Privacy Policy

Strength IO is a strength-training app for iOS and watchOS operated by Crimson IO LLC ("we," "us," "our"). Your health data is yours — we built Strength IO to help you train smarter, not to monetize your information.

This Privacy Policy describes what information we collect, how we use it, and your choices. By using Strength IO, you agree to this policy.

Information We Collect

Account Information

Strength IO uses Sign In with Apple or email/password for account creation. When using Sign In with Apple, Apple provides us with an anonymized user identifier, and optionally your name and email address (Apple offers a relay option that hides your real email). Email sign-up collects your name, email address, and a password. We do not require or collect any other personal information to use the app.

Fitness & Workout Data

When you use Strength IO, the app stores data you create — including workout history, exercise logs, personal records, recovery scores, training metrics, gym profiles, goals, and preferences. This data is stored on your device and synced to our secure servers, tied to your account, so it is backed up and restores when you set up a new iPhone.

Workout summaries synced to our servers include aggregate metrics such as average and maximum heart rate, calories burned, duration, volume, and exercise details. These are workout-level summaries — raw HealthKit time-series data (individual heart rate samples, sleep stage transitions, etc.) is never uploaded.

Apple HealthKit Data

With your permission, Strength IO reads health data from Apple HealthKit to power its recovery and readiness features. This includes:

• Sleep (duration, stages, quality)
• Heart rate, resting heart rate, heart rate variability, walking heart rate
• VO2 Max
• Active energy, exercise time, steps, stand time
• Body measurements (weight, height, body fat, lean mass)
• Respiratory rate, blood oxygen
• Wrist temperature
• Workout history and effort scores

Strength IO may also write your completed workouts back to HealthKit so they appear in Apple Health.

Raw HealthKit data (individual samples, time-series readings) is processed entirely on your device and is never shared with third parties, never uploaded to our servers, and never used for advertising or marketing. Only aggregate workout-level metrics (such as average heart rate per workout) are included in workout summaries synced to our servers. You can revoke HealthKit access at any time in iOS Settings.

Location Data

When you complete a workout, Strength IO may request your location to tag the workout with a gym or venue name. Location is captured once at workout completion and stored locally with your workout. If you enable "Share Workout Location" in Privacy Settings, the gym name and coordinates are also included in workout data synced to our servers. This setting is off by default. Location access is optional — you can deny or revoke it at any time in iOS Settings, and workouts will simply not include a location tag.

On-Device Processing & AI

Strength IO's recovery calculations and its AI coaching run entirely on your device using Apple's on-device frameworks. Your data is never sent to any third-party AI service for processing.

Analytics & Crash Reporting

We use service providers for analytics (to understand how the app is used) and crash reporting (to identify and fix bugs). These services collect usage data such as which screens you visit, which features you use, and technical information about crashes or errors. This data is associated with anonymous identifiers, not your name or email. We do not use advertising networks or ad-supported analytics services.

Subscription Data

We use a service provider to manage subscriptions and verify purchase entitlements. This provider receives transaction data from Apple (purchase status, product identifiers, subscription period) but does not receive your health or workout data. See the App Store terms for Apple's handling of payment information.

How We Use Your Information

We use your information to:

• Generate personalized workouts, weight recommendations, and recovery-aware scheduling
• Calculate daily readiness and recovery scores using your health and training data
• Track your progress, personal records, and training trends
• Authenticate your account
• Back up your data so it restores when you set up a new iPhone
• Monitor app stability and fix crashes
• Understand which features are used to guide development priorities

Service Providers

We use a limited number of trusted service providers to operate the app — for account authentication and data storage, product analytics and crash reporting, subscription management, and push notifications and email. These providers process data only as needed to provide their service and are contractually prohibited from using your data for their own purposes.

We do not sell, rent, or trade your personal data. We do not share your data with any third-party AI service — Strength IO's coaching runs entirely on your device. We do not use advertising networks or share data for advertising or marketing purposes.

Data Storage & Security

Your fitness and workout data is stored on your device and synced to our secure servers, tied to your account and encrypted in transit and at rest.

Account information and your synced workout data are stored on secure servers with encryption in transit and at rest. We use industry-standard security measures including encrypted connections, secure authentication, and access controls. No method of storage or transmission is 100% secure, and we cannot guarantee absolute security.

Data Retention

Your account and fitness data is retained for as long as your account is active. You can delete your data at any time from within the app.

Analytics and crash reporting data is retained according to our service providers' standard retention policies, typically no longer than 90 days for detailed data.

Deleting Your Account

You can delete your account and all associated data at any time from Settings within the app. This permanently removes:

• All local app data on your device
• Your account and profile from our servers
• All workout, achievement, and training data stored on our servers
• Your authentication credentials

You can also delete the app to remove all local data from your device.

Your Rights

You have the right to:

• Access the personal data we hold about you (available via the data export feature in Settings)
• Request correction of inaccurate data
• Request deletion of your data (available in-app or by contacting us)
• Revoke HealthKit access at any time
• Revoke location access at any time

California Residents

Under the California Consumer Privacy Act (CCPA), you have the right to know what personal information we collect, request its deletion, and opt out of its sale. We do not sell personal information. To exercise these rights, contact us at StrengthIO@crimson-io.com.

Children's Privacy

Strength IO is not intended for children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

Changes to This Policy

We may update this policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Continued use of the app after changes constitutes acceptance of the updated policy.

Contact

Questions? Contact us at StrengthIO@crimson-io.com.