PRIVACY POLICY
Last updated: 2026-06-03
SHORT VERSION
TOGYM is a workout tracker. Every piece of data you create — your profile, your logged sets, your PRs, your bodyweight, your measurements — is stored locally on your device. We don't have a server account for you. We don't use third-party trackers, SDKs, or advertising networks. We do send anonymous usage pings (see NETWORK CALLS below) so we know whether the app is being used; these pings carry zero personal data.
WHAT WE STORE
On your device. Your workout history, programs, custom exercises, PRs, body measurements, and app settings live in your iPhone's Application Support folder. Apple's standard iOS protections (passcode, encryption at rest) apply.
On our server. Only the public exercise + program catalog (the same one every user of TOGYM downloads at app launch). It contains zero personal information about you.
APPLE HEALTH
If you opt in during onboarding, TOGYM reads your live heart rate from Apple Health during a workout (for the in-session display), and writes completed workouts back to Apple Health. We never send Health data off your device.
BLUETOOTH
TOGYM can pair with a Bluetooth heart-rate strap (Polar, Garmin, Wahoo, etc.) to read live HR during a workout. The strap data stays on your device — it's not transmitted anywhere by us.
NETWORK CALLS
The app makes three kinds of network calls:
1. Catalog fetch. A GET to /api/catalog on this server, to pull the latest exercise + program library. This request carries no identifying data — every device asks for the same public file.
2. Anonymous usage pings. A POST to /api/event on app open, workout completion, PR hit, program adoption, onboarding completion, and coach-tip apply. Each ping carries: (a) the event name, (b) an opaque vendor device identifier issued by iOS (identifierForVendor), (c) neutral coarse metadata (event-specific): exercise IDs trained, rep counts, set counts, session duration in seconds, the ID of an adopted program template. The server logs a two-letter country code derived from the request IP for app_open events only (so we know roughly where the app is being used); IPs themselves are never stored. Never: your name, email, Apple ID, phone, street/city/precise location, contacts, health data, photos, biometrics, or any field that could be re-identified. The vendor ID is anonymous — Apple does not let us correlate it to your Apple ID — and resets if you delete every app from this developer.
3. AI coach & program generation — only if you turn AI on. When you enable an AI coach mode or generate an AI program, the app sends the minimum context the model needs, through our server to an AI provider: the relevant exercise IDs, your planned/logged sets, reps, target RIR/RPE, rest times, and coarse readiness labels (e.g. "low sleep", "HR elevated") — never raw heart-rate numbers, sleep hours, bodyweight, your name, email, Apple ID, or location. If you paste your own AI provider key in Settings, the request bills to your key; otherwise it uses our shared quota. The provider processes the request only to return a response and does not use it to train its models. The free, non-AI coach runs entirely on-device with no network calls, and you can switch the coach fully OFF in Settings.
WHO WE SHARE WITH
Nobody. There's nothing to share — we don't collect.
DELETING YOUR DATA
Tap the "ERASE ALL DATA" button under Profile → Settings → Data, or delete the TOGYM app from your phone. Either action removes everything we have access to.
QUESTIONS
Email hello@togym.app.