Privacy Policy
Last updated: 3 June 2026
BeeStrong App is a workout tracking app for lifters and personal trainers, distributed on Google Play and the Apple App Store. This policy explains what data we collect, how we use it, the legal basis for using it, and the choices you have under UK GDPR and EU GDPR.
This page describes how the app handles your data. If you have specific questions about your account or a deletion request, contact us using the details at the bottom.
Who controls your data
BeeStrong App is operated by Dariusz Sztejnagiel, an individual based in the United Kingdom (the "data controller" for the purposes of UK GDPR). For data protection matters, contact the data controller at support@beestrongapp.com.
Data we collect
BeeStrong App may collect the following information when you use the app:
- Account information such as email address and display name.
- Workout data such as exercises, sets, reps, weights, duration, notes, and program history.
- Body measurement data that you choose to enter, such as weight and body measurements.
- Coach Mode data such as coach-client invitations, assigned programs, and client progress visible to an accepted coach relationship.
- Technical data stored locally on your device, including preferences, app settings, cached files, and offline workout data.
How we use data
We use your data to provide the app, save and sync your workouts, show progress analytics, support Coach Mode and the optional AI Coach feature, maintain account access, improve reliability, and respond to support or deletion requests.
Legal basis for processing
Under UK GDPR and EU GDPR, we rely on the following legal bases for processing your personal data:
- Contract — to provide the BeeStrong App service you signed up for, including account, cloud sync, and Coach Mode.
- Legitimate interest — to keep the service secure, prevent abuse, and improve reliability.
- Consent — for any optional feature that requires explicit opt-in (such as marketing emails, if offered).
- Legal obligation — to keep records required by law (e.g. tax, security incident logs).
Local storage and offline use
BeeStrong App is offline-first. Workout data and preferences are stored on your device so the app keeps working without an internet connection. Clearing the app data on your device may remove any data that has not been synced.
Cloud sync
If you create an account or use Coach Mode, selected app data may sync to our backend provider, Supabase. The intended production region is Frankfurt, Germany. Data is encrypted in transit (TLS/HTTPS).
Coach Mode
If you accept a coach invitation, that coach may be able to view workout and measurement data connected with your account so they can manage your training. You should only accept invitations from coaches you trust. Coaches with the COACH plan can also access their dashboard via a desktop browser.
AI Coach (PRO+ feature)
The optional AI Coach feature analyses your workout and progress data to provide suggestions. To do this, the app sends the relevant workout data to our AI provider, Groq, which runs the Meta Llama 3.3 70B Versatile model via an OpenAI-compatible Chat Completions API. Data is sent only on demand to generate a response and is not retained by Groq beyond what is needed to serve your request. AI Coach is opt-in: if you do not use the feature, no data is sent.
Sharing — subprocessors
We do not sell personal data. To run BeeStrong App, we work with the following service providers (subprocessors):
- Supabase Inc. — cloud database, authentication, and sync. Production region: Frankfurt, Germany.
- Groq, Inc. — AI Coach inference (Llama 3.3 70B Versatile via OpenAI-compatible API). On-demand only, no long-term storage.
- Google LLC (Google Play) — Android app distribution and payments.
- Apple Inc. (App Store) — iOS app distribution and payments.
- Cloudflare, Inc. — website hosting (Cloudflare Pages) and privacy-friendly analytics (Cloudflare Web Analytics).
Cookies and tracking
The BeeStrong App website uses Cloudflare Web Analytics, which is privacy-friendly and does not use cookies, fingerprinting, or cross-site tracking. The mobile app does not use web cookies. Some technical local storage on your device is required for the app to function offline.
Payments
Paid features (PRO, PRO+, COACH) are handled by Google Play and the Apple App Store according to their billing systems and store policies. BeeStrong App does not need to store full card details.
How long we keep data
Specific retention periods:
- Account information (email, profile) — kept until you request deletion of your account.
- Workout, program, and measurement data — kept until you delete it from the app, or until your account is deleted.
- Coach Mode connections and notes — kept while the coach-client relationship is active.
- Payment records — retained as required by tax law (typically 6 years in the UK).
- Aggregated analytics (Cloudflare Web Analytics) — anonymous, retained for 12 months.
Your rights
Under UK GDPR and EU GDPR you have rights to: access your personal data; correct inaccurate data; export your data (data portability); restrict processing; object to processing; and request deletion ("right to be forgotten"). You also have the right to lodge a complaint with your local data protection authority — in the UK this is the Information Commissioner’s Office (ICO, https://ico.org.uk). To exercise any of these rights, contact us using the details below.
International data transfers
Your account and workout data are processed in the EU (Supabase Frankfurt) and UK. Some subprocessors (Google, Apple, Cloudflare, Groq) may transfer or process data outside the UK/EU. Where this happens, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or adequacy decisions to ensure your data remains protected.
Children
BeeStrong App is not intended for children under 16. We do not knowingly collect personal data from children under that age. If you believe a child has provided personal data, contact us and we will take appropriate steps to delete it.
Security
We use reasonable technical and organisational measures to protect data, including TLS/HTTPS for data in transit and access controls for our backend. No system is perfectly secure, so you should use a strong, unique password and keep your device protected.
Data breach notification
If we discover a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours where feasible. If the breach is likely to result in a high risk to you, we will notify you directly without undue delay.
Changes to this policy
We may update this policy from time to time. The latest version will be posted on this page with a new updated date. If we make material changes that affect how we use your personal data, we will notify you in the app or by email where appropriate.
Contact
For privacy requests or questions, contact support@beestrongapp.com.