Privacy Policy

1. Introduction

Welcome to Reppy, operated by Sherringford Co., Ltd (“we,” “our,” or “us”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the “Service”).

Reppy is a strength training tracker. Most of what you do in the app — your workout logs, exercise history, progress statistics, personal profile, and the photos and videos you attach to workouts — is kept on your device. The Service does not require account creation or authentication.

Some features of the Service communicate with external providers. The main one is Physique Score, which sends a body photo you capture to our analysis service and to Google's Gemini AI for aesthetic scoring. We also use Sentry for crash reporting and RevenueCat for subscription management. All of this is described in detail below.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not access the Service.

2. Information We Handle

2.1 On-Device Data

The following data is created and stored on your device only. We do not have access to, collect, or transmit this data:

• Workout logs (exercises, sets, reps, weight, rest times, duration, notes)
• Exercise library data, including custom exercises you create
• Progress statistics and analytics (volume charts, streaks, totals)
• Personal profile (name, height, weight, training preferences, goals)
• Photos and videos you attach to workouts
• App settings and preferences (unit system, share template choices)

2.2 Physique Score (AI Body Analysis)

Physique Score is an optional feature that uses Google's Gemini generative AI model to rate the visual aesthetics of a body photo you capture. When you use this feature:

• The photo is sent from your device to our API at api.getreppy.app over an encrypted connection (HTTPS/TLS), and is then forwarded to Google's Gemini API for analysis.
• Our server holds the photo only in memory for the duration of the request. We do not write it to disk, save it to any database, or retain it after returning the result.
• The resulting score is not saved on your device after the session ends. Each analysis is independent.
• Google processes your image under its Gemini API Terms and Privacy Policy. Google may temporarily retain content submitted to the Gemini API for abuse monitoring and service-quality purposes; consult Google's terms for details.
• Use of Physique Score is entirely optional. If you do not use it, no photo is ever sent to any server.

2.3 Crash Reporting (Sentry)

We use Sentry to collect crash and error reports. When the app encounters an error, the following may be collected:

• Device type and model
• Operating system and version
• App state at the time of the error
• Screenshots of the app UI at the time of the crash
• View hierarchy information

2.4 Subscription Data (RevenueCat)

If you subscribe to Reppy Pro, the following is processed by RevenueCat:

• Anonymous app user identifier
• Subscription status and purchase history
• Transaction receipts from the App Store or Google Play

2.5 No Third-Party Analytics

We do not use third-party analytics services such as Firebase Analytics, Mixpanel, Amplitude, or similar products. We do not track your usage behavior, feature interactions, or engagement metrics.

3. How We Use Your Information

We use the limited information we collect to:

• Provide, maintain, and improve the Service
• Generate Physique Score results when you use that feature
• Process crash reports to identify and fix bugs and stability issues
• Manage subscription status and process payments through RevenueCat
• Comply with legal obligations

We do not use your information for advertising, data monetization, or any purpose other than operating and improving the Service.

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We share limited information with the following service providers:

• Sentry — crash reporting and error tracking
• RevenueCat — subscription and payment management
• Apple — app distribution and in-app purchases on iOS
• Google Play — app distribution and in-app purchases on Android
• Google (Gemini API) — AI aesthetic analysis of photos you submit to the Physique Score feature

Your workout logs, exercise history, progress statistics, and the photos and videos you attach to workouts remain on your device and are never shared with any third party.

Legal Requirements: We may disclose information if required by law or in response to valid requests by public authorities.

Business Transfers: In the event of a merger, acquisition, or sale of assets, information may be transferred as part of that transaction.

5. Data Security

On-device data is protected by your operating system's built-in security features, including device-level encryption. Any data transmitted to our API or to our service providers (Sentry, RevenueCat, Google Gemini) is secured in transit using industry-standard encryption protocols (HTTPS/TLS).

6. Data Retention

On-Device Data: Your workout data, exercise history, and personal profile are stored on your device until you choose to delete them. Deleting the app permanently removes this data. We recommend using your device's backup features (iCloud Backup, Google Backup) to preserve it.

Physique Score Photos: Photos submitted to Physique Score are discarded immediately after the analysis response is returned. Neither our server nor your device retains them.

Crash Reports: Crash reports are retained by Sentry in accordance with their data retention policies.

Subscription Records: Subscription data is retained by RevenueCat in accordance with their data retention policies and applicable legal requirements.

7. Your Rights and Choices

8. Device Permissions

9. International Data Transfers

On-device data is not transferred internationally. Crash reports may be processed by Sentry in the United States. Subscription data may be processed by RevenueCat internationally. Physique Score photos are processed by our API (hosted in the United States) and by Google's Gemini API (operated globally) before being discarded. We take appropriate safeguards to protect your information in accordance with this Privacy Policy.

10. Children's Privacy

The Service is not intended for children under 13 years of age (or 16 in certain jurisdictions). We do not knowingly collect personal information from children under these ages. If you become aware that a child has provided us with personal information, please contact us immediately.

11. AI-Generated Content Disclaimer

Physique Score scores, metrics, and feedback are generated by a third-party AI model (Google Gemini) and are provided for informational and motivational purposes only. They are visual aesthetic estimates, not medical, clinical, nutritional, or professional fitness assessments.

AI output can be inaccurate or inconsistent between sessions and is influenced by factors such as photo quality, lighting, pose, and clothing. Do not rely on Physique Score output to make medical, nutritional, or training decisions. For personalized guidance, consult a qualified professional.

12. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the “Effective Date” at the top

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

Sherringford Co., Ltd

Email: [email protected]