Privacy Policy

Last Updated: March 31, 2026

Introduction

Welcome to Protokl ("we," "our," or "us"). We are committed to protecting your privacy and handling your personal data with transparency and care. This Privacy Policy explains how we collect, use, store, and protect your information when you use our fitness tracking application.

By using Protokl, you agree to the collection and use of information in accordance with this policy.

Information We Collect

1. Health and Fitness Data

• Body Metrics: Weight, body fat percentage, lean body mass, height, BMI, waist circumference
• Workout Data: Exercise types, sets, reps, weights, duration, calories burned
• Nutrition Information: Meals logged, nutritional intake (calories, protein, carbohydrates, fat, fiber, sugar, sodium, water, caffeine, cholesterol, iron, calcium, potassium, vitamins A/C/D)
• Sleep Data: Sleep duration, sleep stages (deep, REM, core, awake), time in bed
• Progress Photos: Body transformation photos you choose to capture
• Activity Data: Steps, flights climbed, active energy burned, basal energy burned, exercise time, stand time, walking/running distance, cycling distance, swimming distance
• Cardiovascular Data: Heart rate, resting heart rate, heart rate variability, walking heart rate average, VO2 max, atrial fibrillation burden
• Vitals: Blood pressure (systolic/diastolic), respiratory rate, body temperature, blood oxygen saturation, blood glucose, peripheral perfusion index
• Mobility Data: Walking steadiness, six-minute walk distance, walking speed, step length, walking asymmetry, double support percentage, stair ascent/descent speed
• Cycling Data: Cadence, power, speed, functional threshold power
• Audio Exposure: Environmental audio exposure, headphone audio exposure levels
• Other: UV exposure, time in daylight, mindful minutes

2. Location Data

• Cardio Tracking: GPS location data when you use location-based workout tracking features
• Location Services: General location for weather-based workout recommendations (optional)

This location data is only collected when you explicitly enable location tracking for specific features.

3. Device and Usage Information

• Device Information: Device type, operating system, app version
• Usage Analytics: Features used, session duration, interaction patterns
• Technical Data: Error logs, performance metrics, crash reports

4. Account Information

• Profile Data: Name, age, sex, fitness goals, experience level, preferred pace
• Preferences: Unit system, notification settings, app customization choices
• Subscription Status: Whether you have an active subscription, managed by Apple's in-app purchase system

5. Camera and Photo Library

• Progress Photos: Photos you take or select for tracking body transformation
• Meal Photos: Photos of meals for nutrition tracking (optional)

Apple HealthKit Data

Protokl integrates with Apple HealthKit to read and write health and fitness data with your explicit permission. The following disclosures apply specifically to data accessed through HealthKit:

HealthKit Data Types We Access

With your permission, we read the following data types from HealthKit: step count, walking/running distance, cycling distance, swimming distance, flights climbed, active energy burned, basal energy burned, exercise time, stand time, heart rate, resting heart rate, heart rate variability, walking heart rate average, VO2 max, body mass, body fat percentage, lean body mass, BMI, height, waist circumference, blood pressure (systolic and diastolic), respiratory rate, body temperature, blood oxygen saturation, blood glucose, sleep analysis, dietary energy/protein/carbohydrates/fat/fiber/sugar/sodium/water/caffeine/cholesterol/iron/calcium/potassium/vitamins, walking steadiness, walking speed, step length, walking asymmetry, cycling metrics, audio exposure levels, UV exposure, and time in daylight.

We write the following data types to HealthKit: step count, active energy burned, body mass, body fat percentage, lean body mass, and dietary intake (energy, protein, carbohydrates, fat, water).

No Advertising Use

Data obtained through HealthKit is NOT used for advertising or other use-based data mining purposes, either by us or any third party.

No Third-Party Sharing

We do NOT share HealthKit data with third parties. Data accessed through HealthKit is used solely to provide the health and fitness tracking features within Protokl. We will not disclose HealthKit data to any third party without your express consent, and even with consent, only for the purpose of providing a health or fitness service directly to you, or for health research with your explicit agreement.

