Apex Log

Privacy Policy

Last updated: December 2024

1. Introduction & App Overview

Apex Lab Studio (Apex Log) ("we", "our", or "us") is a fitness and health tracking application designed to help users track workouts, fasting, step activity, and personalised fitness plans.

This Privacy Policy explains how we collect, use, store, and protect your information when you use the Apex Lab Studio (Apex Log) mobile application (the "App").

If you have any questions or concerns about this policy or your data, please contact us at:
Privacy Contact Email: apexlabs.ops@gmail.com

2. Information We Collect

A. Account Information

  • Email address (used for authentication)
  • Password (securely hashed and managed via Supabase)
  • Display name
  • Account creation date

B. Health & Fitness Data

  • Physical metrics: weight, height, body fat percentage, age, biological sex
  • Step count data (from device sensors, where permitted)
  • Fasting data: start times, end times, and duration
  • Workout data, including:
    • Exercises performed
    • Sets, repetitions, weight, and RPE
    • Workout notes
    • Session start and end times
    • Workout programs and training plans
  • Fitness preferences:
    • Fitness goals (e.g. weight loss, muscle gain)
    • Activity level and training experience
    • Equipment preferences
    • Preferred exercise types and focus muscle groups
    • Preferred training days and session duration

C. App Usage & Preferences

  • Measurement units (metric or imperial)
  • Colour theme selection
  • Theme mode (light or dark)
  • Timezone

D. Device Information

  • Device type and operating system version
  • App version
  • Network connectivity status (used to manage data synchronisation)

3. How We Collect Information

A. Information You Provide

  • Account registration and login
  • Profile setup
  • Manual workout and fasting entries
  • Preference and settings configuration

B. Information Collected Automatically

  • Step count data via device sensors (with permission)
  • HealthKit data on iOS (read-only, with permission)
  • Activity Recognition data on Android (with permission)
  • Local app usage analytics stored on-device

4. Permissions We Request

Android Permissions

  • ACTIVITY_RECOGNITION — step tracking
  • POST_NOTIFICATIONS — reminders and alerts
  • FOREGROUND_SERVICE / FOREGROUND_SERVICE_HEALTH — background step tracking
  • RECEIVE_BOOT_COMPLETED — restart tracking after device reboot
  • REQUEST_IGNORE_BATTERY_OPTIMIZATIONS — prevent system termination of background services

iOS Permissions

  • HealthKit (Read-Only) — step count data

Note: All permissions are optional. Core functionality remains available without granting these permissions.

5. How We Use Your Information

We use your information to:

  • Provide and operate the App's core features
  • Generate personalised workout and fitness recommendations
  • Sync data across devices (when enabled)
  • Send important service-related notifications
  • Improve app performance and reliability
  • Comply with legal and regulatory requirements

We do not sell personal data and do not use your data for advertising.

6. Data Storage & Security

Local Storage (On Device)

  • Stored using SQLite (via Drift)
  • Protected by device-level encryption
  • Includes:
    • User profile data
    • Workout, fasting, and step logs
    • Exercise library

Cloud Storage

  • Data synchronised to Supabase (PostgreSQL)
  • Encrypted in transit using HTTPS/TLS
  • Encrypted at rest
  • Protected with Row Level Security (RLS)
  • Authentication handled using secure JWT tokens

Security Measures

  • Passwords are securely hashed
  • Secure authentication tokens
  • Strict database access controls
  • Regular security updates and maintenance

7. Third-Party Services

Supabase

  • Provides authentication, database, and data synchronisation
  • Privacy Policy: https://supabase.com/privacy
  • Data may be processed in the EU and/or US

Google Play Store / Apple App Store

  • App distribution and in-app purchases
  • Data related to subscriptions or transactions (if applicable in the future) may be handled by the respective store platforms

Google Fonts

  • Inter font used for typography
  • Fonts may be bundled locally to avoid external network requests

8. Data Sharing & Disclosure

We do not sell personal data.

We only share data:

  • With service providers necessary to operate the App (e.g. Supabase)
  • When required by law or legal process
  • In connection with a business transfer (merger, acquisition, or sale)

Aggregated and anonymised data may be used for internal analytics and product improvement.

9. Data Retention

  • Account data is retained while your account remains active
  • Health and fitness data is retained until account deletion
  • Deleted data is removed from active systems within 30 days
  • Backup data may persist for up to 90 days for recovery purposes

10. Your Rights & Choices

Access & Portability

  • View your data within the App
  • Export your data (where available)

Deletion

  • Delete your account via app settings
  • Contact support for assistance

Correction

  • Update profile information and preferences at any time

Opt-Out

  • Revoke sensor permissions via device settings
  • Disable cloud sync and use the App offline-only

Regional Rights

  • GDPR (EU): Right to access, rectify, erase, restrict, and port data
  • CCPA (California): Right to know, delete, and opt out of sale (we do not sell data)
  • Other regional rights apply where legally required

11. Children's Privacy

Apex Lab Studio (Apex Log) is not intended for children under:

  • 13 years of age (United States)
  • 16 years of age (European Union)

We do not knowingly collect data from children. If such data is discovered, it will be deleted promptly.

12. International Data Transfers

Your data may be processed in the United States, the European Union, or other regions where our service providers operate. Appropriate safeguards, such as Standard Contractual Clauses, are used where required.

13. Offline-First Architecture

Apex Lab Studio (Apex Log) is designed to work offline:

  • Data is stored locally first
  • Cloud sync occurs only when online
  • You control when synchronisation is enabled

14. Changes to This Privacy Policy

We may update this policy periodically. Updates will be posted in-app and/or on our website.

Material changes will be communicated via email or in-app notification. Continued use of the App after updates constitutes acceptance.

15. Contact Information

  • Privacy Inquiries: apexlabs.ops@gmail.com
  • Data Protection Officer: Not Applicable
  • Mailing Address: Not Provided

16. App Store Disclosure Notes

Google Play Store

  • Data Safety section fully disclosed
  • Permissions clearly explained
  • Third-party services transparently listed

Apple App Store

  • App Privacy details completed
  • Privacy Nutrition Labels accurately filled
  • HealthKit usage clearly described (read-only step data)

← Back to Apex Log