Privacy Policy

Last updated: 3 sept 2025

This Privacy Policy describes how an individual ("MuscleMind," "I," "me," or "my"), a company incorporated in the Netherlands, collects, uses, stores, and protects your personal data when you use the MuscleMind mobile application (the "App") and its related services.

MuscleMind is committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR").

  1. Personal data I collect

I collect and process the following categories of personal data:

  • Identity Data: name, email address

  • Authentication Data: login method (Apple, Google, or email/password)

  • Fitness Data: workout history, fitness preferences, exercise activity

  • Device Data: device model, operating system, usage analytics

  • Payment Data: subscription-related data processed via Apple App Store or Google Play Store

I do not collect your location data or IP address.

  1. How I collect your data

I collect data directly from:

  • The information you provide during account registration

  • Your activity within the App (e.g., completed workouts, preferences)

  • Authentication providers (Apple, Google) for email address

Firebase for app usage analytics and crash reporting

  1. How I use your data

I use your personal data for the following purposes:

  • To provide AI-generated custom workout plans

  • To manage your account and subscription

  • To personalise your in-app experience

  • To deliver customer support

  • To send service notifications and marketing communications (where permitted)

  • To monitor app performance and improve our services

Our legal bases for processing your personal data under the GDPR include:

  • Performance of a contract (e.g., providing access to the App)

  • Legitimate interests (e.g., service improvement)

  • Consent (e.g., marketing notifications, where applicable)

  1. Data sharing

I do not sell your personal data. I may share your personal data with:

  • Service providers, such as Firebase (for authentication and analytics)

  • Payment processors, such as Apple or Google, for handling subscriptions

  • Marketplace partners, such as Rakuten, but only when necessary to fulfil services

All third-party processors are subject to strict contractual obligations to protect your data in line with GDPR requirements.

  1. International Data Transfers

To the best of myknowledge, your personal data is stored and processed within the European Economic Area (EEA). If at any point your data is transferred outside of the EEA, I will ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

  1. Data Security

I implement appropriate technical and organisational security measures to protect your personal data from unauthorised access, disclosure, or loss, including:

  • Encrypted connections (HTTPS)

  • Firebase Authentication controls

  • Access control policies

  1. Data Retention

I retain your data only for as long as necessary to provide the Service or as required by law. If you delete your account, all associated personal data, including fitness history and preferences, will be permanently deleted from our systems. You can delete your account in the app by going to your profile > Settings > Delete Account. We do not maintain backups or archived logs.

  1. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights:

  • Right of access – You can request a copy of your personal data

  • Right of rectification – You can correct inaccurate or incomplete data

  • Right to erasure – You can request deletion of your personal data

  • Right to restrict processing – You can ask us to limit how we use your data

  • Right to object – You can object to processing based on our legitimate interests

  • Right to data portability – You can request to receive your data in a commonly used format

  • Right to withdraw consent – If processing is based on consent, you may withdraw it at any time at any time

To exercise any of these rights, please contact me through the app:
Profile > Settings > Help > Contact Us

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

  1. Marketing Communications

With your consent, I may send you marketing push notifications or in-app messages about offers or updates. You can opt out at any time in your settings.

  1. Children's Privacy

The App is not intended for children under the age of 16. I do not knowingly collect personal data from children. If we become aware that a child has provided us with personal information, we will delete it.

  1. Changes to this Policy

I may update this Privacy Policy from time to time. I will notify you of significant changes via the App or email. We encourage you to review this policy periodically.

  1. Contact Information

For questions or concerns about this Privacy Policy or our data practices, please contact me.