1. Introduction
Antrenör+ ("we", "app") values user privacy. This policy explains what data is collected, how it is used, and how it is protected.
This privacy policy has been prepared in compliance with KVKK (Turkey's Personal Data Protection Law) and GDPR (EU General Data Protection Regulation).
2. Personal Data Collected
a) Account Information
| Data | Purpose |
|---|---|
| First name, last name | Profile display |
| Email address | Authentication, communication |
| Phone number | OTP verification (optional) |
| Profile photo | Profile display |
| Date of birth | Age calculation, calorie/TDEE |
| Gender | Calorie calculation, AI recommendations |
| Height (cm) | Body measurements, AI analysis |
| Timezone | Notification timing |
| Fitness goal | Calorie/TDEE calculation, AI recommendations |
| Activity level | Calorie calculation, AI recommendations |
| Biography | Profile display (optional) |
b) Health and Fitness Data
| Data | Purpose |
|---|---|
| Weight | Progress tracking |
| Body measurements (16+ areas) | Progress analysis |
| Workout records (duration, calories, sets, reps, weights) | Performance tracking |
| Set type information (warm-up, dropset, failure set) | Workout analysis |
| Rest periods between sets | Workout analysis |
| Rate of perceived exertion (RPE 1-10) | Workout intensity analysis |
| Pre/post workout mood (1-5 scale) | Workout analysis |
| Nutrition records (calories, macros) | Nutrition tracking |
| Daily water intake (ml) and water goal | Hydration tracking |
| Progress photos | Visual progress |
| Meal photos | AI nutrition analysis |
| Custom exercise images and videos (by trainers) | Exercise library, student display |
c) Apple Health Data (iOS, with user permission)
| Data | Purpose |
|---|---|
| Step count (last 30 days) | Activity tracking |
| Heart rate (instant, average, min/max) | Health tracking |
| Active calories (last 30 days) | Energy expenditure |
| Sleep data (total, deep, REM, light) | Rest analysis |
d) Device and Technical Data
| Data | Purpose |
|---|---|
| Push notification token | Notification delivery |
| Device platform (iOS/Android/Web) | Platform compatibility |
| App version | Bug tracking |
e) Payment Data
| Data | Purpose |
|---|---|
| Subscription status | Feature access |
| Purchase history | Subscription management |
| Product/package ID | Plan determination |
| RevenueCat customer ID | User matching (Supabase user_id) |
Note: Credit card information is not collected or stored by the app. All payment transactions are managed by Apple App Store and Google Play.
f) Apple Watch Data (watchOS, with user permission)
The Antrenör+ Apple Watch app collects the following data and syncs it with iPhone:
Data sent to Watch:
- Active workout status (current exercise, set, rep, weight info)
- User age and gender (for heart rate-based recovery calculation)
- Resting heart rate
- Exercise images
- Dark mode preference
Data collected from Watch:
- Average and maximum heart rate during workout
- Instant heart rate during rest
- Calories burned
- Workout actions (set completion, weight/rep adjustments)
Watch can record independent workouts without phone connection, and this data is synced later.
Authentication credentials (session tokens) are stored in secure App Group shared storage.
3. Data Usage Purposes
- Account creation and authentication
- Providing fitness and nutrition tracking services
- Generating AI-powered recommendations (workout, nutrition, measurement analysis)
- Nutritional value analysis from meal photos
- Data sharing between trainer and student (programs, measurements, nutrition)
- Live workout synchronization
- Push notification delivery
- Subscription status management
- App bug detection and improvement
- Fulfilling legal obligations
4. Third-Party Service Providers
| Service | Provider | Usage Purpose | Shared Data |
|---|---|---|---|
| Database & Authentication | Supabase (US) | Data storage, auth | All app data |
| Subscription Management | RevenueCat (US) | Purchase verification | User ID, purchase info |
| Meal Analysis | TastyAPI | Nutritional value estimation | Meal photos, gender, height (cm), language preference |
| Push Notifications | Expo (US) | Notification delivery | Push token, notification content |
| Health Data | Apple HealthKit | Health data reading | Steps, heart rate, calories, sleep |
| Body Measurement AI | Antrenör+ (our own API) | Body measurement estimation | Body photos, gender, height |
| Live Workout | Antrenör+ Servers | Real-time workout synchronization | Workout status, exercise data (sets, reps, weights), timers |
Third-party services are used solely for app functionality. Data is not shared for marketing or advertising purposes.
5. Data Security
SSL/TLS Encryption
All data transmission is protected with encryption
Encrypted Storage
Authentication tokens are stored encrypted on the device
Row Level Security
Database row-level security (RLS) is applied
Signed URLs
File access is provided through time-limited signed URLs (1 hour valid)
Server-Side Keys
Third-party API keys are stored server-side
Regular Security Scans
Systems are regularly scanned for security vulnerabilities
6. Data Retention Period
- Account data: Stored until account is deleted
- Workout and nutrition history: Stored until account is deleted
- Photos: Stored until user deletes them or account is deleted
- AI reports: Stored until account is deleted
- Push tokens: Deleted upon sign-out
- Backup data: Cleared within 30 days after account deletion
7. User Rights
Right of Access
View your collected data
Right to Rectification
Update incorrect information (from Profile screen)
Right to Erasure
Permanently delete your account and all data
Right to Data Portability
You can send your data portability request to info@antrenorplus.com. Your request will be processed within 30 days and your data will be delivered in a structured format (JSON).
Right to Object
Object to data processing — you can contact info@antrenorplus.com
Right to Restriction
Restrict certain data processing activities — you can contact info@antrenorplus.com
For requests: info@antrenorplus.com — Your requests will be responded to within 30 days.
8. Cookies and Tracking
- The mobile app does not use cookies
- The web platform only uses cookies necessary for session management
- User tracking is not performed
- Advertising identifier (IDFA) is not collected
- Third-party advertising or analytics cookies are not used
- NSPrivacyTracking: false
9. Trainer-Student Data Sharing
- When a student connects to a trainer, the trainer accesses: workout records, nutrition records, water intake records, body measurements, progress photos (those not marked as private)
- Trainers can add notes about students (general, injury, goal, feedback, medical)
- Trainers can initiate 3D body measurements on behalf of students
- Access ends when the trainer-student connection is terminated
- Trainers must not share student data outside the app
- Students can manage the scope of shared data from their profile settings
10. Children's Privacy
- The app is not intended for users under 18
- We do not knowingly collect data from users under 18
- If a user under 18 is identified, the account will be deleted
- Parents can contact info@antrenorplus.com to request deletion of their child's data
11. International Data Transfer
- Data is processed on Supabase and RevenueCat servers (US)
- Data is transferred under the EU-US Data Privacy Framework
- Processed in accordance with standard contractual clauses
- Adequate security measures are taken for data transfers
12. Changes
- The privacy policy may be updated
- Important changes will be announced via in-app notification
- The last update date is indicated on the page
- 30 days advance notice will be given for significant changes
13. Contact
For questions or requests regarding privacy, you can contact us:
General inquiries and legal requests:
info@antrenorplus.comTechnical support:
destek@antrenorplus.com