Last Updated: July 25, 2025
Recomp AI ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how the Recomp AI mobile application (the "App") collects, uses, and shares your personal data. It also describes your rights regarding your data and how you can contact us about privacy concerns. We comply with applicable privacy laws and the requirements of the Apple App Store and Google Play.
We collect personal information that you provide to us directly or that is generated through your use of the App. This includes:
When you create an account, we collect your email address and a password (which is stored in a hashed form for security). If you choose to sign up via a third-party login (Apple ID or Google Account), we receive a unique ID and/or basic profile information from those providers. You may also provide an optional display name for your profile.
To personalize your experience, you may optionally provide profile details such as your date of birth (or an age range), biological sex, height, weight, body fat percentage, body measurements, and your time zone. This information helps us tailor the App's recommendations (for example, calorie targets or coaching tips) to you.
The App allows you to log health and fitness information. This includes daily calorie and macronutrient targets and your actual intake, exercise and workout notes, weight history entries, and progress photos you choose to upload. These logs are stored so you can track your progress over time.
We collect certain technical information about your device and App usage to ensure the service works correctly and to improve it. This includes your device's operating system, the App version, and anonymized crash reports or usage analytics (for example, which features are used most). This data is collected in aggregate or with identifiers that do not directly identify you.
We do not collect precise geolocation data or live location from your device. The only location-related data we use is your time zone (as part of your profile) to customize time-based aspects of the App.
The personal data you provide may include health-related information (e.g. weight, dietary preferences, exercise details). We treat this as sensitive and handle it with a high level of security and confidentiality. We only collect what is necessary to provide the App's functionality and coaching features.
We use your personal data to operate and improve the Recomp AI App, provide our services to you, and fulfill any requests you make. The ways we use your information include:
We use the account and profile information you provide to set up your account and personalize your experience. For example, your profile metrics (age, sex, weight, etc.) are used to calculate personalized nutrition and fitness recommendations. Your log entries (calories, workouts, etc.) are used to provide feedback, track your progress, and tailor coaching prompts.
Some of your input (such as logged meals or questions you ask the App) may be processed by our AI-powered coaching system to generate nutrition guidance or fitness coaching tips. We only use the minimum necessary data for these prompts (for instance, summary of your daily intake or goals) to protect your privacy.
We may use your email address to send you service-related notices such as account verification, password changes, updates about new features, or customer support responses. We will not send you marketing emails unrelated to the App without your consent.
Device and usage data (which is de-identified or aggregated) are used to troubleshoot issues (like crashes) and understand how users interact with the App. This helps us improve our user interface, fix bugs, and decide what new features to build, ultimately enhancing your experience.
If you purchase a premium subscription or any paid features, we use required information to process those transactions (see Third-Party Service Providers below for details on payment processing). We do not store any credit card information in our systems; purchases are handled by the app store or our payment partner.
We will only use your personal data for the purposes described in this policy, and we will ask for your consent before using it for any other purpose.
Recomp AI uses a few trusted third-party services ("processors") to operate the App. We share your data with these providers only to the extent necessary for them to perform tasks on our behalf, and each of them is bound by strict data protection agreements. Our third-party service providers include:
We use Supabase, a secure cloud platform, to host our databases and manage user authentication. All your account information, profile data, and logs are stored in a Supabase PostgreSQL database located in a U.S. data center. Supabase acts as our data processor and is committed to high security standards (the underlying infrastructure maintains certifications such as ISO 27001 and SOC 2). Your progress photos and other file uploads are stored in Supabase's object storage, which uses private, access-controlled buckets (photos are accessible only via time-limited signed URLs).
Recomp AI integrates with OpenAI's API to provide intelligent nutrition and coaching suggestions. For example, when you ask for meal advice or a workout plan, a minimal set of relevant data (such as your current goals or a summary of recent logs) is sent securely to the OpenAI service, and it returns guidance or answers. We do not send personally identifying information like your name or email to OpenAI – only the data necessary for the prompt (e.g. "user's calorie target and today's intake"). OpenAI is a processor that handles this data under its privacy and security terms, and we have a Data Processing Addendum (DPA) in place with them to safeguard your information.
We use a service called Superwall to manage our in-app paywall and subscriptions. When you subscribe to premium features through Apple's App Store or Google Play, Superwall helps coordinate the purchase with the respective store's billing system. These transactions are processed by Apple or Google (depending on your device), and no credit card data is ever seen or stored by us. We receive confirmation of your purchase/subscription status to unlock features, but we do not receive your full payment information.
Our app is built with the Expo framework. Expo and associated SDKs (Software Development Kits) facilitate features like push notifications and the "Sign in with Apple/Google" functionality. If you choose to log in with Apple or Google, those providers may share certain data with us (such as your name and verified email address) as part of the authentication process. This integration is handled securely via their official SDKs, and we use the information solely to create or log you into your Recomp AI account.
