Privacy Policy

Introduction

Welcome to Stacco App. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we handle your information when you use our workout tracking application available on iOS and Android platforms.

Data Collection and Storage

Local Data Storage

Stacco App is designed with privacy at its core. Most of your workout data is stored locally on your device, including:

• Workout logs (reps, sets, exercises)
• Progress tracking data
• Exercise history
• Personal workout preferences and settings
• Custom workout templates and routines

This local storage approach means your workout data remains on your device and is not automatically transmitted to our servers unless you create an account.

Account Creation and Cloud Storage

When you choose to create an account with Stacco App, we store the following information in our secure Supabase database:

• Email address
• Account credentials (securely hashed passwords)
• Workout data you choose to sync across devices
• Account preferences and settings
• Subscription status and history

Creating an account is entirely optional. You can use Stacco App's core features without creating an account, and your data will remain stored locally on your device only.

Third-Party Services

RevenueCat for Subscriptions

Stacco App uses RevenueCat to manage in-app subscriptions. We offer the following subscription options:

• Weekly subscriptions
• Monthly subscriptions
• Yearly subscriptions

When you purchase a subscription, RevenueCat processes the transaction and may collect the following information:

• App user ID (anonymous identifier)
• Subscription status and purchase history
• Device information and platform (iOS or Android)
• Transaction data from Apple App Store or Google Play Store

RevenueCat's privacy practices are governed by their own privacy policy, which you can review at https://www.revenuecat.com/privacy .

Supabase Database

We use Supabase as our backend database provider for storing account information and synced data. Supabase is a secure, open-source platform with enterprise-grade security features. All data stored in Supabase is encrypted in transit and at rest. You can learn more about Supabase's security practices at https://supabase.com/security .

What We Don't Collect

Stacco App does not collect, store, or process:

• Location data or GPS coordinates
• Contact lists or phone numbers
• Photos or media files (except those you explicitly choose to attach to workout logs)
• Biometric data or health information beyond what you manually enter for workouts
• Device identifiers for advertising purposes
• Browsing history or app usage outside of Stacco App
• Third-party analytics or tracking cookies

Data Usage

We use the limited data we collect solely for the following purposes:

• Providing and maintaining the Stacco App service
• Syncing your workout data across your devices (when you have an account)
• Processing and managing your subscriptions
• Communicating with you about your account or subscription
• Improving our app's functionality and user experience
• Providing customer support when requested

We do not sell, rent, or share your personal information with third parties for marketing purposes. We do not use your data for advertising or analytics beyond what is necessary to operate the service.

Data Security

We implement appropriate technical and organizational security measures to protect your data, including:

• Encryption of data in transit using industry-standard TLS/SSL protocols
• Encryption of data at rest in our Supabase database
• Secure password hashing using bcrypt or similar algorithms
• Regular security updates and patches
• Access controls limiting who can access user data

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but maintain industry-standard practices to protect your data.

Your Rights and Choices

You have the following rights regarding your data:

• Access: You can access your account data at any time through the app
• Correction: You can update or correct your information within the app settings
• Deletion: You can delete your account and all associated data by contacting us or using the in-app account deletion feature
• Data Export: You can request a copy of your data by contacting us
• Opt-Out: You can choose not to create an account and keep all data local to your device

If you delete your account, all data stored in our Supabase database will be permanently removed. Please note that data stored locally on your device will remain until you uninstall the app or manually delete it.

Children's Privacy

Stacco App is not intended for use by children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete such information.

International Data Transfers

Your data may be stored and processed in any country where we or our service providers maintain facilities. By using Stacco App, you consent to the transfer of your information to countries outside of your country of residence, which may have different data protection laws.

Data Retention

We retain your account data for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your data within 30 days, except where we are required to retain it for legal compliance, dispute resolution, or to enforce our agreements.

Subscription data processed through RevenueCat may be retained according to their retention policies and applicable platform requirements (Apple App Store, Google Play Store).

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

• Posting the updated policy in the app
• Updating the "Last updated" date at the top of this policy
• Sending you an email notification (if you have an account)

Your continued use of Stacco App after any changes indicates your acceptance of the updated privacy policy.

California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed and to whom
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to request deletion of personal information
• Right to non-discrimination for exercising CCPA rights

GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent at any time

Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or your personal data, please contact us at:

We will respond to your inquiry within 30 days of receiving your request.