PRIVACY POLICY

Last Updated: November 22, 2025

1. INTRODUCTION

This Privacy Policy describes how Ascend ("we," "our," or "us") collects, uses, shares, and protects your personal information when you use our mobile application (the "App"). This policy applies to all users of the App.

By using the App, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree with this policy, please do not use the App.

Age Requirement: The App is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete that information immediately.

2. INFORMATION WE COLLECT

2.1 Account and Authentication Information

When you create an account, we collect:

  • Email Address: Used for account authentication and communication
  • Password: Securely hashed and stored by our authentication service provider (Supabase)
  • Display Name: Your chosen username for the App
  • User ID: A unique identifier (UUID) automatically generated for your account

OAuth Authentication: If you choose to sign in using Google or Apple Sign-In, we collect:

  • Email address
  • Name (if you provide consent and make it available)

2.2 Profile and Fitness Data

To provide App functionality, we collect and store:

  • Weight Information: Current weight (in kg) and weight history with dates
  • Fitness Goals: Weekly workout targets (1-6 workouts per week) and historical goal data
  • Subscription Information: Subscription status (free/subscribed), subscription start and end dates
  • Progress Tracking: Quest completion status, reward unlocks, title unlocks, selected titles, and streak counters
  • Onboarding Status: Whether you have completed the initial setup

2.3 Workout and Exercise Data

To track your fitness progress, we collect:

  • Workout Information: Workout name, start/end times, duration, total volume, exercises completed, notes, personal record (PR) details, and workout status
  • Exercise History: Exercise name, variation/equipment type, weight used, number of repetitions, exercise category, movement pattern, completion timestamps, and associated workout ID
  • Custom Exercises: User-created exercises including name, description, category, equipment requirements, target muscle groups, body part categories, movement patterns, and variations
  • Routines: Workout routines including name, description, difficulty level, parent training plan, linked exercises with sets/reps/weight/rest periods, and exercise ordering

2.4 Health and Fitness Data

Important Health Data Classification: The App collects fitness and health-related data, including workout information, exercise history, weight tracking, and fitness goals. This data may be classified as "health data" under certain privacy regulations (such as GDPR in the European Union or state health data privacy laws).

What Health Data We Collect:

  • Fitness Activity Data: Workout logs, exercise performance, personal records, and training history
  • Body Metrics: Weight information and weight history (if you choose to track this)
  • Fitness Goals: Weekly workout targets and progress toward those goals

How We Use Health Data:

  • Personal Fitness Tracking: To provide core App functionality, including workout logging, progress tracking, and personal record calculations
  • Service Improvement: To understand how users interact with fitness features and improve the App experience (aggregated and anonymized where possible)

Health Data Protection:

  • Health data is stored securely in our database with encryption at rest and in transit
  • Health data is NOT shared with health insurance companies, employers, or third parties for health-related purposes
  • Health data is NOT used for advertising or marketing purposes
  • Health data is only shared with third-party service providers (Supabase, Sentry, Mixpanel) as necessary to provide App functionality and improve services, as described in Section 5.1

Medical Disclaimer: The App is for personal fitness tracking and informational purposes only. It is NOT a medical device and is NOT intended to diagnose, treat, cure, or prevent any disease. Always consult a qualified healthcare professional before beginning any exercise program or making health decisions.

Your Rights: You have the right to access, correct, delete, or export your health data at any time. See Section 8 (Your Rights and Choices) for more information.

2.5 Subscription and Payment Data

  • RevenueCat Customer ID: Linked to your account for subscription management
  • Subscription Status: Active or inactive subscription state
  • Entitlements: Access rights to premium features
  • Purchase History: Managed by RevenueCat (transaction details are not directly stored in our database)

IMPORTANT: We do NOT collect or store your payment information (credit card numbers, billing addresses, etc.). All payment processing is handled directly by Apple App Store or Google Play Store.

2.6 Device and Technical Information

  • Platform Information: iOS or Android device type
  • Notification Permissions: Your notification preference settings for local notifications
  • Session Tokens: Access tokens and refresh tokens stored locally on your device for authentication
  • Error Tracking Data: When errors occur, we automatically collect technical information including error messages (sanitized to remove sensitive data), stack traces, device information (OS version, device model, app version), and performance metrics. This data is collected through Sentry, our error tracking service, to help us identify and fix technical issues.

