Privacy Policy

Last updated: September 4, 2025

This Privacy Policy complies with GDPR, CCPA, COPPA, PIPEDA, and other applicable privacy laws.

1. Information We Collect

1.1 Health and Fitness Data

Data Collection: With your explicit consent, we collect:

• HealthKit Data: Heart rate, calories burned, workout sessions, active energy (read/write access)
• Sensor Data: Bluetooth heart rate monitors, power meters, cadence sensors
• Performance Metrics: Power output, training zones, workout intensity, recovery data
• Progress Photos: Images you voluntarily capture for personal challenge tracking
• Biometric Data: Weight, body measurements (if provided voluntarily)

1.2 Technical Data

• Device Information: iOS version, device model, app version, device identifiers
• Usage Analytics: Feature usage, session duration, crash reports, performance metrics
• Location Data: Approximate location for virtual climb recommendations (with permission)

1.3 Account Data

• Apple ID Authentication: We use Apple's Sign in with Apple (no personal info stored locally)
• CloudKit Identifiers: Anonymous user identifiers for data synchronization
• Preferences: App settings, workout preferences, notification settings

2. How We Use Your Information

2.1 Primary Uses

Fitness and Health Services:

• Track your fitness progress and workout performance metrics
• Provide personalized training recommendations based on your performance data
• Generate workout summaries, achievements, and progress reports
• Enable participation in fitness challenges and goal tracking
• Sync your data securely across your Apple devices via CloudKit

2.2 App Functionality

• Authenticate your identity using Apple's Sign in with Apple
• Remember your preferences and app settings
• Provide technical support and troubleshooting assistance
• Analyze app usage to improve features and user experience
• Send workout reminders and achievement notifications (with your consent)

2.3 Legal Basis for Processing (GDPR)

For users in the European Economic Area, our legal basis for processing includes:

• Consent: Health data collection and processing with your explicit consent
• Contract Performance: Processing necessary to provide App services
• Legitimate Interests: App improvement, security, and technical support
• Legal Compliance: Compliance with applicable laws and regulations

Data Storage and Security

Your data is stored securely using:

• CloudKit: Apple's secure cloud service for data sync
• HealthKit: Secure health data storage on your device
• Local Storage: Encrypted local storage for app preferences

We implement industry-standard security measures including end-to-end encryption and secure authentication.

Data Sharing

We do not sell, rent, or share your personal data with third parties, except:

• TikTok/Strava Integration: Only when you explicitly authorize sharing workout summaries
• Apple Health: Only with your explicit permission to read/write health data
• Legal Requirements: If required by law or to protect our rights

Your Privacy Rights

You have the right to:

• Access your personal data stored in the app
• Request deletion of your data (available in app settings)
• Withdraw consent for data processing at any time
• Export your workout data in standard formats
• Control which data is shared with third-party services

Data Retention

We retain your data as long as your account is active. When you delete your account:

• All personal data is permanently deleted from our servers
• CloudKit data is removed from Apple's servers
• Local app data is cleared from your device

Children's Privacy

ChallengerPlus is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

International Users

ChallengerPlus complies with applicable data protection laws including GDPR for European users and similar privacy regulations worldwide.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes through the app or email.