We may use a self-hosted instance of PostHog (an analytics platform) to collect anonymous, aggregate usage data for analytics. This means we might log events like "feature X used" or general usage patterns to understand how the App is used overall. The analytics data is not tied to your name or email, and we do not use any third-party advertising or marketing analytics services. PostHog (self-hosted by us) means the data stays under our control and is used only for improving the product.
Each third-party service only has access to the information needed for their function, and they are contractually prohibited from using your data for any other purpose. Aside from these services, no other third parties receive your personal information from us.
We do not sell your personal data to any third parties. We also do not share your information with advertisers or for any kind of marketing or profiling outside of the Recomp AI service.
As explained above, we share data with certain service providers strictly to operate and maintain the App (for example, cloud hosting, AI processing, payment facilitation). These parties act on our behalf and under our instructions. They are bound by confidentiality and data protection agreements (DPAs) to safeguard your information and cannot use it for their own purposes.
We will only disclose your personal information outside of our service providers if required by law or valid legal process (for example, in response to a court order or a lawful request by government authorities). If we ever have to disclose data in such circumstances, we will do so in compliance with applicable laws and, if permissible, notify you about it.
In the unlikely event that Recomp AI undergoes a business transition such as a merger, acquisition, or sale of assets, user information (which may include your personal data) could be transferred to the successor entity. If that happens, we will ensure the new owner continues to honor the commitments we have made in this Privacy Policy, and we will notify you (for example, via email or a notice in the App) of any such change.
Aside from the scenarios above, no personal data is shared with any other individuals or organizations.
Recomp AI is not intended for children under the age of 16. We do not knowingly allow anyone under 16 years old (or under the age of digital consent in your country, if different) to sign up or use the App. We do not knowingly collect personal information from children under 13 in any case (consistent with the U.S. Children's Online Privacy Protection Act). If you are under 16, please do not use the App or provide any information about yourself. If we learn that we have collected personal data from a child under 13 (or under the applicable minimum age), we will promptly delete that information. Parents or guardians who believe that their child may have provided us with personal information can contact us at our support email (see the Contact Us section below), and we will take steps to remove the data and terminate the child's account.
We take the security of your data very seriously. We implement a variety of technical and organizational measures to protect your personal information from unauthorized access, misuse, loss, or disclosure. These measures include:
All Recomp AI data is stored in a secure cloud database hosted by Supabase in the United States. The hosting environment employs industry-leading security practices and certifications (for example, the data centers maintain ISO 27001 compliance and robust physical security controls).
We encrypt personal data both at rest and in transit. This means your data is stored encrypted in our databases (using AES-256 or a similarly strong encryption standard), and it is also encrypted when being transmitted between your device and our servers (via HTTPS/TLS 1.2 or higher).
We enforce strict access controls on our databases. Our use of Row-Level Security ensures that each user can only access their own records in the database – you cannot retrieve another user's data through the App. On our backend, only authorized personnel who need to service the account or system (e.g., for technical support or maintenance) can access the data, and even then, such access is limited and logged.
Any images you upload (such as progress photos) are stored in private storage buckets. These files are not publicly accessible on the internet. When the App needs to display your images back to you, it uses a secure, time-limited URL that only works for your account. This prevents anyone else from accessing your photos.
We regularly monitor our systems for possible vulnerabilities and attacks, and we use up-to-date protection. We also keep our app dependencies and libraries updated to patch security issues promptly. In the event of any security breach that affects your personal data, we will notify you and the appropriate authorities as required by law.
Despite our best efforts with strong security, please remember that no method of transmission over the Internet or method of electronic storage is 100% infallible. We strive to protect your data, but we cannot guarantee absolute security. It's important that you also play a role in keeping your account secure (for example, by using a strong unique password and keeping your login credentials confidential).
Using Recomp AI requires creating an account – anonymous use of the App is not supported. Account authentication can be done in one of two ways:
You may sign up with an email address and set a password. The password is stored in a one-way hashed form (we never store plaintext passwords) for your security. You are responsible for maintaining the confidentiality of your login credentials.
As a convenience, you have the option to register or log in via "Sign in with Apple" or "Sign in with Google." If you use one of these methods, we receive information from the login provider such as a name and email address (if you allow them to share it) and a user identifier. We use this information solely to create and authenticate your account. Signing in with Apple/Google also allows you to bypass creating a separate password for Recomp AI.
All account information is used only for authentication, account management, and syncing your data. We do not use your login information from Apple or Google for any other purpose, and we adhere to those providers' policies for using that data. By registering, you agree that the information you provide is accurate and that you will update it if it changes. If you ever choose to delete your account (see Data Retention and Deletion below), your authentication data and all associated records will be removed from our systems.
We respect your rights over your personal data. Depending on your location and applicable law, you may have some or all of the following rights:
You have the right to request a copy of the personal data we hold about you. We can provide this in a common electronic format so that you can transfer it to another service if you wish.
