Yes. GainLogger is completely free to download and use on both iOS and Android. The free plan includes core workout logging, progress tracking, and up to 3 workout templates. You can upgrade to Pro for $3.99/month to unlock unlimited templates, advanced analytics, and more.

What can I track with GainLogger?

GainLogger lets you track sets, reps, and weight for every exercise in your workout. You can monitor progressive overload, view volume trends and muscle balance charts, track personal records, and earn milestone achievements as you build consistency.

Is GainLogger available on iOS and Android?

Yes. GainLogger is available as a free download on both the Apple App Store (iOS) and Google Play Store (Android). Your data syncs across devices when you create an account.

Do I need an internet connection to use GainLogger?

No. GainLogger works offline so you can log workouts even without an internet connection. Your data will sync automatically when you reconnect.

What does GainLogger Pro include?

GainLogger Pro ($3.99/month) unlocks unlimited workout templates, advanced analytics with detailed charts and muscle balance insights, community template sharing, and priority support. The free plan covers core logging and basic tracking for most users.

Privacy Policy

Last updated: March 18, 2026

This Privacy Policy describes how GainLogger (“we,” “us,” or “our”) collects, uses, and shares your personal information when you use our mobile application and website (collectively, the “Services”).

Table of Contents

What Information Do We Collect?
How Do We Process Your Information?
When and With Whom Do We Share Your Information?
International Data Transfers
How Do We Handle Your Social Logins?
How Long Do We Keep Your Information?
How Do We Keep Your Information Safe?
What Are Your Privacy Rights?
Do We Collect Information from Minors?
Do We Make Updates to This Policy?
How Can You Contact Us?

1. What Information Do We Collect?

Personal information you provide to us

We collect personal information that you voluntarily provide when you register for an account, use our Services, or contact us. This includes:

Account information: name (optional), email address, and password
Profile preferences: weight unit (kg/lb), first day of week, timezone
Fitness data: workout sessions, exercise logs, workout templates, progress records, and personal records. This data may be considered health-related information under certain privacy laws.
Photos: you may optionally take or select photos for exercise variants using your device camera or photo library. These images are uploaded and stored on our servers.
Push notification tokens: if you opt in to push notifications, we store a device token to deliver notifications

Information received from third parties

We may receive limited personal information from third parties in connection with your use of our Services, including:

Social login providers (Google, Apple): If you choose to register or log in using Google Sign-In or Apple Sign-In, we receive your name and email address from the respective provider to create or link your account.
Subscription management (RevenueCat): We receive purchase and subscription status data (product ID, expiration date, platform) from RevenueCat to manage your subscription tier.

Information automatically collected

Timezone data: We store your device's timezone setting (e.g., “Europe/Berlin”) to ensure dates, streaks, and workout history display correctly. This does not reveal your precise geographic location. We do not request GPS or location permissions.
Server logs: Our backend servers automatically log request metadata including your IP address, request timestamps, HTTP method, URL path, and response status codes. These logs are used for security monitoring, debugging, and maintaining service reliability. Logs are not shared with third parties.
Crash & error reporting (Sentry): Our mobile app uses Sentry, a crash reporting and error monitoring service hosted in the EU (Germany), to detect and diagnose technical issues. Sentry automatically collects crash reports, error logs, device information (model, OS version), and app navigation breadcrumbs. Sentry may also collect your IP address and user ID to help us correlate errors with affected accounts. For more information, see Sentry's privacy policy.
Website analytics (Google Analytics): Our website uses Google Analytics 4 to collect anonymized usage data such as page views, referral sources, device and browser type, and approximate geographic region. Google Analytics uses cookies to distinguish unique users. This data helps us understand how visitors interact with our website and improve our content. No personally identifiable information is sent to Google Analytics. This applies to the website only, not the mobile app.

Sensitive information

Your fitness and workout data may be considered health-related information under certain privacy regulations. We process this data only to provide and improve our Services.

Device storage

Mobile application: Our mobile app stores your authentication token and cached data locally on your device using platform-native storage (AsyncStorage). We do not use cookies in the mobile app.
Website: Our website uses the following storage mechanisms:
- localStorage (cookie-consent): stores your cookie consent preference. Persistent until cleared.
- Google Analytics cookies (_ga, _ga_*): set only after you accept the cookie consent banner. Used to distinguish unique visitors. Expire after 2 years (_ga) and 24 hours (_ga_*).
- We do not use advertising cookies or tracking cookies for ad targeting.

Information we do NOT collect

We do not request GPS, microphone, or contacts permissions
We request camera and photo library access only when you choose to attach a photo to an exercise variant. This permission is optional and can be denied without affecting core functionality.
We do not use advertising SDKs or ad tracking
We do not use third-party analytics or advertising SDKs in the mobile app (no Firebase Analytics, no ad networks)
We do not sell or share your data with data brokers

2. How Do We Process Your Information?

We process your personal information for the following purposes:

Account management: to create and manage your user account, authenticate your identity, and maintain your profile settings
Providing the Services: to store, display, and sync your workout data, templates, progress, and personal records
Communications: to send you email verification codes, password reset emails, and push notifications (when opted in)
Subscription management: to verify your subscription status and provide access to premium features
Security and fraud prevention: to monitor for suspicious activity, enforce our terms, and protect our users
Service improvement: to maintain, debug, and improve the reliability and performance of our Services
Crash reporting and diagnostics: to automatically detect, report, and diagnose crashes and errors in the mobile app to improve stability

Legal bases (GDPR): We process your data based on (a) your consent (e.g., opting in to notifications), (b) performance of a contract (providing the Services you signed up for), and (c) our legitimate interests (security, service improvement).

3. When and With Whom Do We Share Your Information?

We may share your data with the following categories of third-party service providers who help us operate our Services:

Service	Data Shared	Purpose
Supabase (database hosting, EU region)	All account and workout data, exercise photos	Database infrastructure and storage
RevenueCat	User ID, subscription/purchase status, platform	In-app purchase and subscription management
Resend	Email address	Sending email verification codes and password reset emails
Expo Push Notifications	Push notification tokens, notification content	Delivering push notifications to your device
Sentry (EU datacenter, Germany)	Crash reports, error logs, device info, IP address, user ID	Crash reporting and error monitoring
Google Analytics (website only)	Anonymized usage data (page views, device/browser info, approximate location)	Website traffic analysis and audience insights
Google (Sign-In only)	Authentication tokens	Account authentication via Google Sign-In
Apple (Sign-In only)	Authentication tokens	Account authentication via Apple Sign-In

We do not sell your personal information to any third party.

We use Google Analytics on our website for anonymized traffic analysis only. We do not use advertising networks, data brokers, or analytics platforms that share your data for ad targeting or profiling purposes.

Social features

If you use social features (template sharing, user search), your name and public ID may be visible to other users. Your email address is never exposed to other users.

4. International Data Transfers

Our primary database is hosted in the EU (Supabase, eu-central-1) and crash reporting data is processed in the EU (Sentry, Germany). However, some service providers are based in the United States, which means your personal data may be transferred to and processed in the US:

Service	Location	Safeguards
Supabase	EU (eu-central-1)	Data remains in EU
Sentry	EU (Germany)	Data remains in EU
RevenueCat	United States	Standard Contractual Clauses
Resend	United States	Standard Contractual Clauses
Expo Push Notifications	United States	Standard Contractual Clauses
Google (Sign-In, Analytics)	United States	EU-US Data Privacy Framework
Apple (Sign-In)	United States	Standard Contractual Clauses

Where personal data is transferred outside the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or the EU-US Data Privacy Framework.

5. How Do We Handle Your Social Logins?

We provide you with the option to register or log in using your existing Google or Apple account. If you choose to register this way, we receive your name and email address from the provider to create your account. We do not receive or store your social account password. We do not support Facebook, X (Twitter), or other social media logins.

The profile information we receive may vary depending on the provider and your privacy settings with that provider. We use this information only for authentication and account creation.

Google API Limited Use Disclosure: Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

6. How Long Do We Keep Your Information?

We retain your personal information for as long as your account is active. Specific retention periods:

Account data (profile, workout history, templates, records): retained until you delete your account
Email verification codes: automatically expire after 15 minutes
Password reset codes: automatically expire after 1 hour
Push notification tokens: retained until your device unregisters or you delete your account
Server logs: retained for operational purposes and periodically rotated
Exercise photos: retained until you remove the photo or delete your account
Crash reports (Sentry): retained by Sentry for 90 days (default retention period)

When you delete your account, all associated data is permanently removed from our systems, including workout history, templates, progress records, exercise photos, and push notification tokens.

Please note that third-party service providers (such as RevenueCat for subscription management, Apple App Store, or Google Play Store) may retain purchase and transaction records in accordance with their own privacy policies and applicable law.

7. How Do We Keep Your Information Safe?

We implement appropriate technical and organizational measures to protect your personal information, including:

HTTPS/TLS encryption for all data in transit
Password hashing using industry-standard algorithms (passwords are never stored in plain text)
Row-Level Security (RLS) policies in our database ensuring users can only access their own data
JWT-based authentication with 30-day token expiry
Database hosted in the EU (eu-central-1) with Supabase

However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

8. What Are Your Privacy Rights?

EU/EEA residents (GDPR)

If you are located in the EU/EEA, you have the following rights:

Access: request a copy of your personal data
Rectification: request correction of inaccurate data
Erasure: request deletion of your data (you can delete your account in the app's Account tab)
Restriction: request that we limit processing of your data
Portability: request your data in a structured, machine-readable format
Objection: object to processing based on legitimate interests
Withdraw consent: where processing is based on consent, you may withdraw at any time

California residents (CCPA/CPRA)

If you are a California resident, you have the right to:

Know what personal information we collect, use, and disclose
Request deletion of your personal information
Opt out of the sale of personal information (we do not sell your data)
Non-discrimination for exercising your privacy rights

Categories of personal information collected (US state laws)

Category	Collected	Examples
A. Identifiers	YES	Email address, name, user ID, public ID
B. California Customer Records	YES	Name, email address
C. Protected classifications	NO
D. Commercial information	YES	Subscription status, purchase history (via RevenueCat)
F. Internet activity	YES	Server logs (IP address, request metadata)
K. Inferences	NO

Do Not Track

Some browsers include a Do Not Track (DNT) setting. No uniform standard for DNT has been finalized, so we do not currently respond to DNT signals. If a standard is adopted, we will update this policy accordingly.

Exercising your rights

To exercise any of these rights, you can:

Delete your account directly from the Account tab in the app
Email us at the contact address below

9. Do We Collect Information from Minors?

We do not knowingly collect data from or market to children under 16 years of age. If we learn that we have collected personal information from a child under 16, we will take steps to delete that information promptly. If you believe we have collected information from a minor, please contact us.

10. Do We Make Updates to This Policy?

We may update this Privacy Policy from time to time. The updated version will be indicated by the “Last updated” date at the top of this page. We encourage you to review this Privacy Policy periodically. If we make material changes, we will notify you through the app or by email.

11. How Can You Contact Us?

If you have questions or comments about this Privacy Policy, you may email us at:

support@gainlogger.app