Legal

Privacy Policy

Last updated: April 14, 2026

This Privacy Policy describes how BodyLapse (“we”, “us”, or “the app”) collects, uses, stores, and protects your personal information when you use our iOS application and related services. We designed BodyLapse with privacy as a core principle.

1. Information we collect

Account information. When you sign in with Apple, we receive a stable, pseudonymous identifier and (optionally, on first sign-in only) your name and email address. We do not receive your Apple ID password.

Profile & body data. Information you voluntarily provide: gender, date of birth, height, weight, body goal, tape measurements, and body fat percentage.

Progress photos. Photos you capture in-app to track physical change. You control which photos are uploaded; any photo stored on our servers is encrypted in transit (TLS 1.2+) and at rest.

HealthKit data. With your explicit permission, we read bodyweight, height, step count, active energy, and workout history from Apple HealthKit to avoid asking you to re-enter data. HealthKit data is stored locally on your device and is only synchronized to our server if you have enabled cloud backup. Per Apple's guidelines, we do not use HealthKit data for advertising or share it with third parties.

Habit logs. Your daily habit completions (training, nutrition, sleep, steps).

Purchase data. Subscription state managed through Apple StoreKit. We do not see your payment card details; Apple handles all billing.

Device & diagnostic data. Anonymous crash reports, device model, and iOS version used to improve app stability. No personally identifying information is attached to these reports.

2. How we use your information

  • To provide the core app features: AI body scans, progress timeline, habit tracking, charts, and weekly AI coaching insights.
  • To personalize your onboarding and recommendations.
  • To sync your data across your Apple devices when you enable cloud backup.
  • To generate AI-derived body composition estimates using a third-party AI provider (see Section 4).
  • To detect and prevent fraud, abuse, and violations of our Terms.
  • To comply with legal obligations.

We do not sell your personal information. We do not use your data to train public AI models. We do not run third-party advertising trackers.

3. Legal bases (EU/EEA users)

For users in the EU/EEA, we process your data under the following GDPR legal bases: (a) performance of a contract (to deliver the app you requested); (b) consent (for HealthKit and optional cloud backup); (c) legitimate interest (security, fraud prevention); and (d) legal obligation (record keeping).

4. Third parties & data processors

We work with a small number of processors strictly necessary to operate the app:

  • OpenAI: We send a single encoded body photo plus your biometric metadata (height, weight, age, gender) to generate body composition estimates. OpenAI processes this data solely to return a response to our request. No personal identifiers are included.
  • Railway (hosting): Runs our API servers. Transit encrypted with TLS 1.2+.
  • Cloudflare R2: Stores progress photos that you have opted to back up. Stored encrypted at rest.
  • Apple: App Store distribution, StoreKit billing, Sign in with Apple.

We do not share your data with any third party for marketing, analytics, or advertising.

5. Data retention

We retain your account data for as long as your account is active. When you delete your account (Settings → Delete Account), we permanently delete:

  • All progress entries, habits, and habit logs from our database.
  • All progress photos from our object storage.
  • Your user profile record.
  • All locally stored data on your device.

Anonymous, aggregated analytics may be retained indefinitely. Deletion is usually complete within 24 hours; backups are purged within 30 days.

6. Your rights

Regardless of where you live, you can at any time:

  • Access your data (Settings → Export Data).
  • Correct your data (Settings → Edit Profile).
  • Delete your data (Settings → Delete Account).
  • Withdraw consent to HealthKit or cloud backup (iOS Settings).
  • Object or restrict processing by contacting us.
  • Portability — request an export in a machine-readable format.

To exercise any right, email support@bodylapse.fit. We respond within 30 days.

7. Children

BodyLapse is not directed at children under 16. We do not knowingly collect personal information from children under 16. If you believe we have, contact us and we will delete it.

8. Security

We use industry-standard safeguards: TLS 1.2+ in transit, AES-256 at rest, least-privilege access controls, API-key authentication, audited dependencies, and no plaintext storage of secrets. No system is perfectly secure; we commit to notifying affected users within 72 hours if we discover a breach.

9. International transfers

Our servers are located in the United States. If you access the app from outside the U.S., your data will be transferred to the U.S. under the European Commission's Standard Contractual Clauses and equivalent safeguards where applicable.

10. Changes

We may update this Privacy Policy from time to time. Material changes will be announced in-app and via the email associated with your account. Continued use after the effective date constitutes acceptance.

11. Contact

Questions, complaints, or data requests: support@bodylapse.fit.