Start for Free

StrongerAI — Privacy Policy

Effective Date: November 18, 2025

This Privacy Policy explains how StrongerAI, Inc. (“StrongerAI,” “we,” “us,” or “our”) collects, uses, discloses, and protects your personal data when you use our website https://strongerai.app (the “Website”) and our StrongerAI mobile application (the “App,” and together with the Website, the “Services”). It also describes your privacy rights and how to exercise them.

If you do not agree with this Policy, do not use the Services.

1. Personal Data We Collect

A. Data you provide

  • General details. Name, email, age, account credentials, subscription tier, transaction history. You may optionally provide gender.
  • Communications. If you contact support, we process your name, contact info, and message content.
  • Profile photo. Optional account photo you upload.
  • Social media interactions. When you interact with our pages (e.g., Instagram), we receive the personal data you provide there and may receive aggregated page analytics from the platform.
  • Health & fitness inputs. Weight, height, BMI, body measurements, workout habits, injuries/limitations, goals, and other wellness information you choose to enter.
  • Connected health sources (with your consent). You may sync third-party services (e.g., Apple HealthKit or Google Health Connect) so we can import activity/health data such as workouts, weight, height, BMI, calories, heart rate, steps/distance, and (if applicable) menstrual cycle data. Importing is governed by Apple/Google policies in addition to this Policy.
  • AI Assistant conversations. We store your in-app AI chats to operate core features, provide context, and (only if you opt in) improve models/features (see Section 2 and 11).
  • Body Scan photos. To generate Body Scan/composition reports, you may upload photos. See Section 1C and Section 5 for retention and opt-out controls.

B. Data collected automatically

  • Log data. IP address, browser/app type, timestamps.
  • Usage details. Features used, actions in the Services, time zone, country/region, session times, OS info.
  • Device information. Device model, OS version, unique device identifiers.
  • Workout movement markers (on-device first). During certain features we detect key points (“dots”) on your image/video on your device to give form feedback. After a session we may store only the key-point coordinates (not the video) to validate screen fit and improve accuracy. In some jurisdictions, these markers may be considered biometric data. We delete them once the improvement/validation purpose is met.
  • AI Body Scan signals. If you request a composition report, we analyze your photos (e.g., pose, orientation, topology) strictly to produce the report. By default we delete photos and derived signals immediately after generating the report; you can opt in to allow storage for up to one (1) month to improve accuracy (see Section 5 & 11).
  • In-app purchase metadata. Purchase and subscription details (time, product, currency) from Apple/Google/our payments partner(s).
  • Cookies/SDKs. We use cookies and similar technologies on the Website and SDKs in the App to operate, secure, measure, and improve the Services (see Section 10).

C. Data from other sources

We may receive data from trusted partners for security/fraud prevention, analytics/attribution, and customer support. Examples include anti-fraud services, crash analytics, and attribution/measurement partners.

All of the above are “personal data” for purposes of this Policy.

2. How We Use Personal Data (Purposes)

We process personal data to:

  • Provide and maintain the Services. This includes personalized programs, AI Assistant, Body Scans, and core account features.
  • Improve the Services and develop new features and conduct research/analytics (see Section 11 for your choices).
  • Age gating. Verify you meet our minimum age.
  • Support & communications. Respond to inquiries and provide customer support.
  • Service messages. Send transactional, security, and policy update messages.
  • Marketing (with consent where required). Send product news, tips, and promotions. You may opt out at any time (Section 11).
  • Cross-platform onboarding. Integrate Website ↔ App data to streamline signup and sign-in.
  • Look-alike/advertising audiences (non-health data, with consent where required). We may share limited non-health data with advertising/attribution partners to find people with similar interests to our users.
  • Security and abuse prevention. Detect, prevent, and respond to fraud, abuse, and security incidents.
  • Legal compliance and protection. Enforce terms and comply with applicable law.
  • De-identify/aggregate. Create de-identified or aggregated insights for research, analytics, and product improvement. We do not attempt to re-identify unless required by law.

We do not sell your personal data for money. We also do not use Apple HealthKit or Google Health Connect data for advertising, nor sell such data to advertising platforms, data brokers, or resellers.

iOS refunds note. If you request a refund via Apple, we may share limited usage data with Apple to help evaluate the request, consistent with Apple’s policies.

3. Legal Bases (EU/EEA/UK/Switzerland)

For individuals in the EU/EEA, UK, and Switzerland, we rely on the following legal bases:

  • Contract necessity. To provide core Services/features you request (e.g., personalized plans, AI Assistant, Body Scans).
  • Consent. For health/wellness data, Body Scan photo storage beyond immediate report generation, model/feature training using your data, certain marketing, cookies/SDKs (where required), and look-alike audiences.
  • Legitimate interests. Service improvement, analytics, support, security (where not mandated by law), onboarding, and research—balanced against your rights.
  • Legal obligation. Compliance, safety, security, and responding to lawful requests.

