Privacy Policy

Last updated: June 9, 2026

RepForm AI ("the App," "we," "us") respects your privacy. This policy explains, in detail, what data we collect, how we use it, who we share it with, how long we keep it, and what rights you have.

1. Summary (Plain English)

The rest of this policy is the detailed version. Please read it.

2. What We Collect

(a) Account information

(b) Profile information you provide during onboarding

All optional; you can edit or remove via Settings.

(c) Training & form-analysis data

Created as you use the App.

(d) Camera frames sent for AI analysis

(e) Device & diagnostic information

(f) Information we DO NOT collect

(g) iOS permission prompts you may see

The App and some third-party libraries it depends on declare iOS permission strings (Microphone, Location, Photo Library) at install time. You may see one or more permission prompts on first launch as a result. RepForm does NOT exercise these capabilities — we never record audio (the camera recording disables the microphone), we never access your location, and we never read your photo library. The corresponding iOS prompts may not appear at all, or may appear with library-required default copy explaining that the permission is declared by a dependency rather than used by us.

(h) Optional analysis feedback

When you tap “Give us feedback on this analysis” on a form-analysis result, we store: the checkpoint names you flagged (text labels from the analysis you saw), a categorical reason (“wrong fault,” “missed something,” or “cue unclear”), a snapshot of the analysis severity at submit time, and an identifier linking the feedback to the analysis you saw. This feedback stays in our database and is never sent to our AI provider. We use it internally to identify systematic grading errors and improve coaching quality. Feedback is associated with your account and is deleted when you delete your account.

(i) Per-checkpoint analysis records

Each time you record a set and our AI analyzes it, we store the analysis results the AI produced, together with your account and the exercise. This data stays in our database, is stored under access controls so only our systems can read or write it, and is never sent to any AI provider or other third party. We use it solely to monitor and improve coaching quality and to debug production issues. These rows are health-adjacent observation data — see §6(a) for the broader category — and are deleted with the rest of your account on deletion.

(j) Product analytics

We use PostHog (posthog.com), a product analytics service, to understand how users navigate the app and where improvements are needed. PostHog collects: in-app events (screens visited, features used, funnel steps completed), a stable user identifier linked to your account, and general device characteristics (operating system, app version). PostHog data is stored in the United States and is subject to PostHog’s privacy policy. PostHog never receives your exercise video frames, free-text you enter, or personal health data. To opt out of analytics data collection, enable Settings → “Disable analytics.” Your preference is honored immediately on-device; no further events are sent until you re-enable. Your preference is stored on your device; if you delete and reinstall the App, it resets to the default (analytics on) and a fresh anonymous analytics identity is created.

(k) Biometric sign-in (opt-in via Settings)

When you enable Face ID / Touch ID quick-sign-in, the App stores a refresh-token snapshot in your device’s secure keychain (iOS Keychain via expo-secure-store). The credential is local to your device, never transmitted to our servers beyond the normal authentication flow that all sign-ins go through, and only readable after successful biometric authentication. It is cleared automatically when you sign out, when a different account signs in on the same device, or when you turn the toggle off in Settings. It is used only to restore your session — not for any other purpose. Biometric authentication itself (the face / fingerprint match) is performed by iOS on-device and we never receive the biometric data.

3. How We Use Your Data

We use your data only to provide and improve the service:

(a) Core service operations

(b) AI-powered features

PII redaction before AI calls. Before any free-text field (training notes, coach questions, regenerate notes) is sent to our AI provider, the App passes it through a filter that removes common personal-information patterns (such as email addresses, phone numbers, and long numeric sequences). This is best-effort defense against accidental PII leakage; users should still avoid pasting personal information into free-text fields.

(c) Service health, diagnostics, and aggregate reporting

We collect operational telemetry on AI calls — latency, token counts, success/failure outcome, request identifier — and store it on our infrastructure alongside your account ID. This data is used to monitor service health, prevent abuse, enforce tiered usage limits, and tune costs. It is account-associated, not anonymous, because we need to identify abnormal per-user activity (cost spikes, abuse patterns) to keep the service reliable.

