App Privacy Policy

Effective date:

This is the privacy policy for the Musklr iOS and watchOS apps. We take privacy seriously and only collect what we need to make the app work and to improve it. We do not sell your data. We do not show ads.

Who runs Musklr

Musklr is operated by Jan Sviland (Norway). For privacy questions, email support@musklr.com.

What we collect

Account data

Sign-in is handled by Sign in with Apple. We receive your Apple-issued user identifier and the email address you choose to share (which may be a private relay address). We do not run our own email/password flow and never see your Apple ID password.

Workout and profile content

Sets, reps, weights, exercise selections, programs, training-session notes, and timestamps you log. Comments, likes, follows, and direct messages you exchange on the social side of the app. This data is stored on our servers — Supabase, hosted in the EU North region (Stockholm, Sweden) — so it can sync across your devices.

Photos and other content you upload

You choose what to share. The app lets you upload:

A profile picture — visible to other users who can see your profile.
Workout photos attached to a session you post — visible to the audience you choose.
Progress photos attached to your training history — private by default; only visible to others if you explicitly share them.
Training-program images for programs you create.
Bio text and a display name on your profile.

Uploads are stored in Supabase Storage (same EU North region). We do not run automated content analysis on your photos and we do not use them to train machine-learning models. You can delete any upload from inside the app; deletions remove the file from our servers within 30 days.

Before upload, every photo is resized and re-encoded on your device. As a side-effect of this pipeline, embedded metadata (EXIF — GPS coordinates, camera model, capture time) is removed; it is never written to our servers.

Subscription data

If you subscribe to Musklr Pro, we store the product you purchased, your subscription status, the expiration date, and the opaque Apple transaction identifier needed to verify your purchase. Payment itself is handled by Apple — we never see your card details, billing address, or App Store account.

Safety records — blocks, reports, and moderation actions

To keep Musklr a useful place for everyone, we store records of the safety actions you and we take.

Blocks. When you block another user, we store a row containing your user identifier, the blocked user's identifier, and the timestamp. This row is visible only to you (enforced by row-level security in our database) and powers the block — it is what tells the app to hide your content from that person and theirs from you. The blocked user is never told they have been blocked and never sees this row.

Reports. When you report content or a user, we store a row containing your user identifier (as the reporter), the user identifier of the person whose content you reported, a reference to the reported item, the category you chose, any optional free-text details you provided, the resulting status (open, under review, actioned, dismissed), and the timestamp. This row is visible only to you and to our moderation team.

Moderation actions. When our moderation team acts on a report (dismisses it, hides content, removes content, suspends or unsuspends an account), we store a row containing the moderator's identifier, the action, the affected user or content, the originating report (if any), an optional note explaining the decision, and the timestamp. This log is private to our moderation team and is what we audit to keep ourselves accountable.

Account suspension state. Each profile carries a current account status (active or suspended). A change to this status is recorded as a moderation action (above) so the history of suspensions and reversals is preserved.

Health data

Musklr integrates with Apple HealthKit on the iPhone and Apple Watch:

During a workout, the Apple Watch reads your live heart rate and active-energy estimates from HealthKit so we can show them on the active set and the rest timer. These live readings are kept in memory only — we never transmit heart-rate data to our servers and never store it after the workout ends.
When you finish a workout, with your permission, we write the workout (type, duration, energy burned) to Apple Health on your device so it appears in your Apple Fitness ring and is available to other Health-aware apps you use.

We never upload your Apple Health database to our servers — the only thing that leaves your device is the workout you've already chosen to log inside Musklr.

Crash and diagnostic data

Production builds of the app use Sentry to capture crash reports and a 20% sample of performance traces. We use these only to find and fix bugs.

What Sentry receives from your device:

Stack traces, error messages, and the sequence of in-app actions ("breadcrumbs") leading up to a crash.
App version, OS version, and device model.
An anonymous view-hierarchy snapshot of the screen at the moment of the crash (the structure of UI elements, no field values, no photos).

What Sentry receives in addition (so we can debug an individual report):

Your Musklr user identifier, attached to the crash event. This lets us correlate a report with the user who emails support — it is the same internal ID we use for your account, not your name or email.

What Sentry does not receive:

Your IP address (PII collection is disabled).
Your email or name.
Screenshots of the app — disabled.
Anything from debug or UI-test builds — those are gated out.

In addition, the iOS and watchOS apps send standard Apple crash logs through your device's built-in reporting, but only if you have opted in via iOS Settings → Privacy & Security → Analytics & Improvements → Share With App Developers.

Third-party processors

We use the following providers to run Musklr. Each processes data on our behalf under a data-processing agreement.

Supabase — account and workout storage (EU North, Stockholm).
Sentry — anonymous crash and performance reporting.
Apple — App Store delivery, In-App Purchase, Sign in with Apple, optional HealthKit writes on your device.

What we do not do

We do not sell or rent your personal data.
We do not show third-party advertising.
We do not use third-party analytics SDKs (no Google Analytics, no Facebook Pixel, no Mixpanel).
We do not read your Apple Health database. We only write to it, with your explicit permission.
We do not track you across other websites or apps.

Retention of safety records

Safety records are retained on a different schedule than ordinary account data because their purpose is to protect users from harm and to keep our moderation accountable.

Blocks. Kept for as long as the block is active. When you unblock someone, or when either account is deleted, the row is deleted within 30 days. Blocks never appear in backups beyond 90 days after deletion.

Reports. Kept indefinitely, even after the reporter or the reported user deletes their account. We retain reports because they form a safety history for the reported content and user — patterns across multiple reporters and over time are what let us recognise serial harassment. When the reporter deletes their account, the reporter identifier on the report is anonymised to a placeholder ("Deleted user"), matching the rest of our anonymisation policy under "How long we keep data". The report itself, including the category and any text details, is preserved.

Moderation actions. Kept indefinitely. This is the audit log of every moderation decision we have ever made and is the record we review when we appeal or revisit a decision.

Account status. A profile's current status (active or suspended) is kept for as long as the account exists. If the account is deleted, the final status is preserved on the originating moderation action (if any) but not on the profile itself, which is removed under the ordinary account-deletion process.

If you would like a safety record about you removed and you are not the subject of an active investigation, you can ask in writing at support@musklr.com. We will respond within 30 days. Note that we may decline removal in cases where the record is needed to protect another user.

How long we keep data

Workout and account data are kept for as long as you have an account.

When you delete your account

Open the app and go to Profile → Settings → Account → Delete Account. After you type DELETE to confirm and authenticate with Face ID (or your device passcode), the deletion runs immediately and cannot be undone. Within 30 days, our servers permanently remove:

Your training history — sessions, sets, reps, weights, programs, exercise statistics, personal records.
Your profile picture, bio text, links, display name, and uploaded media (workout photos, progress photos, training-program images).
Your followers, who you follow, your likes, and your saved preferences.
Your Musklr Pro subscription record on our side (status, expiration, transaction identifier).

We anonymize but do not delete your contributions to other users' content:

Comments you've left on other people's posts.
Direct messages you sent in shared threads — your messages stay in the other person's thread, so their conversation history isn't blanked out.
Mentions of other users you made.
Approved exercise corrections you submitted (these become canonical reference data).
Reports you filed against other users — your reporter identifier becomes "Deleted user"; the report's content, category, and details remain in our safety records.
Moderation actions taken against you, if any — these remain in our audit log under your former user identifier, attributed to the moderator who made the decision.

These items are reattributed to a placeholder identity called "Deleted user." Your username, avatar, and Apple-issued identifier are removed from them entirely. We do this so deleting your account doesn't vandalize other users' threads — it's the same approach Reddit and Strava use, and it's permitted under GDPR Article 17 when balanced against other users' rights.

As part of the same flow we ask Apple to revoke the Sign in with Apple credential. If you instead revoke Musklr from iOS Settings → Apple ID → Sign in with Apple → Stop using Apple ID, Apple notifies our backend and the same deletion runs automatically — you don't need to open the app.

Database backups age out within 90 days of the deletion.

Deleting your account does not cancel an active Musklr Pro subscription. Subscriptions are billed by Apple and must be cancelled in the App Store: Settings → [your name] → Subscriptions. We show this notice in the deletion flow whenever you have an active subscription.

Your rights

Wherever you live, you can ask us to:

Tell you what data we hold about you.
Correct anything that's wrong.
Delete your account — see "How long we keep data" above for the in-app flow and exactly what's deleted versus anonymized. You can also email support@musklr.com if you'd rather have us run it for you.
Export your workout data as a file. We currently handle export requests by email — write to support@musklr.com and we'll respond within 30 days. An in-app export tool is on the roadmap.

If you live in the EU/EEA, the UK, or California, you have additional rights under GDPR and CCPA. The contact email above is the right starting point — we'll respond within 30 days.

Note that we may decline a request to delete a specific safety record (a report you filed, a block another user placed on you, or a moderation action) when keeping the record is necessary to protect another user or to maintain the integrity of our moderation audit trail. We will explain the reason in our response. See Retention of safety records above.

Children

Musklr is rated 12+ on the App Store and is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has created an account, email support@musklr.com and we will delete it.

Changes

We will update this page when our practices change. Material changes will be announced in-app and via email to registered users at least 14 days before they take effect.

Contact

Questions about this policy? Email support@musklr.com.