4. U.S. State Disclosures (e.g., CA, CO, CT, UT, VA)

Some states grant rights to know/access, correct, delete, opt out of sale and sharing (including cross-context behavioral advertising), and limit use of sensitive data. Where we engage in “sharing” or “targeted advertising,” you may opt out (Section 11). We do not sell personal data for monetary consideration.

We process and disclose the following categories of data, as defined by some state laws:

  • Identifiers (e.g., name, email, IP, device IDs): collected from you/automatic; used for Service delivery, security, support, analytics, marketing (with consent where required); disclosed to service providers and, where applicable, to ad/measurement partners for cross-context behavioral advertising (opt-out available).
  • Protected classification data (e.g., gender if provided): from you; used for personalization/analytics; disclosed to service providers.
  • Commercial data (purchases/subscriptions): automatic/from app stores; used for account, billing, analytics; disclosed to payments, subscription, and fraud-prevention providers.
  • Network activity (app/website interactions, analytics): automatic; used for performance, security, personalization; disclosed to analytics/measurement providers.
  • Geolocation (coarse) (e.g., country/state from IP): automatic; used for localization, tax, compliance, analytics; disclosed to service providers.
  • Visual data (Body Scan photos you upload): from you; used for reports and (if you opt in) model improvement; disclosed to secure processing/hosting providers only.
  • Inferences (e.g., preferences/segments): from usage and inputs; used for personalization and analytics; disclosed to service providers.
  • Sensitive data (health/wellness; body metrics; movement key-points): collected with consent; used for core features and safety; disclosed to service providers; not used for advertising.

Shine the Light (CA). We do not disclose personal data to third parties for their own direct marketing.

5. Retention

  • Account data. Kept while your account is active and as needed for the purposes described (e.g., legal, security, fraud prevention, accounting).
  • If you deactivate. We retain minimal data for up to one (1) month to support reactivation, plus limited records needed for legal, tax, and audit obligations (e.g., purchase records, consent logs, communications).
  • Body Scan photos.
    • Default: Deleted immediately after generating your report.
    • If you opt in to improvement: Stored up to one (1) month, then deleted. You can opt out at any time (future photos will not be used).
  • Workout movement key-points. Deleted as soon as validation/improvement purposes are satisfied.
  • De-identified/aggregated data. May be kept indefinitely, without re-identification.

6. Your Privacy Rights

Your rights vary by location and may include: access, correction, deletion, portability, restriction, objection (including to direct marketing), withdrawal of consent, and the right to lodge a complaint with a supervisory authority.

  • EU/EEA/UK/Swiss users: You can exercise the above GDPR rights; you can find your data protection authority (DPA) online (link to be provided by StrongerAI).
  • US state residents: You may request access, correction, deletion, and opt out of sale/sharing/targeted advertising. For appeals of a denied request (if applicable), contact us (Section 14).

How to exercise:

We may verify your request and, where permitted, respond within one month (or the timeframe required by local law). You may also use an authorized agent (with proper authorization and identity verification).

7. Security

We implement reasonable and appropriate technical and organizational measures to protect your personal data, including:

  1. Encryption in transit and at rest
  2. Vulnerability scanning and periodic penetration testing
  3. Access controls and data integrity safeguards
  4. Vendor due diligence and contractual protections
  5. Incident response processes

No system is perfectly secure. If we learn of a breach affecting your data, we will act promptly and notify you and/or regulators as required by law. To report a security issue, contact security@strongerai.app (or another address we may specify).

8. Children

The Services are not directed to children under 18. If you learn a child under 18 is using the Services, contact support@strongerai.app and we will take appropriate steps to delete the data and/or the account.

9. How We Share Personal Data

We share personal data only as described below:

  • Service providers (processors). Companies that host, process, and support the Services under our instructions (e.g., cloud hosting, analytics, crash reporting, messaging, support, payments/subscriptions, fraud prevention, AI infrastructure).
  • Affiliates. For operations consistent with this Policy.
  • Advertising/attribution partners. Limited non-health data for consented look-alike/measurement or cross-context behavioral advertising (opt-out available; see Section 11).
  • Legal/safety. To comply with law, enforce terms, or protect rights, privacy, safety, or property.
  • Corporate transactions. In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets (with protections consistent with this Policy).
  • With your direction/consent.

We remain responsible for our processors’ handling of personal data under applicable law and maintain appropriate contracts (e.g., data processing agreements).

Common provider categories (examples; to be customized as needed):

  • Infrastructure & security: AWS / GCP / Azure (choose); BLANK
  • Auth/identity: BLANK
  • Analytics/measurement: BLANK (e.g., product analytics, crash logs)
  • Attribution: BLANK (e.g., AppsFlyer)
  • Messaging (email/push/in-app): BLANK
  • Customer support: BLANK
  • AI infrastructure/models: OpenAI, LLC (USA) (or BLANK if different), BLANK
  • Payments: Apple Inc., Google LLC, Stripe, Inc., Adyen N.V. (adjust), BLANK
  • Subscriptions: RevenueCat, Inc. (if used), BLANK

10. Cookies, SDKs, and Similar Technologies

We and our providers use cookies (Website) and SDKs (App) to operate, secure, measure, and improve the Services.