2.7 Analytics and Usage Data

To understand how users interact with the App and improve our services, we collect analytics data through Mixpanel, our product analytics service:

  • User Events: We track user actions such as:
    • App usage events (app opened, session started, screen views)
    • Workout events (workout started, completed, exercises added)
    • Subscription events (subscription modal viewed, purchase initiated, purchase completed)
    • Feature usage (routines created, quests completed, achievements unlocked)
    • Onboarding events (onboarding started, steps viewed, onboarding completed)
  • Event Properties: Each event includes relevant context such as:
    • Workout information (name, duration, exercise count, volume, personal records achieved)
    • Subscription information (plan selected, price, billing period)
    • User progress (workout number, quest number, achievement type)
    • Device information (platform, app version, build number)
  • User Identification: Events are linked to your user ID (UUID) to analyze user behavior patterns and improve the App experience. This allows us to understand how individual users progress through the App and identify areas for improvement.
  • User Properties: We maintain user profile properties including:
    • Subscription status (free/subscribed)
    • Total workouts completed
    • Account creation date
    • Last active date
  • Device Information: Platform (iOS/Android), app version, build number, and environment (development/production) are automatically included with all events.

Important: Mixpanel is used for product analytics and service improvement, not for advertising or marketing purposes. We do not use this data to create user profiles for advertising or share it with advertising networks. All analytics data is anonymized where possible and used solely to improve the App experience.

2.8 User Feedback and Support Data

When you submit feedback through the in-app feedback feature ("Report a Bug"), we collect the following information:

  • Feedback Text: The comments and descriptions you provide about issues, bugs, or suggestions (up to 1000 characters)
  • User Identification: If you are logged in, we automatically collect your email address, name (if available in your profile), and user ID to associate your feedback with your account and enable us to respond to your feedback
  • Screenshots: Optional images you may choose to attach to your feedback submission (PNG or JPEG format). Screenshots are stored as base64-encoded data and sent to our feedback management service
  • Technical Context: Device information (OS version, device type, app version) and error context (if your feedback is related to a specific error that occurred in the App)
  • Submission Metadata: Timestamp of when the feedback was submitted

Purpose: This data is collected to help us understand and resolve issues, improve the App's functionality and user experience, and respond to your feedback. Feedback submissions are processed and stored through Sentry, our error tracking and feedback management service.

Storage and Processing: Feedback data, including text comments and optional screenshots, is stored in Sentry's systems. Your feedback is associated with your user account (if logged in) to help us track and respond to your concerns. Screenshots are stored as image attachments in Sentry's user feedback system.

Voluntary Submission: Providing feedback is completely voluntary. You are not required to submit feedback, and you can choose whether to include screenshots or other information. If you are not logged in, your feedback will be submitted anonymously (without user identification).

Data Retention: We retain feedback submissions for as long as necessary to address your concerns and improve the App. You can request deletion of your feedback submissions by contacting us at support@ascendfitness.app.

2.9 Implicit Usage Data

We implicitly collect usage data through:

  • Workout timestamps and activity patterns
  • App feature usage (inferred from database interactions)

3. HOW WE COLLECT INFORMATION

We collect information through:

  1. Direct Input: Information you provide when creating an account, entering workout data, or customizing your profile
  2. Automatic Collection: Session tokens, device information, and usage patterns automatically collected during App use
  3. Third-Party Authentication: Information shared by Google or Apple when you use their sign-in services
  4. In-App Purchases: Subscription and purchase data collected through RevenueCat integration

4. HOW WE USE YOUR INFORMATION

We use your information for the following purposes:

4.1 App Functionality

  • Track workouts and exercise history
  • Calculate personal records and progress metrics
  • Display fitness statistics and visualizations
  • Manage workout routines and custom exercises
  • Store user preferences and settings

4.2 User Experience

  • Personalize the App interface and features
  • Track achievements, unlocks, and rewards
  • Manage gamification elements (titles, quests, streaks)
  • Provide customized fitness recommendations

4.3 Account Management

  • Authenticate your identity and maintain your account
  • Process account recovery and password reset requests
  • Manage subscription status and premium feature access
  • Communicate important account-related information

4.4 Notifications

We send local push notifications to enhance your App experience and help you achieve your fitness goals. These notifications include:

  • Workout Functionality: Rest timer alerts during workouts and active workout status notifications
  • Weekly Goal Reminders: Reminders to help you achieve your weekly workout goals, scheduled based on your progress and days remaining in the week
  • Week Rollover Notifications: End-of-week notifications that celebrate goal achievements or provide feedback on your weekly progress
  • Progress Celebrations: Level up and rank up notifications when you achieve new fitness milestones
  • Quest Progression: Notifications to encourage progression through onboarding quests (First Workout, App Store Review, Compound Movements, Weekly Goals, Workout Counts, Personal Records)
  • Premium Subscription Reminders: Notifications about weekly workout limits for Foundation Mode users and premium subscription benefits (only for non-subscribed users)

All notifications are scheduled locally on your device and can be managed through your device's system settings. You can disable notifications at any time.