We also collect two narrow diagnostic streams: (1) rep-counting diagnostics — limited measurements of rep-counting accuracy (count data only, no exercise content); and (2) AI-call failure events — the feature involved, error type, and timestamp for any AI call that didn’t complete successfully, used for production debugging. Both are associated with your account for diagnostic correlation, stored under access controls so only our infrastructure can read them, and deleted on account deletion alongside the rest of your data. Neither is sent to any third party.

We separately compute aggregate, de-identified product reports (e.g., "which exercises are most logged", "which AI calls fail most") that do not surface individual users.

Crash and error diagnostics are collected via Sentry (see §4(e)) and tagged with your account ID so a single user's crashes can be correlated for debugging. We configure Sentry to suppress request bodies, free-text inputs, and form-analysis output so that only error metadata is captured.

(d) What we do NOT do with your data

4. Third-Party Services (Processors)

We use the following third parties to operate the service. Each is bound by its own privacy commitments and applicable data-protection law.

(a) Supabase (database, authentication, edge functions)

(b) Third-party AI provider (automated AI analysis of camera images and text)

(c) RevenueCat (subscription management)

(d) Apple (sign-in)

For Apple Sign-In: handles the OAuth identity-token flow. Apple knows you are signing into RepForm AI; we receive your Apple ID-issued unique user identifier and your email (only if you grant Apple the email scope at sign-in). We request ONLY the email scope — we do not request your name and Apple never sends it to us. We never see your Apple ID password.

(e) Sentry (crash and error reporting)

5. Data Retention

We retain your data as follows:

Standing destruction commitments:

You can request deletion at any time. See §7. The full per-data-type retention and destruction schedule is in §6(b).

6. Special Categories of Data

(a) Health and wellness data

The training data, injury profile, pain reports, weight log, mobility-check assessments, form-analysis output, optional analysis feedback (§2(h)), and per-checkpoint analysis records (§2(i)) you create with the App are health-adjacent or wellness data. They are NOT clinical / HIPAA-protected health information because RepForm AI is not a covered entity or business associate under HIPAA. We treat this data with the same security and consent standards as the rest of your account information, and we do not share it with any third party for purposes other than providing the service to you (see §4). The per-checkpoint analysis records and optional feedback specifically stay on our own infrastructure and are never sent to our AI provider. Some of this information may qualify as “consumer health data” under state laws such as Washington's My Health My Data Act and comparable Nevada and Connecticut laws. Where those laws apply, we collect and process this data only with your consent (see §6(b) for the camera-based feature), we do not sell it, and we do not share it for cross-context behavioral advertising.

(b) Biometric and body-image data, and your separate consent

The still frames the App sends for form analysis and mobility checks are images of your body, and may include your face.

Retention and destruction schedule. This schedule is published here so you (and regulators) can see exactly how long each category is kept and how it is destroyed:

We destroy biometric / body-image data when the purpose for which it was collected has been satisfied or within the periods above, whichever comes first.

(c) Cycle-tracking data

Cycle-tracking is opt-in only and disabled by default. When enabled, you log period-start dates in the App.

(d) Age requirement and children's data

The App is for users aged 16 and older. It is not intended for and may not be used by anyone under 16, and we do not knowingly collect data from anyone under that age. If you believe someone under 16 has created an account, contact us and we will close it and delete the associated data.

7. Your Rights

You have the following rights regarding your data:

United States — California (CCPA / CPRA). If you are a California resident, you have the rights to: know the categories and specific pieces of personal information we collect and the purposes for collecting it; delete your personal information; correct inaccurate personal information; and not be discriminated against for exercising any of these rights. The categories of personal information we collect are described in §2: identifiers (email, account ID), internet/app activity (usage analytics), health and fitness information, user-generated content (including images of your set), and commercial information (subscription status). We use this information for the business purposes in §3. Some of it — your injury, pain, bodyweight, cycle, and form-analysis data — is “sensitive personal information”; we use it only to provide the service you requested and do not use it to infer characteristics about you. We do NOT sell your personal information and we do NOT share it for cross-context behavioral advertising. You may exercise these rights via Settings (correct/delete) or by emailing support@repformai.com with “CCPA Request” in the subject; you may use an authorized agent. We will not deny service, charge a different price, or provide a different level of service for exercising a privacy right.

