Privacy Policy

Last Updated: December 9, 2025

1. Introduction

Welcome to Trainify AI. This Privacy Policy explains how Trainify AI ApS ("we," "us," or "our") collects, uses, shares, and protects your information when you use our mobile application, Trainify AI (the "App").

We are a company based in Denmark and are committed to protecting your privacy in compliance with the General Data Protection Regulation (GDPR).

Because our App provides personalized fitness and diet coaching, we process personal health data. This is a "special category of personal data" under GDPR, and we only do so with your explicit consent.

2. The Data Controller

The data controller responsible for your personal data is:

3. Information We Collect

We collect information to provide and improve our service. This information is collected in several ways:

3.1. Information You Provide Directly

Account Information: When you sign up, we collect your first name and your authentication details (email and password, or a token from Google, Apple, or Facebook).

Onboarding & Profile Data: To build your profile, we collect:

• Personal Details: Gender and Age.
• Health & Fitness Goals: Primary Goal (Lose Weight, Build Muscle, Maintain Fitness), Activity Level, Training Frequency, Training Location, and Experience Level.
• Body Metrics: Current Weight, Target Weight, and Height.

Special Category (Health) Data:

• Dietary Information: Dietary Preferences (Vegetarian, Vegan, etc.), Allergies or Intolerances, and free-text fields for "Disliked Foods" and "Loved Foods."
• Weekly Check-in Data: Your weight, motivation rating, energy rating, diet adherence, and free-text progress descriptions.
• Progress Photos (Optional): If you choose to upload them, we collect front, side, and back photos during check-ins.
• Body Measurements (Optional): If you choose to provide them, we collect measurements for your waist, chest, arm, and thigh.

Workout & Feedback Data:

• Workout Logs: The reps and weight you log for each exercise.
• Workout Feedback: Your rating of workout intensity, how the workout felt, and any free-text notes.

Chat Data: The messages you send to your AI Coach, including requests for plan changes or questions about fitness.

Support Communications: Any information you send to our support email. Please note: As standard email is not a secure channel for sensitive health data, we strongly advise against sending photos of your body or detailed health information via email. Please use the secure in-app "Check-in" feature for uploading photos and tracking body metrics.

3.2. Information Collected Automatically

Service Activity: We log the core actions you take within the App solely to provide the Service. This includes logging completed workouts to calculate your streaks, saving your meal preferences to generate plans, and recording your chat history to maintain conversation context with the AI.

Technical & Performance Data: We may collect basic technical information such as your device type, operating system version, and error logs (crash reports). This is used strictly for troubleshooting technical issues and ensuring the App's stability and security.

Workout Statistics: We automatically calculate and store metrics like total weight lifted and personal records (PRs) based on the data you input.

Cookies and Local Storage: Unlike many other apps, we do not use cookies or third-party tracking technologies for marketing or behavioral analytics. We only use secure local storage on your device to save your login session (Authentication Tokens). This is strictly necessary to keep you logged in and ensure the App functions correctly.

4. How We Use Your Data and Our Legal Basis

We must have a valid legal basis to process your data.

Purpose of Processing	Data Used (Examples)	Legal Basis (GDPR)
To provide our core service (create your account, manage your subscription, let you log in).	Account Information, Subscription Status.	Art. 6(1)(b) - Contract: Necessary to perform the contract (our Terms of Service) with you.
To create and manage your personalized AI-driven workout and diet plans.	All Onboarding Data, Health Data, Body Metrics, Chat Data, Workout Logs, and Check-in Data.	Art. 9(2)(a) - Explicit Consent. We only process your sensitive health data because you give us your express and specific permission to do so for this purpose.
To enable AI Coach interaction (answering your questions, modifying your plans via chat).	Chat Data, Profile Data, current plans.	Art. 9(2)(a) - Explicit Consent. This is part of providing the core personalized service.
To track and display your progress (graphs, stats, streaks, "Your Transformation" photos).	Weight, Body Measurements, Progress Photos, Workout Logs.	Art. 9(2)(a) - Explicit Consent.
To communicate with you (weekly check-in reminders, support messages, important service updates).	Email, First Name, User ID.	Art. 6(1)(b) - Contract: Necessary to provide the service.
To improve our App and AI models (understanding feature usage, fixing bugs).	Anonymized or aggregated Usage Data, Technical Data.	Art. 6(1)(f) - Legitimate Interest: To improve our service for all users.
To process payments (managing subscriptions and free trials).	User ID, Subscription Status (Handled via Apple/Google).	Art. 6(1)(b) - Contract: To fulfill your purchase.

5. Who We Share Your Data With (Data Processors)

We do not sell your personal data. We only share it with trusted third-party services (Data Processors) who provide the necessary infrastructure to operate our App. We have Data Processing Agreements (DPAs) with them.

Infrastructure & Hosting Providers: Google Cloud Platform (GCP) and Supabase

Purpose: We use Google Cloud Platform (Cloud Run) to host our backend application and our internal workflow automation (n8n). We use Supabase to securely store all your app data (including your profile, logs, and photos).

AI Service Providers: Google

Purpose: To generate your personalized plans and respond to your chat messages. Your relevant profile data (goals, stats) and your chat messages are processed via Google's AI services.

Upstash (Redis)

Purpose: We use Upstash to manage backend processing queues for our workflow automation (n8n), ensuring that your requests and chat messages are processed efficiently without data loss.

Payment Processors: Apple (App Store) and Google (Play Store)

Purpose: To handle all subscriptions and payments. We do not see or store your credit card details.

Authentication Providers: Google, Apple, and Facebook

Purpose: To allow you to log in and sign up using your existing accounts. We only receive your name and email from them.

Customer Support & Communication: Zendesk and Simply.com

Purpose: We use Zendesk as our support system where inquiries are securely stored and answered. Simply.com serves solely as a technical email gateway (transmission only, no storage) to securely route emails to Zendesk.

6. International Data Transfers

Some of our data processors (specifically Google and Supabase) may process data in data centers located outside the European Economic Area (EEA), such as in the United States.

When we transfer your data outside the EEA, we ensure it is protected by relying on valid legal mechanisms. For transfers to Google (US), we rely on the EU-U.S. Data Privacy Framework (where applicable) or Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring that your data receives an equivalent level of protection to that provided in the EU.

7. Data Retention and Deletion

We retain your personal data for as long as your account is active.

If you choose to use the "Delete Account" feature in the App's settings, we will initiate a process to permanently and irreversibly delete all your personal data from our systems. This includes your profile, workout history, check-ins, and any uploaded photos. This process cannot be undone.

8. Your Data Protection Rights

Under GDPR and UK GDPR, you have the following rights regarding your data:

• The right to access: You can request a copy of the data we hold about you.
• The right to rectification: You can correct inaccurate data (e.g., in your Profile settings).
• The right to erasure ("right to be forgotten"): You can request that we delete your data (best achieved via the "Delete Account" feature).
• The right to restrict processing: You can ask us to temporarily stop processing your data.
• The right to data portability: You can request a machine-readable copy of your data to move to another service.
• The right to object: You can object to us processing your data based on legitimate interests.
• The right to withdraw consent: You can withdraw your consent for us processing your health data at any time. As stated, this will require account deletion as the App cannot function without it.

To exercise any of these rights, please contact us at support@trainify-ai.com.

Right to Complain

You also have the right to lodge a complaint with a supervisory authority if you believe we have violated your data protection rights:

• If you are in the EU: The Danish Data Protection Agency (Datatilsynet).
• If you are in the UK: The Information Commissioner's Office (ICO).

9. Data Security

We take the security of your data, especially your health data, very seriously. We implement technical and organizational measures to protect it, including:

• Encryption of data in transit (SSL/TLS) and at rest.
• Strict access controls within our team.
• Using secure, reputable third-party providers (Google Cloud and Supabase) with high security certifications (e.g., SOC2, ISO 27001).

10. Children's Privacy

Our service is intended solely for users who are 18 years of age or older.

We do not knowingly collect personal data from individuals under the age of 18. If we become aware that we have collected personal data from a child under the age of 18, we will take steps to delete such information from our files immediately.

If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal data, please contact us at support@trainify-ai.com so that we can take necessary action.

11. Changes to This Privacy Policy

We may update this policy from time to time. If we make significant changes, we will notify you through the App or by email, giving you a chance to review the new terms.