4.5 Service Improvement

  • Analyze usage patterns to improve App functionality
  • Debug technical issues and enhance performance
  • Develop new features based on user behavior
  • Measure feature adoption and user engagement through product analytics
  • Identify conversion funnels and optimize user flows
  • Understand subscription conversion patterns and optimize pricing strategies

5. INFORMATION SHARING AND DISCLOSURE

5.1 Third-Party Service Providers

We share your information with the following third-party service providers who process data on our behalf:

Supabase (Backend Infrastructure)

  • Data Shared: All user data, authentication credentials, workout data, profile information
  • Purpose: Database hosting, authentication services, and data storage
  • Privacy Policy: https://supabase.com/privacy
  • Data Protection: Supabase provides equal or greater protection of your data as described in this Privacy Policy

RevenueCat (Subscription Management)

  • Data Shared: User ID (UUID), subscription status, purchase transactions, device information for purchase validation
  • Purpose: In-app purchase handling and subscription management
  • Privacy Policy: https://www.revenuecat.com/privacy
  • Data Protection: RevenueCat provides equal or greater protection of your data as described in this Privacy Policy

Sentry (Error Tracking, Performance Monitoring, and User Feedback)

  • Data Shared: Error logs, stack traces, device information (OS version, device type, app version), performance data (sampled at 10% in production), session data (session start/end times), breadcrumbs (user actions leading to errors), and user feedback submissions (including feedback text, optional screenshots/images, user identification if provided, and submission metadata)
  • Purpose: Error tracking, crash reporting, performance monitoring, and processing user feedback submissions to improve app stability and user experience
  • Privacy Policy: https://sentry.io/privacy/
  • Data Protection: Sentry provides equal or greater protection of your data as described in this Privacy Policy. Error messages are sanitized to remove sensitive information before being sent to Sentry. User feedback submissions, including optional screenshots, are stored securely in Sentry's user feedback system.
  • Note: Sentry is used for technical error tracking, performance monitoring, and user feedback management, not for advertising or marketing analytics. We do not use Sentry to track your personal fitness data or workout information. User feedback submissions are voluntary and may include screenshots you choose to attach. If you are logged in, your feedback will be associated with your account to help us respond to your concerns.

Mixpanel (Product Analytics)

  • Data Shared: User events (app usage, workout activities, subscription interactions, feature usage), event properties (workout details, subscription plan information, user progress metrics), user identification (user ID/UUID), user properties (subscription status, workout count, account creation date), device information (platform, app version, build number, environment), and session data (app opened, session started).
  • Purpose: Product analytics to understand user behavior, improve App functionality, analyze feature adoption, measure user engagement, and optimize the user experience. This data helps us identify which features are most valuable to users and where we can improve the App.
  • Privacy Policy: https://mixpanel.com/legal/privacy-policy/
  • Data Protection: Mixpanel provides equal or greater protection of your data as described in this Privacy Policy. Data is stored in accordance with your selected data residency (EU, US, or India).
  • Data Residency: We configure Mixpanel to store data in the EU data center (api-eu.mixpanel.com) to comply with GDPR requirements. You can contact us to confirm the data residency for your account.
  • Note: Mixpanel is used for product analytics and service improvement, not for advertising or marketing purposes. We do not use this data to create user profiles for advertising or share it with advertising networks. Event data includes workout and subscription information necessary to understand user behavior and improve the App experience.
  • Opt-Out: You can opt-out of analytics tracking by contacting us at support@ascendfitness.app. Note that opting out may limit our ability to improve the App based on usage patterns.

Google OAuth (Authentication Service)

  • Data Shared: Email address, name (if you consent during sign-in)
  • Purpose: Authentication via Google Sign-In
  • Privacy Policy: https://policies.google.com/privacy
  • When Shared: Only when you choose to sign in with Google
  • Data Protection: Google provides equal or greater protection of your data as described in this Privacy Policy

Apple Sign-In (Authentication Service)

  • Data Shared: Email address, name (if you consent and choose to share; you may hide your email)
  • Purpose: Authentication via Apple Sign-In
  • Privacy Policy: https://www.apple.com/privacy/
  • When Shared: Only when you choose to sign in with Apple
  • Data Protection: Apple provides equal or greater protection of your data as described in this Privacy Policy

