Privacy Policy

Physique Technologies LLC ("PHYZIK," "we," "us," or "our") operates the PHYZIK mobile application, the PHYZIK Shop marketplace, and the phyzik.app website (together, the "Services"). This Privacy Policy explains what information we collect, how and why we use it, who we share it with, and the choices and rights you have. By using the Services, you agree to the practices described here.

PHYZIK is both a social fitness platform and a marketplace where independent brands sell physical goods. Because the Services include payments and the sale of products, this policy covers shopping and order data in addition to training and social data.

Information we collect

Account information. When you create an account we collect your email address, username, and password (stored securely via Supabase Auth with bcrypt hashing). You may optionally provide your name, profile photo, height, weight, bio, date of birth, and social media links. If you sign in with Apple or Google, we receive the basic profile information those providers share, such as your name and email (or Apple's private relay email).

Health and fitness data. The Services are designed to track training and body metrics. We collect workout data (exercises, sets, reps, weights, rest, duration), body weight and body-measurement entries, nutrition logs (meals, calories, and macronutrients), progress photos you upload, program configurations, and performance analytics derived from your activity. Some of this is sensitive health-related information, and we treat it accordingly.

Apple HealthKit. With your explicit permission, the App can read from and write to Apple HealthKit (for example, workouts, active energy, body weight, and nutrition). HealthKit data is used only to provide app features you have enabled. We never use HealthKit data for advertising or marketing, and we do not sell it. You can revoke HealthKit access at any time in the iOS Settings app or Apple Health app.

AI processing of your inputs. When you use AI-assisted features — such as logging a meal from a photo or logging a workout by voice — the relevant content (the meal image, or an audio recording and its transcript) is sent to our AI processing provider, Anthropic (Claude), to interpret it and return structured results. This content is processed to deliver the feature and is not used by us to train advertising models.

Social data. Posts, likes, comments, follows, squad memberships, challenge participations, direct messages, and gym check-ins.

Marketplace and purchase data. When you buy from PHYZIK Shop, we and our payment processor collect the information needed to complete your order — items purchased, order amount, shipping and billing address, contact details, and order status. Payment card details are collected and processed directly by Stripe; we do not store your full card number on our servers.

Device and usage information. Device type, operating system version, app version, approximate region, crash and performance diagnostics, and general usage analytics describing how features are used.

Permissions you may grant. Depending on the features you use, the App may request access to your camera and photo library (for progress photos and meal photos), your microphone (for voice workout logging), push notifications, your contacts (to help you find friends), your calendar (to schedule workouts or rest reminders), and your location or maps (for gym check-ins and finding gyms near you). These permissions are optional, requested in context, and can be changed in your device settings at any time.

How we use your information

We use your information to provide and operate the Services — workout tracking, program generation, progressive-overload calculations, nutrition logging, performance analytics, social features, squad management, and the PHYZIK Shop marketplace. We use it to process and fulfill purchases, communicate with you about orders, prevent fraud, and provide customer support. We generate personalized training insights, display your public profile and activity to other users based on your privacy settings, maintain the security and integrity of the Services, diagnose and fix problems, comply with legal obligations, and improve and develop new features. We may send you service-related messages and, where permitted, product announcements you can opt out of.

How we share your information

We do not sell your personal information, and we do not share your health and fitness data with third-party advertisers. We share information in the following limited ways:

With other users. Content you choose to make public — such as posts on The Floor, your public profile, and gym check-ins — is visible to your followers and, depending on your settings, other users.

With sellers and fulfillment partners. When you place an order, we share the order details and shipping information needed to fulfill it with the independent brand selling the product and any carrier handling delivery.

With service providers. We share data with vendors who process it on our behalf under contract, as described in "Third-party services" below.

For legal and safety reasons. We may disclose information if required by law, to enforce our terms, to detect or prevent fraud or abuse, or to protect the rights, property, or safety of PHYZIK, our users, or the public.

Business transfers. If we are involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction, subject to this policy.

We may also share anonymized or aggregated data that cannot reasonably be used to identify you.

Third-party services

We rely on the following third parties to operate the Services. Each has its own privacy policy governing how it handles data.

Supabase — database, authentication, and file storage. Stripe — payment processing for marketplace purchases and web subscriptions. PostHog — product analytics and usage measurement. Sentry — crash reporting and performance diagnostics. Anthropic (Claude) — AI processing of meal photos and voice workout logging. Apple HealthKit — optional read/write of health and fitness data on iOS. Apple Sign-In and Google Sign-In — optional authentication. Apple Push Notification service and Firebase Cloud Messaging — push notification delivery. Expo / EAS — app build and update distribution. Where you enable them, your device's contacts, calendar, and maps providers are also involved in delivering those specific features.

Data storage and security

Your data is stored on Supabase infrastructure hosted in the United States. We implement row-level security (RLS) so users can only access their own data, encrypt data in transit, hash passwords using industry-standard algorithms, and store photos and media in access- controlled cloud storage. No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we work to protect your information using reasonable technical and organizational measures.

Your rights and choices

You can access and update your information in the App's profile settings at any time. You can delete your account and associated data using the in-app account-deletion feature or by emailing us. You can request a copy of your data, ask us to correct or delete information, and object to or restrict certain processing, subject to applicable law. Depending on where you live, you may have additional rights under laws such as the GDPR or the CCPA/CPRA, including the right to know what personal information we hold and the right not to be discriminated against for exercising your rights. You can also block other users, control who sees your content, manage app permissions in your device settings, and opt out of non-essential notifications.

Data retention

We retain your data for as long as your account is active. When you delete your account, we permanently delete associated data — including workout history, nutrition logs, posts, messages, and media — within 30 days. Order and transaction records may be retained longer where required for tax, accounting, fraud-prevention, or legal-compliance purposes. Some anonymized aggregate data may be retained indefinitely for product improvement.

Account deletion

You can permanently delete your PHYZIK account at any time. From the app, go to Profile → Settings → Account → Delete account and confirm three times. If you can't sign in, email admin@phyzik.app from your registered address and we will process the deletion within 7 business days. Workouts, nutrition logs, posts, messages, media, and profile data are removed within 30 days. Aggregated analytics and certain transaction or audit records are retained for up to 12 months (or longer where legally required) for fraud prevention and compliance. Full instructions live at phyzik.app/delete-account.

Children's privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. Users between 13 and 17 must have parental or guardian consent to use the App. Purchasing physical goods through PHYZIK Shop is restricted to users who are at least 18 years old (or the age of majority where they live). If we learn we have collected personal information from a child under 13 without appropriate consent, we will promptly delete it.

International users

We operate in the United States, and your information is processed and stored there. If you access the Services from outside the United States, you understand that your information will be transferred to and processed in the United States, which may have different data-protection laws than your country.

Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the Services or via email. Continued use of the Services after changes take effect constitutes acceptance of the updated policy.

Contact us

Physique Technologies LLC
admin@phyzik.app