Privacy Policy

Last updated: June 27, 2026

This Privacy Policy explains how StallFix ("the app", "we", "us"), operated by Andrea Nardelli, collects, uses, stores and protects your information. By using StallFix you agree to the practices described here.

1. Data we collect

We only collect data you provide or generate while using the app:

Account data: your email address, and — if you sign in with Google — the name and email associated with your Google account.
Profile data: name, age, body weight, training goal and experience level.
Training data: your workouts, exercises, sets, weights, reps, rest times and hours of sleep.
Body metrics: body-weight log entries you add.
Usage data: basic in-app activity such as number of AI requests, needed to enforce plan limits.

We do not collect your location, contacts, photos or advertising identifiers.

2. How we use your data

To provide the core service: logging workouts and showing your history, analytics and records.
To generate AI coaching recommendations tailored to your training.
To sync your data across your devices so you don't lose it.
To authenticate you and keep your account secure.
To send you the workout reminders you explicitly enable.

3. Where your data is stored

Your data is stored locally on your device (using encrypted secure storage for authentication tokens) and, when you are signed in, synced to our cloud backend powered by Supabase. Access to your cloud data is protected by row-level security so that only your authenticated account can read or write it.

4. Third-party services (data processors)

StallFix relies on a small number of trusted providers, each governed by its own privacy policy:

Supabase — secure cloud database, authentication and sync.
Groq — AI processing. When you use an AI feature, the relevant training and profile data is sent to Groq's API to generate recommendations.
Google — optional "Sign in with Google" authentication.
Resend — sending transactional emails (verification and password-reset codes).
RevenueCat & Apple — processing in-app subscriptions. We never see or store your payment details.

5. AI processing

AI recommendations are generated by sending your workout and profile data to Groq. This data is used to produce your personalized advice. We do not use your data to train AI models. AI suggestions are informational only and are not medical advice.

6. Push notifications

If you enable workout reminders, the app schedules local notifications on your device. You can disable them at any time from your device settings or in the app.

7. Subscriptions

Pro and Elite subscriptions are processed by Apple and managed through RevenueCat. Billing is handled entirely by Apple; StallFix does not access your payment information.

8. Your rights

You can, at any time:

Access and edit your profile and training data directly in the app.
Delete your account — the app includes a "Delete account" option that permanently removes your account and all associated data from our servers.
Withdraw consent by logging out and deleting the app.

If you are in the EU/EEA, you also have rights under the GDPR, including access, rectification, erasure and data portability. To exercise any right, contact us (Section 12).

9. Data retention

We keep your data for as long as your account exists. When you delete your account, your cloud data is deleted promptly. Locally stored data is removed when you log out or uninstall the app.

10. Security

We use HTTPS for all network communication, encrypted device storage for authentication tokens, and row-level security on our database. No method of transmission or storage is 100% secure, but we take reasonable measures to protect your data.

11. Children

StallFix is not intended for users under the age of 16. We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.

12. Contact

For any privacy question or request, contact us at support@stallfix.app.

13. Changes

We may update this Privacy Policy. Material changes will be reflected here with a new "last updated" date and, where appropriate, announced in the app.