Local Notifications (Device-Based Notifications)

  • Data Shared: Notification preferences (stored locally on your device)
  • Purpose: Delivery of local notifications including:
    • Workout functionality notifications (rest timer alerts, active workout status)
    • Weekly goal reminders and progress tracking
    • Week rollover notifications and goal achievement celebrations
    • Level up and rank up milestone notifications
    • Quest progression reminders and progress updates
    • Premium subscription reminders and weekly workout limit notifications (for Foundation Mode users)
    These notifications are generated and displayed locally on your device based on your workout activity, progress, and goals. They do not require data transmission to external servers for delivery, though the App may sync your progress data with our servers to determine when to schedule notifications.
  • Note: The App uses the Expo Notifications SDK for local notification functionality. No device tokens or notification data are transmitted to external services. Notification scheduling is based on your workout history, quest progress, and subscription status stored in your account.

Apple App Store / Google Play Store (App Distribution and Payment Processing)

  • Data Shared: Purchase transactions, subscription status
  • Purpose: App distribution and in-app purchase processing
  • Privacy Policy:
  • Note: Payment information is handled entirely by Apple/Google; we do not have access to your payment details
  • Data Protection: Apple and Google provide equal or greater protection of your data as described in this Privacy Policy

5.2 Data We Do NOT Sell

We do NOT sell, rent, or trade your personal information to third parties for their marketing purposes. We do NOT share your data with advertising networks or data brokers.

5.3 Legal Requirements and Protection

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (court orders, subpoenas, search warrants)
  • Requests from government or law enforcement authorities
  • Circumstances where we believe disclosure is necessary to protect our rights, property, or safety, or the rights, property, or safety of others
  • Prevention of fraud, security threats, or illegal activities

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring entity. We will notify you via email and/or prominent notice in the App before your information becomes subject to a different privacy policy.

6. DATA SECURITY

We implement appropriate technical and organizational measures to protect your personal information:

6.1 Security Measures

  • Encryption: All data transmitted between the App and our servers uses HTTPS/TLS encryption
  • Password Security: Passwords are hashed using industry-standard cryptographic algorithms
  • Access Controls: Row Level Security (RLS) is enabled on all database tables, ensuring users can only access their own data
  • Authentication: Secure token management with automatic refresh mechanisms
  • OAuth Standards: Industry-standard OAuth 2.0 protocols for third-party authentication

6.2 Data Storage

  • Local Storage: Session tokens and cached data stored on your device using secure storage mechanisms
  • Cloud Storage: User data stored in secure cloud infrastructure (Supabase) with encryption at rest
  • Database Security: PostgreSQL database with row-level security policies enforcing data isolation

6.3 Limitations

While we implement robust security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials.

7. DATA RETENTION

7.1 Active Accounts

We retain your personal information for as long as your account is active or as needed to provide you with the App's services.

7.2 Account Deletion

When you delete your account, we will:

  • Remove your profile information, workout data, and exercise history from our active databases
  • Delete custom exercises, routines, and personalized settings
  • Revoke authentication tokens and session data
  • Request deletion of your analytics data from Mixpanel (user events and user profile data)
  • Request deletion of your error tracking data from Sentry (error logs, session data, and user feedback submissions including any attached screenshots)

Note: Third-party service providers (Mixpanel, Sentry) may retain anonymized or aggregated data for their own business purposes in accordance with their privacy policies. We will request deletion of your identifiable data, but some anonymized data may remain in their systems.

7.3 Legal and Compliance Retention

Certain information may be retained after account deletion for:

  • Legal compliance purposes (e.g., financial records, transaction logs)
  • Dispute resolution and enforcement of our Terms of Service
  • Prevention of fraud and abuse

Transaction records related to subscriptions may be retained longer to comply with financial and tax regulations.

7.4 Inactive Accounts

Accounts that remain inactive for an extended period of 2 years may be subject to deletion. We will attempt to notify you via email before deleting an inactive account.

8. YOUR RIGHTS AND CHOICES

You have the following rights regarding your personal information:

8.1 Access and Portability

You have the right to request a copy of the personal information we hold about you.

8.2 Correction

You can update or correct your profile information, workout data, and preferences directly within the App at any time.

8.3 Deletion

You have the right to request deletion of your account and associated personal information. To delete your account:

  • Navigate to Settings > Account > Delete Account in the App
  • Or contact us at support@ascendfitness.app

8.4 Revoke Consent

You may revoke consent for data collection and processing by:

  • Deleting your account
  • Revoking OAuth permissions through your Google or Apple account settings
  • Uninstalling the App (note: this does not delete your account data from our servers)

8.5 Notification Preferences

You can manage notification preferences through your device's system settings.

8.6 Data Portability (GDPR/CCPA)

For users in the European Union or California, you have the right to receive your personal data in a structured, commonly used, and machine-readable format.

8.7 Exercising Your Rights

To exercise any of these rights, please contact us at support@ascendfitness.app. We will respond to your request within 30 days (or as required by applicable law).

9. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction.

Data Residency: We store your data in the following locations to comply with data protection regulations and provide optimal service:

  • Supabase (Primary Database): All user data, including account information, workout data, exercise history, and profile data, is stored in EU data centers (specifically, AWS eu-central-1 region in Frankfurt, Germany). This includes all health and fitness data described in Section 2.4.
  • Mixpanel (Analytics): Analytics data is stored in EU data centers (api-eu.mixpanel.com) as configured for GDPR compliance.
  • Sentry (Error Tracking): Error tracking data is stored in Sentry's data centers. You can contact us to inquire about the specific data center location for your error tracking data.
  • RevenueCat (Subscriptions): Subscription management data is stored in RevenueCat's data centers. You can contact us to inquire about the specific data center location for your subscription data.

You can contact us at support@ascendfitness.app to inquire about the specific data center location for any of your information.

When we transfer data internationally, we ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable laws.

10. CALIFORNIA PRIVACY RIGHTS (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

10.1 Right to Know

You have the right to request information about the categories and specific pieces of personal information we have collected about you, as well as the categories of sources, purposes for collection, and third parties with whom we share information.

10.2 Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions.

10.3 Right to Opt-Out

We do NOT sell your personal information. You have the right to opt-out of the sale of personal information, but since we do not engage in such sales, this right is not applicable.

10.4 Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights.

10.5 Exercising CCPA Rights

To exercise your CCPA rights, please contact us at support@ascendfitness.app. We will verify your identity before processing your request.

11. EUROPEAN UNION PRIVACY RIGHTS (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

11.1 Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Contract Performance: To provide the App services you requested
  • Legitimate Interests: To improve our services, prevent fraud, and ensure security
  • Consent: For optional features like OAuth authentication and notifications
  • Legal Obligations: To comply with applicable laws and regulations

11.2 GDPR Rights

You have the right to:

  • Access your personal data
  • Rectify inaccurate personal data
  • Erase your personal data ("right to be forgotten")
  • Restrict processing of your personal data
  • Data portability
  • Object to processing based on legitimate interests
  • Withdraw consent at any time (where processing is based on consent)
  • Lodge a complaint with a supervisory authority

11.3 Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer at support@ascendfitness.app.

12. INFORMATION WE DO NOT COLLECT

For transparency, the following types of data are NOT collected by the App:

  • Location Data: We do not track your GPS location or collect geolocation information
  • Biometric Data: We do not collect fingerprint, facial recognition, or other biometric data (device biometrics used for authentication remain on your device)
  • Contacts: We do not access or collect your contact list
  • Photos/Media: We do not access your photo library or media files
  • Third-Party Marketing Analytics: We do not use third-party marketing analytics services (e.g., Google Analytics, Firebase Analytics) for advertising or marketing purposes. We use Mixpanel for product analytics to understand user behavior and improve the App experience, but we do not use this data for advertising or share it with advertising networks. We also use Sentry, a third-party error tracking and performance monitoring service, to identify and fix technical issues in the App. Sentry collects technical error data, device information, and performance metrics, but does not collect your personal fitness data or workout information.
  • Advertising Data: We do not collect data for advertising purposes or share data with advertising networks
  • Browsing History: We do not track your web browsing activity
  • Microphone/Camera: We do not access your microphone or camera without explicit permission

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  1. Update the "Last Updated" date at the top of this policy
  2. Notify you through the App or via email
  3. Provide you with an opportunity to review the changes before they take effect

Your continued use of the App after changes become effective constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

14. THIRD-PARTY LINKS AND SERVICES

The App may contain links to third-party websites, services, or content. This Privacy Policy does not apply to such third-party services. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party services you access through the App.

15. CONTACT INFORMATION

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: support@ascendfitness.app
Business Address:
Ascend
Feldmochinger Straße 15
80882, München
Germany

Support Email: support@ascendfitness.app

For privacy-specific inquiries, please use the privacy email address listed above. We will respond to your inquiry within 30 days.

16. CONSENT

By using the App, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this policy, please do not use the App.

End of Privacy Policy

Ascend - Ascend
© 2025 All Rights Reserved