Legal
Privacy Policy
Effective June 4, 2026
This Privacy Policy explains how Grind Track ("Grind Track", "we", "us") collects, uses, shares and protects information when you use the Grind Track mobile application and grindtrack.co (together, the “Service”). We built the Service to be a private training journal: the workouts, meals, measurements and photos you log are yours.
We follow Apple’s App Store requirements and applicable data-protection laws, including the EU/UK GDPR, the California Consumer Privacy Act (CCPA/CPRA) and India’s Digital Personal Data Protection Act. By using the Service you agree to this Policy.
01The short version
- We collect only what we need to run the Service — your account, the activity you log, and basic technical data.
- We do not sell your personal data, and we do not use it for third-party advertising.
- Body measurements, progress photos and health-related data are private to you and only shared when you choose to share them.
- You can export or permanently delete your account and data from inside the app at any time.
02Information we collect
We collect the categories of information below. Some are provided directly by you; some are generated as you use the Service.
| Category | Examples | Why we collect it |
|---|---|---|
| Account & profile | Name or username, email, phone number, password (hashed), profile photo, date of birth, sex, height, units and goals. | To create and secure your account and personalize targets. |
| Training data | Routines, exercises, sets, reps, weights, RPE, workout times and notes. | Core function — to log and analyze your training. |
| Nutrition data | Logged foods and meals, quantities, macros, recipes and saved foods. | To track intake against your macro and calorie targets. |
| Body & health data | Body weight, body-fat, circumferences and progress photos you add. | To show body-composition trends. Treated as sensitive (see below). |
| Social content | Posts, comments, reactions, follows, and trainer–client or gym links you create. | To power optional social and coaching features. |
| Purchases | Subscription status and entitlements. Apple processes payment — we never receive your card number. | To unlock and manage premium features. |
| Device & technical | Device model, OS version, app version, language, IP address, crash logs and diagnostic events. | To keep the app stable, secure and debuggable. |
We do not knowingly collect precise location, contacts, or data from Apple HealthKit. The app requests camera access only when you scan a barcode or add a photo, and access to your photo library only when you choose a picture. You can decline or revoke these permissions in iOS Settings.
03How we use your information
- Provide, maintain and personalize the Service — including your targets, charts, streaks and recovery estimates.
- Detect personal records, compute rollups, and generate the analytics you see in-app.
- Operate optional social, leaderboard and coaching features at your direction.
- Authenticate you, prevent fraud and abuse, and keep accounts secure.
- Diagnose crashes, monitor performance and improve the product.
- Send transactional messages (for example, verification codes, security and account notices). We do not send marketing email without your consent.
- Comply with law and enforce our Terms.
We rely on the following legal bases where GDPR applies: performance of our contract with you, your consent (for optional features and any marketing), our legitimate interests in securing and improving the Service, and compliance with legal obligations.
04Health & fitness data
Body measurements, body-fat estimates and progress photos can reveal information about your health. We treat them as sensitive: they are visible only to you by default, are never used for advertising, and are only shared with another person when you explicitly share them (for example, by linking a trainer or posting publicly). You can delete any measurement or photo at any time.
05Sign-in & authentication
You can create an account with email and password, a phone number with a one-time code, or by using Sign in with Apple, Google or Facebook. When you use a third-party sign-in we receive a basic identifier and, depending on your settings, your name and email; we do not receive your social password. Sign in with Apple lets you hide your email via Apple’s private relay, and we support that.
06Subscriptions & purchases
Premium features are sold as auto-renewable subscriptions through the Apple App Store. Apple processes the payment and manages billing and renewals under Apple’s own privacy policy; we receive your subscription and entitlement status but never your full payment-card details. You manage or cancel a subscription in your Apple ID settings.
08Data retention
We keep your information for as long as your account is active and as needed to provide the Service. When you delete your account, we delete or irreversibly anonymize your personal data within 30 days, except where we must retain limited records to comply with legal, tax or security obligations or to resolve disputes. Backups are purged on a rolling schedule.
09Your rights & choices
Depending on where you live, you have some or all of these rights:
- Access and obtain a copy of your data, and export your logged data.
- Correct inaccurate data — most fields are editable directly in the app.
- Delete your account and personal data.
- Object to or restrict certain processing, and withdraw consent at any time.
- For California residents: to know, delete, correct, and to opt out of “sale” or “sharing” — note we do not sell or share personal information as those terms are defined. We will not discriminate against you for exercising these rights.
To exercise any right, use the in-app controls or email privacy@grindtrack.co. You may also have the right to lodge a complaint with your local data-protection authority.
10Deleting your account & data
You can permanently delete your account from inside the app: open Settings, then Account, then Delete Account, and confirm. This removes your profile and your logged training, nutrition, body and social data as described in “Data retention.” If you cannot access the app, email privacy@grindtrack.co from your registered address and we will process the deletion.
11Security
We protect your data with encryption in transit, hashed passwords, access controls and routine security practices. No method of transmission or storage is perfectly secure, but we work to safeguard your information and will notify you and the authorities of a material breach as required by law.
12Children’s privacy
The Service is not directed to children under 13 (or the minimum age of digital consent in your country, which may be higher). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact privacy@grindtrack.co and we will delete it.
13International transfers
We may process and store information in countries other than yours, including where our service providers operate. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) for cross-border transfers.
14Changes to this Policy
We may update this Policy as the Service evolves. We will post the new version here with a revised effective date and, for material changes, notify you in the app or by email. Continued use after an update means you accept it.
15Contact us
Questions or requests about privacy? Email privacy@grindtrack.co. For general support, support@grindtrack.co.