Your privacy matters to us. This policy explains what data Etch Fitness collects, why we collect it, and how you can control it. We do not sell your personal data to third parties.
1. Information We Collect
We collect the following categories of information when you use Etch Fitness:
Account Information
- Email address (provided via Apple Sign In or Google Sign In)
- Display name (optional, provided at sign-up)
- Profile avatar URL (from social sign-in providers)
Fitness & Health Data
- Photos you upload for physique analysis (front, side, and back poses)
- Fitness goals, experience level, and training preferences you set in your profile
- Workout programme customisations and training progress stored locally on your device
- Physique analysis results, muscle scores, and AI-generated recommendations
Nutrition Data
- Meal photos you submit for scanning
- Meal logs including estimated calories, macronutrients, and meal descriptions
- Nutrition goals derived from your profile and physique data
Usage & Technical Data
- Device type, operating system version, and app version
- In-app purchase and subscription records (transaction IDs, product IDs)
- Error logs and performance data to diagnose technical issues
2. How We Use Your Data
We use the information we collect for the following purposes:
- Account management — to create and maintain your account, authenticate you, and keep your data secure
- AI physique analysis — photos you upload are sent to OpenAI's API for computer-vision analysis; results are stored against your account so you can track progress over time
- Meal scanning — meal photos are sent to OpenAI's API for nutritional analysis; results are saved to your meal log
- Personalised plans — your fitness goals, experience level, and physique data are used to generate tailored workout and nutrition plans
- Subscription management — purchase records are used to verify and manage your subscription tier
- App improvement — aggregated, anonymised usage data helps us understand how the app is used and where to improve
3. Third-Party Services
Etch Fitness relies on the following third-party services. By using the app, you acknowledge that your data may be processed by these providers under their respective privacy policies.
OpenAI
Photos submitted for physique analysis and meal scanning are processed by OpenAI's API (GPT-5 Vision). Images are transmitted securely and are subject to OpenAI's Privacy Policy. We do not use your images to train OpenAI models.
Apple Sign In
If you authenticate with Apple Sign In, Apple processes your authentication credentials. See Apple's Privacy Policy for details.
Google Sign In
If you authenticate with Google, Google processes your authentication credentials. See Google's Privacy Policy for details.
Supabase
Your account data, analysis results, and meal logs are stored in a Supabase-hosted PostgreSQL database. Data is encrypted at rest and in transit.
Apple App Store / In-App Purchases
Subscription purchases are processed entirely by Apple. We receive only transaction identifiers and product IDs — no payment card information is transmitted to or stored by Etch Fitness.
4. Data Sharing
We do not sell, rent, or trade your personal data. We share data only in the following limited circumstances:
- With third-party service providers listed above, strictly to operate the app
- When required by law, court order, or government authority
- To protect the rights, property, or safety of Etch Fitness or our users
- In connection with a merger, acquisition, or sale of assets (you will be notified)
5. Data Retention & Deletion
We retain your data for as long as your account is active or as needed to provide the service.
- Photos — physique images submitted for analysis are stored as part of your analysis record. You can delete individual analyses from within the app at any time.
- Meal logs — meal entries can be deleted individually from the Nutrition tab.
- Account deletion — to permanently delete your account and all associated data, contact us at contact@etchfitnessapp.com. We will complete deletion within 30 days.
- Local data — workout progress and customisations stored on your device can be cleared by uninstalling the app.
6. Data Security
We take reasonable technical and organisational measures to protect your data, including:
- All data transmitted between the app and our servers uses TLS encryption
- Database data is encrypted at rest
- Authentication uses industry-standard JWT tokens; passwords are never stored
- Access to production systems is restricted to authorised personnel
No method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to using best practices.
7. Children's Privacy
Etch Fitness is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us at contact@etchfitnessapp.com and we will delete it promptly.
8. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access — request a copy of the data we hold about you
- Correction — request that inaccurate data be corrected
- Deletion — request deletion of your account and personal data
- Portability — request your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interests
To exercise any of these rights, contact us at contact@etchfitnessapp.com.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top. For significant changes, we will notify you within the app or by email. Continued use of the app after changes constitutes acceptance of the updated policy.
10. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy, please contact us:
Email: contact@etchfitnessapp.com
We aim to respond to all enquiries within 5 business days.