FlushFitFlushFitGet FlushFit
Legal

Privacy Policy

Last updated 2026-05-13

The short version:FlushFit is offline-first. We don't run servers, don't use analytics SDKs, and don't track you across apps or websites. Your data lives on your device and (optionally) in your private iCloud database. Apple and RevenueCat handle subscription billing — that's the only third party we touch, and only for receipt validation (see §5 below).

What we store on your device

  • Session timestamps (start, end, duration)
  • Your target duration and notification tone preference
  • Onboarding answers (gender, age range, lifestyle indicators) — used only to tailor the in-app comparison and notification copy
  • Achievements you've unlocked
  • (If you choose Sign in with Apple) An anonymous Apple-issued user identifier — stored locally to associate sessions with your iCloud. We never receive your name or email; Apple's Hide My Email is supported and the sign-in is fully optional

Where it lives

All of the above is stored in Core Data on your iPhone, iPad, or Apple Watch. If you have iCloud sync enabled in your Apple ID settings, the data is mirrored privately to your iCloud — encrypted in transit and at rest by Apple. We never see it. We do not run servers.

What we never collect

  • Your name or email (we have no server to send them to)
  • Your contacts, calendar, photos, or files
  • Your location, even approximate
  • Crash reports, analytics, behavioural data
  • Device identifiers (IDFA, IDFV, advertising IDs)

Subscriptions and billing (the one third party)

FlushFit offers an auto-renewing subscription through the App Store. Apple processes all payments — we never see your card details. To check whether you have an active subscription, the app talks to RevenueCat, a billing-receipt service that takes Apple's purchase receipt and tells the app “subscriber: yes / no”.

  • What RevenueCat receives: an anonymous Apple-issued user identifier and your purchase receipt
  • What RevenueCat does NOT receive: your name, email, location, contacts, session data, or any personal identifier
  • RevenueCat is contractually bound to the same no-advertising, no-resale data-handling principles we follow ourselves
  • RevenueCat's own privacy policy: revenuecat.com/privacy

Notifications

All notifications fire from your device. Nothing comes from a server. We use the iOS UserNotifications framework with local triggers. You can disable them at any time in iOS Settings → Notifications → FlushFit.

Apple Watch

If you use the FlushFit Apple Watch app, sessions started or ended on the Watch transfer to the iPhone via WatchConnectivity (Apple's encrypted local channel). They never leave your device pair.

Children

FlushFit is rated 16+ on the App Store (medical/health-related information) and is not directed at children. We do not knowingly collect data from anyone, including children.

Legal basis (for EU users)

Under the EU General Data Protection Regulation (GDPR), we process the limited data described above on the following legal bases:

  • Performance of a contract (Article 6(1)(b)) — your subscription is a contract; Apple and RevenueCat process billing on that basis
  • Legitimate interest (Article 6(1)(f)) — running the app on your device, syncing your own data to your own iCloud, and rendering local notifications fall under your legitimate interest in using the app
  • Consent (Article 6(1)(a)) — explicitly requested for notifications, iCloud sync, and optional Apple Sign-In; each can be withdrawn at any time in iOS Settings

Your rights (EU + UK)

Under GDPR (and the UK's equivalent), you have the right to:

  • Access — request the data we hold about you (we hold none on a server; everything is on your device, accessible via Settings → Data → Export)
  • Rectify — correct inaccurate data (edit directly in the app)
  • Erase — delete your data (Settings → Data → Delete Account in the app; or uninstall + disable iCloud)
  • Restrict / object — limit how we process your data (uninstall stops everything)
  • Portability — export your data (Settings → Data → Export as PDF / JSON)
  • Withdraw consent — at any time, in iOS Settings → FlushFit (permissions) or in-app Settings (Apple Sign-In, iCloud sync)
  • Complain to a supervisory authority — your national data-protection authority (e.g., CNIL in France, BfDI in Germany, AEPD in Spain, ICO in the UK)

Retention

Because all session data lives on your device, retention is fully under your control — your sessions are retained until you delete them (Settings → Data → Reset all data) or uninstall the app. RevenueCat retains anonymous subscription receipts for the lifetime of your subscription plus a short legal-records window required by Apple's receipt-validation framework; see RevenueCat's privacy policy for specifics.

Data export and deletion

Open Settings → Data → Export to receive a JSON file with every session you've logged. Tap “Reset all data” to wipe sessions, profile, and achievements from your device. Uninstalling the app removes everything from the device; if you also disable iCloud sync for FlushFit, the iCloud copy is deleted by Apple within their normal retention window.

Changes to this policy

If we ever change anything material, we'll bump the date at the top of this page and surface a notice in-app on the next launch. Because we collect nothing, future changes are likely to be cosmetic.

Contact

Questions: support@flushfit.app