No Selling of HealthKit Data

We do NOT sell any information obtained from HealthKit to advertising platforms, data brokers, information resellers, or any other third party.

No iCloud Storage of Health Data

Personal health information obtained from HealthKit is not stored in iCloud or any non-local cloud service. Health data is stored locally on your device using encrypted local storage.

How We Use Your Information

1. Core Fitness Tracking

• Track your daily health metrics and progress
• Log workouts, meals, sleep, and other protocol items
• Display historical data and trends

2. Personalized Recommendations

• Generate AI-powered meal recommendations based on your nutritional goals
• Create customized workout plans tailored to your fitness level
• Provide personalized fitness insights and suggestions

3. Progress Monitoring

• Calculate body composition forecasts using proprietary algorithms grounded in published physiological research
• Generate progress charts and analytics
• Track achievement of your fitness goals

4. Health Data Integration

• Sync data with Apple HealthKit to provide a unified view of your health information
• Read and write health metrics to keep your data synchronized

5. App Improvement

• Analyze usage patterns to improve features
• Fix bugs and optimize performance
• Develop new features based on user needs

Data Storage and Security

Local Storage

• Your health, fitness, and personal data is stored locally on your device
• This ensures your data remains private and accessible offline
• Local data is encrypted on your device
• Optional iCloud backup stores workout and profile data (not HealthKit data) in your personal iCloud account

Security Measures

• Industry-standard encryption protocols
• Secure authentication mechanisms
• Regular security audits and updates
• Access controls and data isolation

Third-Party Services

We integrate with the following third-party services:

• Apple HealthKit: To read and write health data with your explicit permission, as described in the HealthKit section above.
• RevenueCat: To manage subscription status. RevenueCat receives an anonymous app user ID and subscription transaction data from Apple. RevenueCat does not receive your health data. See RevenueCat's Privacy Policy.
• Firebase/Google Analytics: For anonymous crash reporting and usage analytics. No health data is transmitted to these services.

No Third-Party Sharing for Marketing

We do NOT sell your personal data to third parties, share your health data with advertisers, use your information for targeted advertising, or provide your data to data brokers.

Subscription Data

Payment processing for subscriptions is handled entirely by Apple through the App Store. We do not collect, store, or have access to your payment method details (credit card number, billing address, etc.).

We receive and store only your subscription status (active, expired, trial) via RevenueCat to manage access to premium features. If you cancel your subscription, your data remains on your device and accessible in the free tier of the app. We do not delete your data upon subscription cancellation.

Your Rights and Choices

• Access: View all data we have collected about you
• Correction: Update your profile information at any time
• Deletion: Delete specific data entries or request complete account deletion
• Consent: Control which permissions the app has (HealthKit, Camera, Location, Notifications) and revoke them at any time through your device Settings
• HealthKit Permissions: You can enable or disable individual HealthKit data types at any time via Settings > Health > Data Access & Devices > Protokl

Data Retention

• Active Use: Data is retained locally on your device as long as the app is installed
• App Deletion: Deleting the app removes all locally stored data from your device
• Data Export: You may export your data at any time by contacting us
• Subscription Cancellation: Your data is preserved on your device regardless of subscription status

Children's Privacy

Protokl is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

Health Disclaimer

Protokl is a fitness tracking tool and is NOT a medical device or medical service. The app does not provide medical advice, diagnosis, or treatment. Always consult with a qualified healthcare provider before starting any fitness program.

Data Controller

Ryan Luther is the data controller responsible for your personal data collected through Protokl. For any privacy-related inquiries, data access requests, or concerns about how your data is handled, please contact us using the information below.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy in the app and updating the "Last Updated" date.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

• Email: protoklapp@gmail.com

---

By using Protokl, you acknowledge that you have read and understood this Privacy Policy.