Privacy Policy

1. Who We Are & Scope

This Privacy Policy applies to the Aureus Fitness mobile application and any related web experiences (collectively, the "Service"). The Service is operated under the Aureus Fitness brand. For any questions about this Policy or your data, you can contact us at contact@aureus.com.

2. Information We Handle

We focus on performance training data, not selling your identity. Depending on how you use Aureus, we may handle:

• Account Information: Email address and authentication details when you sign up or log in (managed via our auth provider, such as Supabase).
• Training & Progress Data: Workouts, exercises, sets, reps, load, RPE, notes, goals, and related performance metrics.
• Body Metrics & Physique Data: Bodyweight and other self-entered stats. If you choose, you may upload or store physique photos for your own progress tracking.
• Device & Technical Data: Basic technical information (e.g. device model, OS version, in-app events) that may be required to operate the Service securely and reliably. We do not currently use invasive analytics tools.

3. How Your Data Is Stored

Aureus is designed with a local-first mindset:

• On Your Device: Training logs, notes, and related data are primarily stored locally on your device using secure storage technologies (such as databases like WatermelonDB / SQLite). This means we do not automatically see or control that data.
• Cloud Sync & Accounts: If you create an account or enable cloud backup/sync, certain data (like your email, profile, and training history) may be securely stored with our backend provider (e.g. Supabase) to provide backup, sync, and secure authentication.

We do not sell your personal data.

4. How We Use This Information

We use your information to:

• Provide and personalise your training experience.
• Calculate insights such as volume, estimated 1RM, strength trends, and progress visuals.
• Authenticate your account and keep your data securely associated with you.
• Maintain, protect, and improve the app’s stability, security, and user experience.

5. Subscriptions & Payments

If you purchase a subscription through the App Store, Play Store, or a third-party payment provider (such as Stripe in the future), your payment details are processed directly by those platforms. We do not store your full credit card number.

We may receive limited billing-related information (e.g. a transaction ID or subscription status) solely to activate and manage your access to premium features.

6. AI Features & No Medical Advice

Aureus may provide training suggestions, auto-generated programs, or insights powered by algorithms or AI. These outputs are for informational and educational purposes only.

They do not constitute medical, nutritional, or professional health advice. Always consult a qualified healthcare or fitness professional before making significant changes to your training, diet, or lifestyle.

7. Sharing Your Information

We do not sell your personal data.

We may share limited data with trusted service providers who help us operate the Service (for example, authentication, secure cloud storage, or payment processing), strictly for the purpose of providing these functions. These providers are required to handle your data securely and in line with this Policy.

We may also disclose information if required by law, to protect our rights, or in connection with a merger, acquisition, or similar corporate event.

8. Security

We use reasonable technical and organisational measures to protect your information from unauthorised access, loss, misuse, or alteration. No system is perfectly secure, but we design Aureus with privacy and security as core principles.

9. Your Choices & Data Control

Depending on your location, you may have rights to access, update, or delete certain information. In practice, you can:

• Edit or delete your training data directly in the app.
• Delete physique photos or notes you no longer wish to keep.
• Request assistance or account deletion by emailing contact@aureus.com.

10. Children's Privacy

Aureus is intended for users aged 16+ (or the age of digital consent in your region). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us so we can take appropriate action.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we do, we will update the "Last updated" date below. For material changes, we may provide an in-app notice.

Last updated: 11 November 2025