Legal

Privacy Policy

Last updated: January 28, 2026

1. Introduction

Liftd ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website (liftd.ai), mobile application, and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

2. Information We Collect

2.1 Personal Information

We may collect personally identifiable information that you voluntarily provide when using our Service, including:

  • Name, email address, and contact information
  • Account credentials (username, password)
  • Billing information and payment details (processed securely via Paddle)
  • Gym business information (name, address, contact details)
  • Profile information (fitness goals, preferences)

2.2 Workout and Fitness Data

When you use our mobile app to track workouts, we collect:

  • Exercise logs (machines used, weights, repetitions, sets)
  • Workout history and personal records
  • Gym visit information and travel workout data
  • Rest timer preferences

2.3 Automatically Collected Information

When you access our Service, we automatically collect:

  • Device information (type, operating system, unique identifiers)
  • IP address and approximate location
  • