis: Consent (Art. 6(1)(a) GDPR) or as allowed by applicable law.

Retention: As long as the subscription is active; other data deleted after 7 days.

Withdrawal: You can unsubscribe at any time via links in the newsletter.

3.6 Website Services

  • Google Fonts and social media platforms for communication

  • Log files: browser, OS, ISP, IP, timestamps

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR)

Retention: Log files deleted after 7 days or anonymized.

4. Your Rights

Under the GDPR, EU users have the following rights:

  1. Access: Request confirmation and details of your personal data processing.

  2. Rectification: Correct inaccurate or incomplete data.

  3. Erasure: Delete personal data where legally permitted.

  4. Restriction: Limit processing in certain circumstances.

  5. Data portability: Receive your data in a structured, machine-readable format.

  6. Objection: Object to processing based on legitimate interests or for marketing.

  7. Consent withdrawal: Revoke consent at any time.

  8. Automated decisions & profiling: Right not to be subject to automated decisions without safeguards.

  9. Complaint: Lodge a complaint with a supervisory authority in your EU country.

To exercise your rights, contact support@gravl.ai or our EU representative, Matias Bruno.

5. Changes to This Privacy Policy

We may update this policy at any time to comply with legal obligations or improve clarity. The last update was October 9, 2025.