1. Data Controller & Contact
I am responsible for your data protection under the GDPR. For any privacy-related inquiries, please reach out to: Benedikt König Schedestr. 18 20251 Hamburg, Germany Email: privacy@gritlog.com
2. The "Local First" Architecture
Gritlog operates differently than many fitness apps. I do not operate servers to store your training logs or health data.
With your permission, Gritlog reads data from Apple HealthKit (workouts, energy burned, heart rate, and body mass). This data remains on your device and your private iCloud account. I cannot access, see, or transmit this data.
Your exercise history and settings are stored locally on your iPhone. If you use iCloud, Apple syncs this data across your devices using their secure, end-to-end encryption.
Gritlog is a paid application. All transactions are handled securely by Apple. I use RevenueCat to manage access to the app; they receive only an anonymized transaction ID to verify your purchase. I never see your credit card details or billing information.
3. We Do Not Sell Your Data
Privacy is a universal right, not a regional one. I do not sell personal data to third parties, period. This applies to all users worldwide, regardless of whether you are protected by the CCPA (California), GDPR (Europe), or any other regulation. Your data is never used for advertising or shared with data brokers.
4. Third-Party Services
I only use essential services to ensure the app runs smoothly:
To provide you with your fitness insights.
To validate app purchases. RevenueCat is based in the USA, and we have established Standard Contractual Clauses (SCCs) to ensure your data is protected according to GDPR standards.
If you email me for help, I will only use your contact details to resolve your specific request. Once your issue is sorted, I delete our correspondence.
5. Your Rights & Control
You have full control over your information at all times:
You can view, edit, or delete your fitness data directly within the Apple Health app.
To delete all data associated with Gritlog, simply delete the app from your device and manage your iCloud storage in your iOS settings.
You can revoke Gritlog's access to HealthKit at any time via the "Privacy" section of your iPhone Settings.
6. Legal Basis (GDPR)
For users in the European Economic Area, I process data based on:
For HealthKit integration.
To provide access to the app following your purchase.
For responding to your support inquiries.
7. Security
Gritlog relies on the industry-leading security of the iOS platform. Your data is protected by your device passcode/FaceID and Apple's encrypted iCloud infrastructure.
8. Children's Privacy
Gritlog is designed for adults who take their training seriously. The app is not intended for children under 13. Since all data stays on the device, simply deleting the app removes everything.
9. Changes to this Policy
If I update the app in a way that changes how data is handled, I will update this policy and notify you within the app.