PUSHBURN

1. Introduction

This Privacy Policy explains how PushBurn ("PushBurn," "we," "our," or "us") collects, uses, stores, shares, and protects information when you use the PushBurn mobile application, website, and related services.

PushBurn is developed by Mattia Proserpio. For privacy questions, you can contact us at mttproserpio@gmail.com.

2. Data Controller

For personal data processed through PushBurn, the data controller is Mattia Proserpio, unless a third-party service independently acts as a controller for its own processing, such as Apple, Google, RevenueCat, or payment/subscription providers.

3. How We Collect and Use Data

How we handle your data depends on how you choose to use the app:

• Guest Mode (Offline): If you do not sign in, your workout templates, workout history, programs, preferences, and settings are stored locally on your device. We do not create a PushBurn account for you and do not sync this data to our cloud database.
• Registered Accounts (Cloud Sync): If you sign in with Apple or Google, we process basic account information, such as your user identifier, email address, and authentication provider, so you can access your account and sync your data.
• Workout Data: We process workout templates, workout programs, saved workouts, workout history, exercise names, sets, repetitions, weights, durations, schedules, and app preferences to provide the core PushBurn features.
• Subscription Data: If you purchase PushBurn Pro or another paid feature, we process subscription status, entitlement status, purchase identifiers, expiration dates, and related subscription metadata. We do not receive or store your full credit card details.
• Advertising and Consent Data: If you use the free version, advertising and consent-related data may be processed through Google AdMob and Google User Messaging Platform (UMP), subject to your choices and applicable law.
• Technical Data: We may process limited technical information, such as device type, app version, operating system version, crash or diagnostic data, and approximate region, to maintain and improve the app.

4. Apple HealthKit and Motion Data

PushBurn can integrate with Apple HealthKit and Apple motion-related APIs to display fitness and activity metrics in your dashboard, such as step count, active energy burned, walking or running distance, floors climbed, exercise time, stand hours, and related activity information.

• Permission Based: PushBurn accesses HealthKit and motion data only after you grant permission through iOS.
• Local Processing: HealthKit and motion data are processed on your device to display activity information in the app.
• No Advertising Use: We do not sell HealthKit data, use HealthKit data for advertising, or share HealthKit data with advertising platforms.
• Your Control: You can change HealthKit permissions at any time in the iOS Health app or iOS Settings.

5. Legal Bases for Processing

If you are located in the European Economic Area, United Kingdom, or another region with similar privacy laws, we rely on the following legal bases where applicable:

• Contract: To create and manage your account, provide workout features, sync data, process subscriptions, and deliver the app services you request.
• Consent: For HealthKit access, motion permissions, personalized advertising where required, Apple App Tracking Transparency permission, and optional advertising consent choices.
• Legitimate Interests: To keep the app secure, prevent abuse, debug errors, improve performance, and maintain the reliability of our services.
• Legal Obligation: To comply with tax, accounting, consumer protection, platform, or legal requirements where applicable.

6. Third-Party Services and Processors

PushBurn uses third-party services to operate, secure, monetize, and improve the app. These providers may process personal data according to their own privacy policies and, where applicable, our instructions.

• Supabase: Used for authentication, database hosting, account management, and cloud sync for registered users.
• Apple Sign-In: Used to let you create or access your account with your Apple ID.
• Google Sign-In: Used to let you create or access your account with your Google account.
• RevenueCat: Used to manage subscription entitlements, Pro status, purchase status, renewal status, and subscription-related events.
• Apple App Store / StoreKit: Used to process in-app purchases and subscriptions. Payment information is handled by Apple; PushBurn does not receive your full payment card details.
• Google AdMob: Used to display ads in the free version of the app. AdMob may process device identifiers, advertising identifiers, consent signals, approximate location, usage data, and ad interaction data depending on your choices and applicable law.
• Google User Messaging Platform (UMP): Used to request, store, and manage advertising consent choices, including GDPR-related ad consent choices where required.
• Apple App Tracking Transparency: Used to request your permission before tracking activity across other companies' apps and websites where required by Apple policy.
• Apple HealthKit: Used only with your permission to read selected fitness and activity data for in-app activity features.
• Apple CoreMotion / CMPedometer: Used only with your permission for motion, step, and activity-related features.
• Apple Notifications: Used to provide reminders and app notifications if you enable notifications.
• Website Hosting Provider: Used to host the PushBurn website, Privacy Policy, Terms of Use, and related public pages.

