Privacy Policy

Overview

IronPath ("we", "us", or "our") is an AI-powered workout tracking app. This policy explains what data we collect, how we use it, and your rights regarding your personal information.

We do not sell your data. We do not share your data with advertisers. Your workout data is yours.

Data We Collect

When you create an account and use IronPath, we collect:

• Account information — your email address, used for authentication and account recovery
• Workout data — exercises, sets, reps, weights, RPE ratings, notes, and timestamps you log in the app
• Routine templates — any workout routines you create or save
• App preferences — display units (kg/lbs), rest timer settings, theme preferences

We do not collect your name, phone number, location, contacts, or any health data beyond what you explicitly log in the app.

How We Use Your Data

• To provide and sync your workout history across sessions
• To generate AI-powered insights and performance analytics within the app
• To send rest timer notifications you request during workouts
• To restore your data if you reinstall the app or switch devices

Third-Party Services

IronPath uses the following third-party services to operate:

• Supabase — cloud database and authentication provider. Your data is stored in Supabase-managed PostgreSQL databases with row-level security policies enforced. Supabase Privacy Policy
• Google Gemini API — used to generate workout insights. Workout data sent to Gemini is used solely for generating your in-app analysis and is not used to train Google's models. Google Privacy Policy

Data Storage & Security

Your data is stored in encrypted cloud databases with access controls that ensure only you can read or modify your own data. We enforce row-level security at the database level, meaning our servers cannot accidentally return another user's data.

Authentication tokens are stored locally on your device using standard iOS secure storage mechanisms.

Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated data (workouts, routines, preferences) is permanently deleted within 30 days.

Your Rights

You have the right to:

• Access all data associated with your account
• Export your workout history
• Delete your account and all associated data
• Correct inaccurate account information

To exercise any of these rights, contact us at support@getironpath.com.

Children's Privacy

IronPath is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

Changes to This Policy

We may update this policy from time to time. If we make material changes, we will notify you within the app. Your continued use of IronPath after changes take effect constitutes acceptance of the updated policy.

Contact

Questions about this policy? Reach us at support@getironpath.com.