Privacy Policy
1. Introduction
Rewts ("we," "us," or "our") operates the Rewts mobile application (the "App"), a health and wellness discovery platform available on iOS. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the choices you have regarding your information. By downloading, installing, or using the Rewts App, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described herein. If you do not agree to this Privacy Policy, please do not use the App.
2. Information We Collect
We collect the following categories of information to operate and improve the Rewts service:
- Account information: Your name and email address, provided when you create a Rewts account.
- Health and body metrics: Your age, height, weight, and biological sex, collected during onboarding and stored internally in metric units to enable personalized calculations.
- Fitness profile: Your preferred workout style, gym preferences, equipment preferences, and how many days per week you work out.
- Diet and nutrition profile: Your diet style (e.g., standard, vegetarian, vegan, keto), dietary restrictions, and cuisine preferences.
- Fitness goals: Your selected goal — fat loss, muscle gain, maintenance, or performance — which drives your macro targets and recommendations.
- Computed health data: Your Total Daily Energy Expenditure (TDEE) and daily macro targets for protein, carbohydrates, fat, and calories, calculated using the Mifflin-St Jeor equation based on the profile data you provide.
- Meal logs: Foods and beverages you log within the App, including AI-estimated macro and calorie values and timestamps.
- Workout logs: Workout type, duration, exercise names, sets, reps, weights, and timestamps for structured workout sessions you record.
- Run data: GPS route coordinates, total distance, duration, and pace for runs you track using the App's GPS run tracking feature.
- Location data: Approximate location used for nearby health-focused venue discovery in the Discover tab; precise GPS coordinates used only during active run tracking to record your route.
- Saved content: Spots and recipes you choose to save within the App for quick future reference.
- Device information: Device type, operating system version, and App version, used for compatibility and debugging.
- Usage data: General App interaction patterns used to diagnose errors, improve app stability, and enhance the user experience.
3. How We Use Your Information
We use the information we collect to power and personalize the Rewts experience. Your health metrics and fitness profile are used to calculate your TDEE and daily macro targets, and to surface venue recommendations and workout suggestions that align with your goals. Your location data is used to show nearby gyms, restaurants, trails, and markets in the Discover tab.
When you use AI-powered meal estimation, a text description of the food you entered is transmitted to Anthropic's API to generate estimated macro and calorie values. We do not transmit your name, email address, or any other personally identifiable information to Anthropic as part of this process. The estimated values are then stored in your meal log within our own systems.
We may use aggregated, de-identified usage data to understand how users interact with the App and to guide product improvements. We do not use your personal health data for advertising, profiling for third-party purposes, or any purpose other than operating and improving the Rewts service.
We may send you transactional communications, including account confirmation emails, password reset emails, and responses to support requests you initiate. We do not send marketing emails without your consent.
We may use your information to comply with applicable laws, respond to lawful legal requests, enforce our Terms of Service, and protect the rights, property, and safety of Rewts and its users.
4. Data Storage and Security
Your data is stored in a PostgreSQL database provided by Supabase, hosted in the United States. We implement row-level security (RLS) policies that ensure each user can only access their own data — no user can read or modify another user's records. All data transmitted between your device and our servers is encrypted using Transport Layer Security (TLS).
We implement industry-standard security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
5. Third-Party Services
Rewts relies on the following third-party services to operate. Each service has its own privacy practices, which we encourage you to review:
- Supabase: Provides our database, authentication infrastructure, and backend services. Your account data, health metrics, logs, and saved content are stored on Supabase's US-based servers. For more information, see the Supabase Privacy Policy.
- Google Places API: Powers location-based venue discovery in the Discover tab. When you search for nearby venues or browse the map, venue search queries are processed by Google's Places API. For more information, see Google's Privacy Policy.
- Anthropic: Powers AI-assisted meal estimation. When you log a meal using AI estimation, the text description of the food you provide is sent to Anthropic's API. We do not send your name, email address, or any personally identifiable information to Anthropic as part of this request. For more information, see the Anthropic Privacy Policy.
- Apple: Distributes the Rewts App via the App Store and TestFlight. Apple may independently collect usage, diagnostic, and crash data per their own privacy policy and platform terms. For more information, see Apple's Privacy Policy.
6. Health and Fitness Data
We treat your height, weight, age, biological sex, fitness goals, meal logs, and workout logs as sensitive health information. We are committed to handling this data with the highest standard of care. We do not sell your health or fitness data to any third party under any circumstances. We do not share your health or fitness data with insurance companies, employers, advertisers, data brokers, or any party other than the infrastructure providers listed in Section 5 who process data solely on our behalf to operate the service. Your health data is used exclusively to operate and personalize the Rewts service for you.
7. Location Data
Rewts uses your device's location in two distinct ways. First, approximate location is requested when you use the Discover tab to find health-focused venues near your current position. Second, precise GPS coordinates are requested only when you actively start a run in the App to record your route. GPS tracking is initiated only when you explicitly begin a run session and stops when you end the session.
You can deny or revoke location permission at any time in your iPhone's Settings app under Privacy & Security > Location Services > Rewts. Denying location permission will disable map-based venue discovery and GPS run route tracking, but will not affect meal logging, workout logging, macro tracking, or any other App features.
8. Data Retention
We retain your personal data for as long as your Rewts account remains active. If you choose to delete your account, you can do so at any time from the Profile tab within the App. When you submit a deletion request, all personal data associated with your account — including your health metrics, meal logs, workout logs, run data, saved content, and account credentials — will be permanently and irreversibly removed from our active systems within 30 days of the deletion request. After deletion, your data cannot be recovered.
9. Your Rights
You have the following rights with respect to your personal data:
- Access: You have the right to request a copy of the personal data we hold about you.
- Correction: You have the right to correct inaccurate or incomplete data by updating your profile directly within the App.
- Deletion: You have the right to permanently delete your account and all associated personal data via the Profile tab in the App.
- Portability: You have the right to request a copy of your data in a structured, machine-readable format.
To exercise any of these rights, or for any data-related questions or requests, please contact us at [email protected]. We will respond to verifiable requests within a reasonable timeframe and in accordance with applicable law.
10. Children's Privacy
Rewts is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. Users are required to confirm they are 13 years of age or older before creating an account. If we become aware that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take prompt steps to delete that information from our systems. If you are a parent or guardian and believe that Rewts may have collected information from a child under 13, please contact us immediately at [email protected].
11. California Privacy Rights (CCPA)
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information. You have the right to know what personal information we collect about you, the purposes for which it is used, and the third parties with whom it is shared. You have the right to request deletion of your personal information, subject to certain exceptions. You have the right to opt out of the sale of your personal information. Rewts does not sell personal information to third parties, and we have not done so in the preceding 12 months.
To exercise your California privacy rights, please contact us at [email protected]. We will respond to verifiable requests within 45 days of receipt, as required by the CCPA. We will not discriminate against you for exercising any of your rights under the CCPA.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes to this policy, we will notify you by sending a notice to the email address associated with your account or by displaying a prominent notice within the App. The updated Privacy Policy will be posted at rewts.app/privacy with a new effective date at the top. Your continued use of the App after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this page periodically.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at [email protected]. We are committed to addressing your privacy inquiries promptly and transparently. For account deletion or data export requests, you may also use the tools available directly in the Profile tab of the App.