7. Advertising, Consent, and Tracking Choices

The free version of PushBurn may show ads through Google AdMob. In regions where consent is required, PushBurn uses Google UMP to ask for and manage your advertising consent choices.

• You can accept, reject, or manage advertising choices where the consent form is available.
• You can open the Privacy Choices option in the app Settings to update your advertising consent choices where available.
• On iOS, you may also receive Apple's App Tracking Transparency prompt. You can change this choice at any time in iOS Settings under Privacy & Security → Tracking.
• If you do not consent to personalized ads or tracking where required, PushBurn may show non-personalized or limited ads instead.

8. Data Sharing

We do not sell your personal information. We share data only when necessary to operate PushBurn, comply with the law, protect rights and security, or provide features you request.

• With service providers listed in this policy, such as Supabase, RevenueCat, Apple, and Google, for the purposes described above.
• With authorities or third parties if required by law, legal process, or to protect the rights, safety, and security of users, PushBurn, or others.
• In connection with a business transfer, such as a merger, acquisition, restructuring, or sale of assets, subject to appropriate privacy protections.

9. Data Retention

We keep personal data only for as long as necessary for the purposes described in this policy, unless a longer period is required by law.

• Guest Data: Stored locally on your device until you delete it, uninstall the app, or use the erase local data option.
• Account and Cloud Sync Data: Stored while your account remains active or until you delete your account.
• Soft-Deleted Sync Records: When you delete workout-related items, they may temporarily remain in a hidden deletion state to allow synchronization across your devices. These records are permanently removed after a limited retention period or when you delete your account.
• Deleted Account Data: When you delete your account, we delete or anonymize associated cloud data unless retention is required by law or for legitimate security/legal purposes.
• Subscription Records: Retained as needed to manage entitlements, resolve purchase issues, comply with platform rules, and meet legal/accounting obligations.
• Consent and Advertising Signals: Retained as needed to respect and demonstrate your consent choices.
• Diagnostics and Logs: Retained only for a limited period needed for security, debugging, and service reliability.

10. Security

We use reasonable technical and organizational measures to protect your data, including secure authentication, access controls, encrypted transport, database security rules, and restricted access to production systems. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

11. International Data Transfers

Some third-party providers may process data in countries other than your country of residence. Where required, we rely on appropriate safeguards such as contractual protections, standard contractual clauses, adequacy decisions, or equivalent transfer mechanisms provided by our service providers.

12. Your Privacy Rights

Depending on where you live, you may have rights over your personal data, including the right to access, correct, delete, export, restrict, object to processing, or withdraw consent.

• Access and Portability: You can export a JSON copy of your account, workout data, preferences, programs, and related app data from the app Settings.
• Correction: You can update or correct many types of data directly in the app.
• Deletion: Registered users can delete their account from the app Settings. Guest users can erase local data from the app Settings.
• Withdraw Consent: You can withdraw HealthKit permissions in iOS Settings or the Health app, adjust notification permissions in iOS Settings, and manage advertising choices in PushBurn Settings or iOS Tracking settings.
• Contact Request: You can contact us at mttproserpio@gmail.com to exercise privacy rights that are not available directly in the app.

13. Children's Privacy

PushBurn is not intended for children under the age required by applicable law to use digital services without parental consent. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can take appropriate action.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect new features, legal requirements, or changes to our data practices. We will notify you of changes by updating the "Last Updated" date at the top of this page. If changes are material, we may provide additional notice in the app or on our website.

15. Contact Us

If you have questions, concerns, or privacy requests, please contact us at: