Privacy Policy
Effective Date: March 19, 2026
SquatPass (“we”, “our”, or “us”) operates the SquatPass mobile application. This Privacy Policy explains what data we collect, how we use it, and your rights.
1. Data We Collect
Account Information
- Name — first name, provided during onboarding or via Apple Sign In.
- Display name — chosen during onboarding. Shown publicly on the in-app global leaderboard alongside your rep count. You may change it at any time from Profile, or block another user to hide their display name from your view.
- Email address — collected during email sign-up or Apple Sign In (optional).
- User ID — a unique identifier assigned when your account is created.
Onboarding Quiz Responses
During onboarding you answer questions about your screen-time goals, daily phone usage, and fitness preferences. These responses are stored to personalize your experience.
Fitness & Workout Data
- Number of squat repetitions per session
- Workout duration (seconds)
- XP earned and current level
- Streak length (consecutive days with workouts)
- Daily squat goal setting
Subscription Information
If you purchase a subscription, we store your subscription status, plan type, and transaction identifiers provided by Apple. We do not have access to your payment method or billing details — those are handled entirely by Apple.
2. Camera Usage
SquatPass uses your device camera to detect squat movements in real time using on-device pose estimation (QuickPose SDK). No video or images are recorded, stored, or transmitted. All pose detection processing happens locally on your device. The camera feed is never uploaded to any server.
3. How We Use Your Data
- Provide the service — track workouts, calculate XP, maintain streaks, and manage your time-bank balance.
- Gamification — evaluate badge/achievement criteria and display progress.
- Personalization — tailor the experience based on your onboarding quiz answers.
- Subscription management — verify purchase status with Apple's servers.
- Notifications — send a daily streak reminder (if you grant permission). No data about notification delivery or opens is collected.
- Public leaderboard — display your chosen display name, avatar, and rep count to other SquatPass users on the in-app global leaderboard. You can change what appears there or block another user from your view at any time.
- Moderation — if you file a report against another user, we store that report (your user ID, the reported user ID, and any reason you provided) so we can review display names and account behaviour. Reports are not visible to other users.
4. Third-Party Services
| Service | Data Shared | Purpose |
|---|---|---|
| Supabase | Account info, workout data, subscriptions | Backend database and authentication |
| Trophy (trophy.so) | User ID, email, rep count, timezone | Gamification — XP, streaks, achievements |
| Apple (Sign In with Apple) | Name, email (at your discretion) | Authentication |
| Apple (App Store Server API) | Transaction ID | Subscription validation |
| Superwall | Subscription status | Paywall management |
We do not sell, rent, or share your personal data with advertisers or data brokers.
5. Data Stored on Your Device
- Offline workout queue — workouts completed without an internet connection are stored locally in a SQLite database and synced when connectivity returns. They are deleted from local storage after a successful upload.
- App blocking preferences — the list of apps you choose to block and your time-bank balance are stored locally on your device and in an App Group. This data is never sent to our servers.
- Authentication session — your login session is persisted locally so you stay signed in between app launches.
6. What We Do Not Collect
- Location data
- Contacts or address book
- Health app (HealthKit) data
- Advertising identifiers (IDFA)
- Device fingerprints or UDIDs
- Browsing or search history
- Microphone audio
- Analytics or crash data (no analytics SDKs are integrated)
7. Data Retention
We retain your account and workout data for as long as your account exists. If you delete your account (see below), all associated data is permanently removed from our servers.
8. Account Deletion
You can delete your account at any time from Profile → Delete Account within the app. Deleting your account permanently removes:
- Your user profile and quiz responses
- All workout history
- Stats, achievements, and streaks
- Blocked app preferences
- Subscription records
This action is irreversible. Locally stored data (offline queue, app blocking preferences) is cleared when you sign out.
9. Children's Privacy
SquatPass is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will delete it promptly.
10. Security
We use industry-standard security practices, including encrypted connections (HTTPS/TLS), row-level security on our database, and server-side authentication validation. API keys embedded in the app are restricted to public-facing operations only.
11. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data (via in-app account deletion or by contacting us)
- Object to or restrict processing of your data
To exercise any of these rights, contact us at the address below.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by updating the “Effective Date” at the top of this page. Continued use of the app after changes constitutes acceptance.
Contact Us
If you have any questions about this Privacy Policy, please contact us at:
hello@squatpass.app