If any of your information is inaccurate or incomplete, you have the right to ask us to correct or update it. Much of your basic account and profile data can be updated directly within the App. For any data that you cannot change yourself, you can contact us to request correction.
You have the right to request deletion of your personal data. You can request that we delete your account and all associated data at any time (see the Data Retention and Deletion section for how).
If we are processing any of your personal data based on your consent, you have the right to withdraw that consent at any time. (For example, if in the future we seek your consent for a new feature, you can opt out later.) Withdrawal of consent will not affect the lawfulness of any processing already carried out, and it may mean some features of the App can no longer function for you.
You may have the right to object to certain types of data uses or request that we limit how we use your data (for instance, if you believe the data is inaccurate or our use is unlawful). We will consider such requests and comply if required by law.
Recomp AI does not make any legally significant decisions about you based solely on automated processing of data (without human involvement). The coaching prompts and suggestions from our AI are not decisions that affect your rights or status; they are for informational and motivational purposes.
If you have concerns about how we are handling your data, you have the right to lodge a complaint with a data protection authority. For example, if you are in the European Union, you can contact the supervisory authority in your country. We would, however, appreciate the chance to address your concerns first by contacting us directly.
While we do not sell personal information, if you are a resident of California you are entitled under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) to request information about what personal data we collect, to access or delete your data, and to not be discriminated against for exercising these rights. This Privacy Policy discloses the categories of data we collect and the purposes (as required by CCPA). You or your authorized agent can make requests to access or delete your data by contacting us at our email address below, and we will verify and respond as required by law.
If you are located in the EU, United Kingdom, or other regions with similar laws, we ensure that your rights under the General Data Protection Regulation (GDPR) are honored. The legal bases for our processing of your personal data typically include: (a) Contract – we process data to provide the service you requested (the App's functionality as per our Terms of Service), (b) Consent – for certain optional data you provide or features you use, and (c) Legitimate Interests – for improving our service and security, in a way that does not override your privacy rights. Additionally, as noted below, your data may be transferred outside of your home country (including to the U.S. where our servers are), under appropriate safeguards. If you have any questions about your privacy rights or how to exercise them, you can always contact us at our support email, and we will assist you.
Recomp AI is operated from within the United States, and the majority of our data processing is done in the U.S. This means that if you use our App from outside the U.S., your personal data will be transferred to and stored on servers in the United States. The U.S. may not have the same data protection laws as your home country, but we take steps to ensure your privacy remains protected. For users in the European Economic Area (EEA), United Kingdom, or other regions with data transfer restrictions: whenever we transfer your information to the U.S. or to any third party service providers in other countries, we rely on legal mechanisms to ensure adequate protection. These may include the European Commission's Standard Contractual Clauses (SCCs) or other agreements designed to protect your personal data. Our contracts with Supabase, OpenAI, and other processors include commitments to comply with EU privacy standards and GDPR requirements for transferred data. By using the App, or by providing us with your information, you understand that your data may be processed in countries outside of your own. However, no matter where your data is processed, this Privacy Policy and our practices will protect your information to the same high standard.
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. In practice, this means we will keep your account information and logs for as long as you have an active account with Recomp AI. Keeping historical data (like your past weight entries or workout logs) is essential to providing you with ongoing tracking and insights. If you become inactive or stop using the App, we may retain your information for a reasonable period in case you return, to allow you to pick up where you left off. We may also retain certain information to comply with legal obligations, resolve disputes, or enforce our agreements. When we no longer have a legitimate need to keep your data, we will either delete it or anonymize it so it can no longer be associated with you.
You have the right to delete your data at any time. If you wish to delete your Recomp AI account and all associated personal data, please contact us by email at recompaiapp@gmail.com with the subject line "Delete my data". For your security, we may request certain information to verify your identity before proceeding with the deletion. Once we receive a verified deletion request, we will:
We aim to complete the data deletion process within 30 days of confirming your request. We will send you a confirmation email once your data has been fully removed. Please note that after deletion, your data cannot be recovered, so you should only request this if you are sure you want your account permanently removed. Some minimal data may be retained in our backups or logs for a short period (due to the nature of backup systems), but if so, it will be securely retained only for backup integrity and then overwritten in the normal backup rotation cycle. Any such residual data will not be restored or used except if required for legal reasons or disaster recovery.
We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this policy. If the changes are significant, we will provide a more prominent notice (such as an in-app notification or an email to the address associated with your account) to inform you of the updates. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Continued use of the Recomp AI App after any changes to the Privacy Policy constitutes your acceptance of the updated terms.
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please do not hesitate to contact us:
Email: recompaiapp@gmail.com
We will do our best to respond to your inquiry promptly and address any issues you have. Your privacy is important to us, and we welcome your feedback. Thank you for trusting Recomp AI with your health and fitness journey. We are committed to keeping your data safe and using it responsibly in line with this Privacy Policy.