Privacy Policy

Thank you for choosing GritAI (“the App”), a dead-simple gym workout logger developed by Gravity Lab (“we”, “us”, or “our”). GritAI helps you log your sets, track your lifts, monitor your nutrition, manage your supplements, and visualise your performance over time — all without requiring an account. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the App on Android or iOS. Please read this policy carefully. By downloading, installing, or using the App you agree to the practices described here. If you do not agree, please do not access or use the App.

GritAI is built with a privacy-first, offline-first architecture. We do not require account creation, login, or any form of user registration. We do not collect personally identifiable information such as your real name, email address, phone number, or physical address.

a. Information Stored Locally on Your Device

All workout and health data is stored exclusively on your device in a local SQLite database (via Drift). This data never leaves your device and is not transmitted to our servers or any third party. Locally stored data includes:

• Exercises: Exercise names, categories, and tracking types (weight & reps, bodyweight, duration, distance, etc.).
• Workout Sets: Exercise performed, weight, rep count, set number, duration, distance, drop-set flags, and timestamp of each logged set.
• Workout Regimes: Named workout plans and the exercises they contain.
• Food & Calorie Logs: Food item names, macros (calories, protein, carbohydrates, fat), serving size, and meal-type timestamps.
• Supplements: Supplement name, dose description, reminder time, and days-of-week schedule.
• Supplement Logs: Timestamps of when each supplement was marked as taken.
• Water Logs: Water intake volume and timestamps.
• App Preferences: Onboarding completion status and any in-app settings stored via SharedPreferences.

b. Diagnostic & Analytics Data (Collected by Firebase)

The App integrates Firebase Analytics and Firebase Crashlytics to help us understand how the App is used and to detect crashes. This data collection is enabled only in release builds and is governed by Google’s privacy policy. Data collected includes:

• Firebase Analytics: Anonymised screen views, navigation events, and custom in-app events (e.g., feature interactions). No personal health or workout data is included in these events.
• Firebase Crashlytics: Crash reports including the device model, OS version, app version, and stack trace at the time of the crash. A stable anonymous installation identifier may be set to group crashes per-install.

c. Information Collected by Advertising Services

The App displays advertisements via Google AdMob. AdMob may collect device information and advertising identifiers independently of us. See Section 5 (Advertising) for details.

d. Information We Do NOT Collect

• Names, email addresses, phone numbers, or physical addresses
• Location data or GPS coordinates
• Photos, videos, or media files
• Contact lists or call logs
• Browsing history or search queries
• Financial or payment information
• Biometric data (fingerprints, face scans, voice recordings)
• Contents of your messages or communications

All locally stored data is used solely to provide the App’s core functionality. Firebase data is used only to improve stability and understand aggregate usage patterns.

• Workout Logging: Your exercise and set data is used to display your current session, show your last-session performance for each exercise, and power the progress charts.
• Nutrition Tracking: Food and calorie logs are used to display your daily macro summary and calorie totals.
• Supplement Reminders: Your supplement schedules are used to schedule local push notifications at your chosen times and days.
• Water Tracking: Water logs are used to display your daily intake progress.
• Performance Charts: Historical workout sets are aggregated on-device to render volume and strength progression graphs.
• Data Backup & Restore: The export feature packages your local database into a file you save to your device. The import feature reads that file to restore your data. No data is sent to our servers during either operation.
• Crash Reporting (Crashlytics): Crash data is used solely to identify and fix bugs. It is not used for advertising or profiling.
• Analytics (Firebase Analytics): Aggregated, anonymised screen-view events are used to understand which features are most used so we can prioritise improvements. No personal health data is included.

The App requests the following permissions to deliver its features:

The App uses the following third-party services. Each operates under its own privacy policy:

• Firebase Analytics (Google): Collects anonymised screen views and custom events in release builds to help us understand aggregate App usage. Google Privacy Policy
• Firebase Crashlytics (Google): Collects crash reports including stack traces, device model, OS version, and an anonymous installation identifier. Used solely for bug fixing. Google Privacy Policy
• Google AdMob (Google): Serves interstitial advertisements. AdMob may collect device identifiers and usage data to serve and measure ads. Google Privacy Policy
• Google Fonts: Font files are fetched from Google’s servers on first launch to render the App’s UI. No personal data is transmitted during this request beyond standard HTTP metadata (IP address, user agent). Google Privacy Policy
• Google Play Services / Apple App Store: Required for App distribution and platform integration. Google Privacy Policy

GritAI is free to download and is supported by advertisements served through Google AdMob. The App may display interstitial ads at natural transition points (for example, after completing a workout session).

Google AdMob may collect your device’s advertising identifier and other device information to serve relevant advertisements. For users in the European Economic Area (EEA), we implement Google’s User Messaging Platform (UMP) to obtain your consent before serving personalised ads. If you decline consent you will receive non-personalised ads only.

For more information about how Google uses your data for advertising, please visit: Google Privacy Policy.

All workout, nutrition, and supplement data is stored in a SQLite database on your device using the Drift library. This database is private to the App’s sandbox and is not accessible by other apps.

• No Cloud Sync: Your training data, food logs, and supplement schedules are never synchronised to any cloud service operated by us.
• No Backend Servers: We do not operate backend servers that receive or process your personal health data. The App functions as a fully local, standalone application.
• No User Accounts: The App does not require account creation, login credentials, or authentication with any external service.
• Data Export: The backup feature creates a portable file on your device that you control entirely. The file is not uploaded anywhere automatically.
• Data Deletion: You can delete all locally stored data at any time by clearing the App’s storage through your device settings or by uninstalling the App.

While we take reasonable measures to ensure locally stored data is handled responsibly, no method of electronic storage is 100% secure. Data processed by third-party services (Firebase, AdMob) is secured according to their respective security practices.

Since all workout and health data is stored locally on your device, data retention is entirely within your control:

• Workout & Nutrition Data: Retained on your device indefinitely until you delete individual entries within the App, clear the App’s data through your device settings, or uninstall the App.
• Supplement Schedules & Logs: Retained locally until you delete them in the App or uninstall.
• App Preferences: Retained locally until you clear the App’s data or uninstall.
• Firebase Crashlytics Data: Retained by Google for up to 90 days per Google’s standard Crashlytics data retention policy.
• Firebase Analytics Data: Retained by Google according to Google’s standard Analytics data retention settings (default 14 months for user-level data).
• AdMob Data: Retained by Google according to their advertising data retention policies.

GritAI is a general-purpose fitness tracking application and is not specifically directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personally identifiable information from children. The App does not require account creation, login, or submission of any personal information.

Advertisements displayed through Google AdMob comply with applicable children’s advertising regulations. If you are a parent or guardian and believe your child has provided personal information through the App, please contact us at the address below and we will take steps to address the matter promptly.

You have the following choices regarding your data and privacy:

• Access & Portability: All your data is visible directly within the App. You can export a full copy of your data at any time using the built-in backup feature.
• Deletion: You can delete individual workout entries, food logs, supplement records, or water logs directly in the App. To erase all data, clear the App’s storage through your device settings or uninstall the App.
• Ad Personalisation: When prompted by the consent dialog (EEA users), you may choose to receive non-personalised ads only. You can also manage ad personalisation through your device’s advertising settings.
• Advertising ID: You can reset or opt out of your device’s advertising identifier through Android or iOS device settings.
• Notifications: You can disable supplement reminder notifications at any time through your device’s notification settings.
• Analytics Opt-Out: Firebase Analytics collection is disabled in debug builds. On production devices you may opt out via your device’s analytics settings where available.

If you are located in the European Economic Area (EEA) you may have additional rights under the General Data Protection Regulation (GDPR), including the right to access, rectify, or erase data processed by third-party services. To exercise these rights regarding Firebase or AdMob data, please contact Google directly or reach out to us for assistance.

GritAI is available for download globally. Since we do not collect or transmit your personal health data to our own servers, there are no cross-border transfers of your workout or nutrition data initiated by us. However, third-party services (Firebase, AdMob) may process device-level data in accordance with their own international data transfer practices and standard contractual clauses.

We may update this Privacy Policy from time to time to reflect changes in our practices, third-party services, or applicable laws. When we make changes, we will update the “Last Updated” date at the top of this page. We encourage you to review this Privacy Policy periodically. Your continued use of the App after any modifications constitutes acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: