Privacy Policy
Effective date: June 27, 2026
This Privacy Policy describes how Progresa (“we”, “us”, “our”) handles personal information when you use our mobile and web applications (the “Service”). Progresa is operated by Josh Roberts as an individual. If you have questions about anything below, contact us at joshdroberts2010@gmail.com.
Who we are
Progresa is a personal strength-training log: you record your workouts, the app tracks progression and shows you charts, and an AI coach analyzes your training history. The Service consists of an iOS app distributed via the Apple App Store and a web app at https://getprogressa.com.
What we collect
We only collect what you give us. There is no advertising, no third-party analytics, and no tracking across other apps. The following is the full list of data we store about you:
- Account information: username, display name (optional), and a one-way hashed password. We do not require an email address to create an account.
- Workout data: exercises you log, sets (weight, reps, rest, set type, optional left/right side, optional timed-hold duration), an optional per-exercise pain score (0–10), workout dates, per-exercise notes, per-workout notes, equipment used, unilateral / bodyweight flags.
- Exercise library: exercise names you log, optional muscle tags, body-area tag, movement-pattern tag.
- Saved routines: named workout templates you create.
- Bodyweight logs: date, weight, an optional per-entry note, and the entry’s source — logged manually, or imported from Apple Health if you’ve enabled the optional sync (see “Apple Health” below).
- Training context: the free-text “health context” and “goals context” you enter on the Settings page — these flow into the AI analysis prompt when you use it.
- AI analysis history: for each analysis you run, we store the model used, the JSON bundle we sent, Claude’s response, and per-run token + cost metadata.
- Subscription state: your account tier and (once subscriptions launch) the current subscription expiry date. We do not store payment information.
- Feedback: if you submit feedback via Settings → Send feedback, we store the message, the originating client (web or iOS), and link it to your account.
- Authentication tokens: when you sign in we issue a JSON Web Token (JWT). The JWT is stored locally on your device (iOS Keychain on iOS, browser local storage on the web) — never on our servers.
We do not collect device identifiers (such as IDFA), location, contacts, photos, advertising data, or analytics events.
How we use your data
- Operate the Service — display your workouts, compute KPIs and charts, suggest progression, save and replay routines.
- Run AI analysis — when you tap “Analyze” or “Generate routine,” we send a JSON bundle containing your workout history, library tags, training context, bodyweight trend, and analysis options to Anthropic’s Claude API. We do not include your password or payment information. See “Third parties” below.
- Account communication — only as needed for service-related issues, such as responding to feedback you submit.
We do not sell, rent, or share your data for marketing, advertising, or any commercial purpose unrelated to operating the Service. The one case where your data is visible to another Progresa account is when you explicitly link a personal trainer through the in-app double opt-in described in “Trainer access / shared accounts” below — and only for as long as that link remains active.
Social features
Progresa includes optional social features — friends, following, an activity feed of people you follow, and sharing a workout with a friend. They are governed by a single master switch: new accounts are asked during onboarding (you can opt out), existing accounts are off until you opt in, and you can turn the whole thing off anytime in Settings. When it’s off you are invisible and un-targetable to other users, and your connections are kept but dormant.
When you use the social features, we store:
- Social profile: your username and display name, and whether you allow others to find you by your exact username.
- Connections: your friend links, who you follow and who follows you, and any users you have blocked.
- Shared workouts: when you share a workout with a friend, a reference to that workout and who you shared it with.
- Reports: if you report a user or content, we store the report (who/what, a reason, and your optional note). Reports are visible only to the operator for moderation.
Discovery is private by default — others can find you only by your exact username, never by email or phone — and your workouts are private unless you share them with a friend or your followers can see them per your settings. Blocking severs the relationship both ways. We do not sell or share this data, and deleting your account removes all of it (connections, follows, blocks, shared-workout references, and reports you filed). California residents’ rights described under “Your rights and controls” apply to this data as well.
Apple Health (HealthKit)
The iOS app can optionally sync with Apple Health. Every part is off by default and only activates if you turn it on under Settings → Apple Health, at which point iOS shows the standard Health permission sheet. The Health data types involved are body mass (bodyweight), which we read and write, and — only if you separately turn on “Share recovery with AI” — sleep and active energy, which we only read (never write). We request nothing else.
- Reading: weigh-ins recorded in Apple Health (from a smart scale, Apple Watch, or another app) are imported as Progresa bodyweight logs and stored on our server alongside your manually entered logs, marked with their source.
- Writing: bodyweight you log in Progresa is saved into Apple Health on your device. That copy lives in Apple’s Health store under your control — you can view or delete it in the Health app at any time.
- Recovery context (read-only): if you turn on “Share recovery with AI”, the app reads your recent sleep and active energy from Apple Health so an AI analysis can weigh recovery against your training. This data is only read (never written back), and a recent series is included in the analysis bundle only on the runs you trigger while this setting is on — it is never stored on our server as its own record and never sent anywhere otherwise. Turn the setting off and no sleep or energy data leaves your device.
- AI analysis: your bodyweight trend — including Health-imported entries — is part of the bundle sent to Anthropic when you explicitly run an AI analysis, exactly like manually logged bodyweight. It is never sent anywhere otherwise.
