Privacy Policy

Introduction

SteelRep (“we”, “us”, “our”) is operated by ThoughtGears Ltd, a company registered in England and Wales. This Privacy Policy explains how we collect, use, and protect your personal data when you use the SteelRep mobile application.

We are committed to protecting your privacy and handling your data in an open and transparent manner. This policy complies with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and the California Consumer Privacy Act (CCPA).

Data Controller

ThoughtGears Ltd is the data controller for your personal data.

Contact: [email protected]

Data We Collect

SteelRep does not require an account. There is no sign-up, no login, and no password. We never ask for your name or email address to use the app.

Workout Data (stored on your device, not by us)

Your workout activity — including:

Exercise logs (sets, reps, weight)
Workout history
Personal records
Custom exercises
Program selections and progress

— is stored locally on your device and synced privately across your own devices through your iCloud account (Apple). We never receive, store, or have access to your workout data. This sync is handled by Apple and governed by Apple’s privacy policy.

Device Data

Device type and operating system
App version
Crash reports (via Firebase Crashlytics)

Crash Reports

If you leave Help improve SteelRep enabled, we collect crash reports to maintain app stability. Crash reports include stack traces, device model, and OS version. They do not contain personal workout data or personally identifiable information.

Analytics Data

If you leave Help improve SteelRep enabled, we collect anonymous usage analytics to understand which features are most valuable and improve the app experience. This covers how you move through the app — for example screens visited and features used. We do not collect any workout content: no exercises, weights, reps, personal records, or which program you follow.

Your Choice: Help improve SteelRep

A single Help improve SteelRep setting controls both crash reports and analytics. When you first set up SteelRep, the Get Started screen explains that these are enabled to help improve the app and links to this policy. You can turn them off at any time in Settings → Privacy, and the app remains fully functional if you do. Changes take effect immediately.

How We Use Your Data

Your workout data stays on your device and in your private iCloud account — we do not receive or use it. The limited diagnostic and analytics data we do collect is used to:

Maintain app stability and fix crashes
Understand which features are most valuable and improve the app
Respond to support requests you send us

Progression, personal records, and reminders are all calculated and scheduled on your device.

Legal Basis for Processing

Under UK and EU GDPR, we process the limited diagnostic and analytics data described above based on your consent (GDPR Art. 6(1)(a)), which you give when you set up the app and can withdraw at any time in Settings → Privacy. Withdrawing consent stops all further collection; it does not affect data already processed.

Data Retention

Workout data: Stored on your device and in your iCloud account, under your control. We hold no copy. Deleting it in the app, or removing the app and its iCloud data, erases it.
Analytics data: Aggregated data retained for 26 months
Crash reports: Retained for 90 days

We do not store your workout data, so there is nothing for us to share. The limited diagnostic and analytics data we collect is processed only by:

Google (Firebase): Crash reporting (Crashlytics) and anonymous usage analytics (Google Analytics for Firebase). We do not use Firebase for hosting, authentication, or storing your workout data.
Apple (iCloud): Syncs your workout data privately across your own devices. We have no access to it.
Apple / Google: App Store and Google Play distribution and subscription payment processing. We do not receive your payment details.

We do not sell your personal data.

Your Rights

Under UK GDPR, EU GDPR, and CCPA, you have the right to:

Access: Your workout data lives on your device — you can view and export it directly in the app. For the diagnostic/analytics data we hold, you can request a copy.
Rectification: Correct inaccurate data
Erasure: Delete your workout data on your device and in iCloud at any time, and request deletion of the diagnostic/analytics data associated with your device
Portability: Export your workout data from the app in a machine-readable format
Restriction: Limit how we process your diagnostic/analytics data
Objection: Object to certain processing activities
Withdraw consent: Opt out of analytics and crash reporting at any time

To exercise these rights, contact [email protected] or use the in-app settings.

Data Security

We implement appropriate technical and organizational measures to protect your data, including:

Your workout data is protected by your device’s encryption and by Apple’s iCloud encryption — we never hold it
Encryption in transit (TLS/HTTPS) for diagnostic and analytics data
Encryption at rest for the limited data held by our analytics processors
Regular security reviews

International Transfers

Your data may be transferred to and processed in countries outside the UK/EEA. We ensure appropriate safeguards are in place, including Standard Contractual Clauses with our processors.

Children’s Privacy

SteelRep is not intended for users under 16 years of age. We do not knowingly collect data from children under 16.

Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via the app or email.

Contact Us

For privacy-related questions or to exercise your rights:

Email: [email protected]

Data Protection: ThoughtGears Ltd, United Kingdom

Complaints

If you’re not satisfied with our response, you can lodge a complaint with:

UK: Information Commissioner’s Office (ICO) at ico.org.uk

EU: Your local data protection authority