United States — Washington, Nevada, Connecticut (consumer health data). If you are covered by Washington's My Health My Data Act or comparable Nevada or Connecticut laws, the health-related data described in §6(a) and the body-image data in §6(b) are “consumer health data.” We collect it only with your consent, do not sell it, and obtain your separate authorization before any sharing that those laws would require it for (we do not currently share it for any such purpose). You may withdraw consent and request deletion as described above and in §6(b). We maintain a separate Consumer Health Data Privacy Policy with the full detail.

Other US states. If you live in a state with a comprehensive consumer-privacy law (e.g., Virginia, Colorado, and others), you have comparable rights to access, delete, correct, and opt out of sale/targeted advertising. Contact support@repformai.com to exercise them; we honor these requests regardless of your state.

EU / EEA / UK. The App is not currently offered in the EU, EEA, or UK — see §11.

8. International Data Transfers

The App is currently offered in the United States, Canada (excluding Quebec), Australia, and New Zealand. It is not offered in Quebec at this time.

Our servers and primary processors (sub-processors) are located in the United States:

If you use the App from outside the United States, your data — including the body-image frames described in §6(b) — is transferred to and processed in the United States. We use appropriate contractual protections with our processors for these cross-border transfers. EU/EEA/UK availability is addressed in §11.

9. Data Security

We protect your data with industry-standard measures:

No system is 100 % secure. We cannot guarantee absolute security and you use the service at your own risk. We will notify affected users and applicable regulators of any data breach involving personal information as required by law.

10. Region-Specific Rights (Canada, Australia, New Zealand)

(a) Canada (PIPEDA)

We collect, use, and disclose your personal information with your meaningful consent and only for the purposes described in this policy. Your data is processed in the United States by the sub-processors named in §8; by using the App you acknowledge this cross-border processing. You may request access to or correction of your information, or withdraw consent (subject to the effect that has on the service), by contacting support@repformai.com. If we experience a breach of security safeguards that creates a real risk of significant harm, we will notify you and the Office of the Privacy Commissioner of Canada as required by law. The App is not currently offered in Quebec.

(b) Australia (Privacy Act 1988 / Australian Privacy Principles)

Your injury, pain, bodyweight, cycle, and form-analysis data are “sensitive information” under the Australian Privacy Principles (APPs). We collect it only with your consent and only as reasonably necessary to provide the App. Your data is disclosed to and stored by overseas recipients in the United States (§8); by consenting you agree to this overseas disclosure for the purposes of APP 8. You may request access to or correction of your personal information, and you may complain to us or to the Office of the Australian Information Commissioner (OAIC). We will notify you and the OAIC of any eligible data breach likely to result in serious harm, as required by the Notifiable Data Breaches scheme.

(c) New Zealand (Privacy Act 2020)

We handle your personal information in accordance with the Information Privacy Principles. Health-related information is collected only with your consent. Your information is disclosed to and processed by overseas processors in the United States (§8). You may request access to and correction of your information. We will notify the Office of the Privacy Commissioner and affected individuals of any privacy breach that it is reasonable to believe has caused, or is likely to cause, serious harm, as required by law.

11. EU / EEA / UK

The App is currently offered only in the United States, Canada (excluding Quebec), Australia, and New Zealand. It is not offered in the EU, EEA, or UK. If we make the App available in those regions, we will first update this policy with the additional terms that apply there — including our legal bases for processing, the mechanism we use to transfer data to the United States, and your full data-subject rights.

12. Changes to This Policy

We may update this policy at any time. Material changes will be communicated through the App (in-app banner or notification) before they take effect. The "Last updated" date at the top of this document reflects the most recent revision.

13. Contact

For privacy questions, data requests, or to exercise any rights described in §7, contact: support@repformai.com

For California-specific requests, include "CCPA Request" in the subject line. For EU/UK requests, include "GDPR Request."