Privacy Policy
Effective date: [EFFECTIVE DATE] Last updated: [EFFECTIVE DATE]
DRAFT — not legal advice. This document was prepared as a starting point and must be reviewed by a qualified attorney before publication. Fill in every
[BRACKETED]value and confirm the GDPR/CCPA, retention, and governing-law sections fit your jurisdiction and how you actually operate.
This Privacy Policy explains how Andrew Pierce (“we,” “us,” “our”) handles information in connection with the Mike mobile application (“Mike,” the “App”) and the website at coachmike.app (the “Site”). By using Mike, you agree to the practices described here.
Mike does not require you to create an account. Your data lives on your device and in your own Apple iCloud, and is shared with a small number of service providers only as needed to make the coaching work (described below). We do not sell your data, we do not use it for advertising, and we do not track you across other apps or websites.
1. Information we collect
We collect only what the App needs to function as a coach.
Information you provide or generate in the App
- Health and fitness data — body weight and weigh-ins, calories and macros, food logs, workouts and training programs, steps, and (with your permission) sleep and heart data.
- Apple Health (HealthKit) data — with your permission, Mike reads calories, protein, body weight, steps, workouts, sleep, and heart data, and writes weigh-ins and food you log back to Apple Health. Data obtained from HealthKit is used only to provide the App’s features and is never used for advertising or sold. It is handled in accordance with Apple’s HealthKit requirements.
- Photos — progress photos you choose to take (stored in your private iCloud, and optionally saved to your photo library if you ask), and meal photos you take for calorie estimation.
- Chat content — the messages you send to the in-app coach.
Information collected automatically
- Device identifier — a per-installation identifier (Apple’s
identifierForVendor, or a locally generated fallback) sent to our server only to enforce per-device rate limits and prevent abuse. It is not linked to your name and is not used to track you. - Log data — our servers may record basic request metadata (timestamps, the device identifier above, and coarse technical data) for security, rate limiting, and reliability.
Purchases
- Subscriptions are processed by Apple through the App Store. We do not receive or store your payment card details; we receive only the subscription status needed to unlock features.
2. How we use your information
We use the information above to:
- provide and personalize your coaching, plans, nutrition, and progress tracking;
- generate the coach’s responses and estimate calories from meal photos (see Section 4);
- operate, secure, debug, and improve the App and Site;
- enforce fair-use rate limits and prevent abuse; and
- comply with law.
We do not use your information for advertising, and we do not sell or rent it.
3. Where your data is stored
- On your device and in your own Apple iCloud (Apple’s CloudKit private database, container
iCloud.com.andrewpierce.FitnessApp). iCloud data is tied to your Apple ID and governed by Apple’s privacy policy. - Data sent to the service providers in Section 4 is processed on their systems under their terms.
4. Service providers we share data with
To provide the coaching features, limited data is sent to the following providers. We share only what is needed, and none of them are permitted to use your data for their own advertising.
| Provider | What is shared | Why |
|---|---|---|
| Anthropic (Claude AI) | Your chat messages, a summary of your fitness context (e.g., weight trend, program), and meal photos | To generate the coach’s replies and estimate calories from meal photos. Meal photos are processed to estimate calories and are not stored by us. Data sent to Anthropic’s API is processed under Anthropic’s commercial terms and, per Anthropic’s policy, is not used to train its models by default. See Anthropic’s privacy policy: [https://www.anthropic.com/legal/privacy] |
| FatSecret | Food search terms | To look up foods and nutrition information in the food database. See FatSecret’s privacy policy: [FATSECRET PRIVACY URL] |
| Apple | Purchase/subscription info; iCloud sync; HealthKit | Payments, cross-device sync, and Health integration. See Apple’s privacy policy: [https://www.apple.com/legal/privacy/] |
| Render | Request metadata and the content being relayed to Anthropic/FatSecret | We route AI and food-database requests through servers hosted on Render so provider API keys stay off your device. See Render’s privacy policy: [https://render.com/privacy] |
5. Data retention
- On-device and iCloud data persists until you delete it (delete entries in-app, delete the App, or remove its iCloud data), subject to Apple’s iCloud behavior.
- Meal photos sent for calorie estimation are processed and discarded; we do not retain them.
- Server logs (device identifier, timestamps) are retained for approximately [RETENTION PERIOD, e.g., 30 days] for security and rate limiting, then deleted.
- Data processed by the providers in Section 4 is retained according to their own policies.
6. Your choices and rights
- Health permissions — you control Apple Health access in iOS Settings → Privacy & Security → Health, and can revoke it at any time.
- Photos and camera — you control these permissions in iOS Settings.
- Delete your data — delete entries in the App, or delete the App and its iCloud data, to remove your information from your device and iCloud.
- Regional rights — depending on where you live (e.g., the EEA/UK under GDPR, or California under CCPA/CPRA), you may have rights to access, correct, delete, or port your data, and to object to or restrict certain processing. To exercise these rights, contact us at [CONTACT EMAIL]. [ADD any legally required detail: legal basis for processing, data controller identity, right to lodge a complaint with a supervisory authority, “Do Not Sell/Share” — note we do not sell or share for cross-context behavioral advertising.]
7. Children’s privacy
Mike is not directed to children under [13 / the minimum age you set], and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact [CONTACT EMAIL] and we will delete it.
8. Security
We use reasonable technical and organizational measures to protect your information, including keeping third-party API keys on our servers rather than in the App, and transmitting data over encrypted connections (HTTPS/TLS). No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
9. International data transfers
Your information may be processed in countries other than where you live, including the United States, where our service providers operate. Where required, we rely on appropriate safeguards for such transfers. [CONFIRM mechanism with counsel if serving EEA/UK users.]
10. Changes to this policy
We may update this policy from time to time. Material changes will be reflected by updating the “Last updated” date above and, where appropriate, by notice in the App. Your continued use after an update means you accept the revised policy.
11. Contact us
Questions about this policy or your data: Andrew Pierce Email: [CONTACT EMAIL] [BUSINESS ADDRESS, if applicable]