- Never for advertising: we do not use Apple Health data for advertising or marketing, do not sell or rent it, and do not share it with data brokers or any third party except as described in the AI-analysis point above.
- Turning it off: disable the sync in Settings → Apple Health inside the app, or revoke access in iOS Settings → Privacy & Security → Health → Progresa. Already-imported logs can be deleted in the app like any other bodyweight entry, and deleting your account removes them all from our server.
Third parties
We use the following service providers. They process your data only as needed to provide their services, and they are governed by their own privacy policies.
- Anthropic (Claude API) — receives the workout bundle described above when you run an AI analysis or generate a routine. Anthropic’s API policy retains submissions for a limited safety-review period and does not use API data to train models. See Anthropic’s privacy policy.
- Cloudflare — provides our public HTTPS edge and the Cloudflare Tunnel between Cloudflare and our backend. Cloudflare sees request metadata (timestamps, IPs, paths) for security and routing. See Cloudflare’s privacy policy.
- Apple — if you download the app from the App Store, manage a subscription, or sign in with Apple, Apple’s standard data handling applies. See Apple’s privacy policy.
- Google (Gmail SMTP) — feedback you submit through the in-app feedback form is delivered to the developer’s inbox via Google’s SMTP service. The email contains your username, display name, and the message you typed.
Security
- All traffic between your device and the Service is encrypted in transit (HTTPS / TLS).
- Passwords are stored as one-way hashes and are never recoverable.
- Auth tokens (JWTs) live in iOS Keychain on iOS and browser local storage on the web.
- The database is on a private network and is not directly reachable from the public internet.
No system is perfectly secure. If we discover a security incident that materially affects your data, we will notify affected accounts.
Trainer access / shared accounts
Progresa lets you connect with a personal trainer so they can coach you inside the app. This is entirely optional and off unless you turn it on. A trainer can only link to your account through an explicit, in-app double opt-in: the trainer sends you an invitation, and the link becomes active only after you explicitly approve it inside the app. No one is ever connected to your data silently or without your consent.
Once you approve, a linked trainer can:
- View your training — your workouts, sets, per-exercise pain scores, rehab episodes, bodyweight, recovery, your free-text health and goals context, and your full training history.
- Log and edit workouts on your behalf — record sessions and correct entries in your log for you.
- Run AI coaching about you — when your trainer runs an AI analysis, generates a routine, or chats with the AI coach about your training, the relevant parts of your data — including the health-adjacent data above (pain scores, rehab notes, health and goals context, bodyweight, recovery) — are sent to our third-party AI provider, Anthropic (Claude), exactly as described in “Run AI analysis” and “Third parties” above. As with all coaching in Progresa, this is to log, track, and inform training decisions — it is never medical diagnosis or treatment.
- Exchange direct messages with you — you and a linked trainer can send each other direct, person-to-person messages inside the app.
A linked trainer cannot see your password, billing or payment details, or change your account settings, and cannot read your own personal AI chats. This sharing happens only between Progresa accounts, at your direction — your data is never sold or shared with advertisers because of a trainer link.
You can revoke a trainer’s access at any time from the app, and either party can end the link. Revocation takes effect immediately: the trainer can no longer view your data, log on your behalf, run AI coaching about you, or message you through the link.
Your rights and controls
- Access — every piece of data we hold about you is visible inside the app: your workouts, sets, library, routines, bodyweight logs, analysis history, and any free-text context you entered.
- Correction — edit any of the above directly in the app.
- Deletion — Settings → “Delete my account” permanently removes your account and all associated data (workouts, exercises, routines, bodyweight logs, exercise library, and AI analysis history). Past feedback submissions are kept but anonymized: the message is retained, the link to your account is removed. The deletion is immediate and not recoverable.
- Trainer access — if you have linked a trainer, you can revoke their access at any time from the app. Revocation takes effect immediately (see “Trainer access / shared accounts” above).
- Subscription management — subscriptions are managed via the App Store on iOS (Settings app → Apple ID → Subscriptions) or via the web checkout on the web. Cancellations take effect at the end of the current billing period.
Subscriptions and billing
Once paid plans launch:
- On iOS, subscriptions are processed by Apple through the App Store. We receive only the entitlement status (active / expired) and the expiry date — not your payment information.
- On the web, subscriptions are processed by Stripe. We receive only the subscription status, customer ID, and expiry date — not your full payment information. See Stripe’s privacy policy.
Children
The Service is for users 13 and older. We ask for your date of birth at sign-up and block registrations from anyone under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us data, contact us and we will delete it.
Cookies and similar technology
The web app uses one item of browser local storage (wt_token) to keep you signed in between visits. We do not use analytics cookies, advertising cookies, or third-party tracking cookies.
Changes to this policy
We may update this policy when the Service changes — for example, when we add a new third-party processor or when we change what data is collected. The “Effective date” at the top of this document reflects the most recent revision. Material changes will be announced in-app.
Contact
Questions, requests, or notices regarding this policy should go to:
Josh Roberts
Email: joshdroberts2010@gmail.com