Cookie types (Website):

  • Strictly Necessary (cannot be disabled in our systems)
  • Performance/Analytics (measure usage, detect errors, test designs)
  • Marketing (reach users and measure campaigns — never using health data)

SDK purposes (App):

  • Performance, crash reporting, diagnostics
  • Attribution/measurement (with consent where required)
  • Messaging and in-app communications
  • No third-party ads are shown in the App.

Your choices:

  • Manage cookie preferences via our cookie banner (Website) and your browser settings.
  • Manage mobile permissions and ad IDs in your device settings (IDFA/AAID).
  • Opt out of certain cross-app advertising via DAA/NAI tools (where available).
  • Contact support@strongerai.app for EU/UK/US opt choices about cookies/SDKs.

Some features may not function if you disable certain cookies/SDKs.

11. Your Choices & Controls

  • Marketing emails: Click “Unsubscribe” in any marketing email.
  • Push notifications: Disable in your device’s OS settings.
  • Body Scan improvement opt-in/out: Toggle in App settings or email support@strongerai.app.
  • Model/feature training: We only use your identifiable data for training if you opt in. You can withdraw any time; future data will not be used for that purpose.
  • Cross-context behavioral advertising / “sharing”: Opt out via in-app settings (if available) or email privacy@strongerai.app.
  • Apple HealthKit / Google Health Connect: You can stop sharing via your device settings; we do not use such data for ads.

12. International Data Transfers

Where personal data is transferred outside your jurisdiction (e.g., to the United States), we implement appropriate safeguards, such as:

  • EU/EEA: European Commission Standard Contractual Clauses (SCCs), plus supplementary measures where appropriate.
  • UK: IDTA or UK Addendum to SCCs.
  • Swiss: SCCs adapted for Switzerland.

You may request a copy of relevant transfer safeguards by contacting us (Section 14).

13. Changes to This Policy

We update this Policy from time to time. The “Effective date” at the top shows when it last changed. If a change materially affects your rights or introduces new purposes not reasonably expected, we will obtain consent where required or provide prominent notice.

Historic versions (if applicable) may be linked here.

14. Contact Us

Controller: StrongerAI, Inc., Registered address: BLANK

Team: team@strongerai.app

Annex A — Legal Bases Matrix (Quick Reference)

Purpose Data categories Legal basis
Provide/maintain Services (plans, AI, Body Scans) General, Profile Photo, Health/Wellness, AI Chats, Log/Usage/Device, Cookies/SDKs, Purchases Contract; Consent for health & scans
Improve & research General, De-identified AI chats, (optional) Body Scan photos, Log/Usage/Device, Key-points, AI Scan info, Cookies/SDKs, Partner data Legitimate interests; Consent for Body Scan storage/training
Age gating General Contract
Support & responses General, Communications, Social, Log/Usage/Device Legitimate interests
Service messages General, Communications, Log/Usage/Device Legal/contract
Marketing General, Communications, Social, Log/Usage/Device Consent where required
Onboarding Web↔App General, Log/Usage/Device Legitimate interests
Look-alike audiences General, Log/Usage/Device (no health) Consent (where required)
Security & abuse General, Communications, Social, AI Chats, Log/Usage/Device, Purchases, Cookies/SDKs Legal obligation / Legitimate interests
Compliance/protection As necessary Legal obligation / Legitimate interests
De-identify/aggregate Health/Wellness, Usage, Partner data Legitimate interests

Annex B — Provider Appendix Template (Fill In)

Keep this up to date on your site or as a linked PDF.

  • Infrastructure/Hosting — BLANK (region: BLANK)
  • Auth/Identity — BLANK
  • Analytics/Measurement — BLANK
  • Attribution — BLANK (opt-out link: BLANK)
  • Crash/Performance — BLANK
  • Messaging (email/push/in-app) — BLANK
  • Support Desk — BLANK
  • AI Infrastructure/Models — OpenAI, LLC (or BLANK)
  • Payments — Apple, Google, Stripe, Adyen (edit as needed)
  • Subscriptions — RevenueCat (if used)
  • Fraud/Trust & Safety — BLANK

Annex C — Apple HealthKit & Google Health Connect

  • Data from these frameworks is used only to provide or improve health/fitness features in the App.
  • We do not use such data for marketing/advertising or sell it to third parties.
  • You may stop sharing at any time in your device settings.

Plain-English Highlights (non-binding)

  • We only keep Body Scan photos long-term if you opt in (max 1 month).
  • Movement “dots” are stored without your workout video and are deleted once no longer needed.
  • Health data is consent-based, never for ads.
  • You can opt out of cross-context ads and withdraw training/improvement consent at any time.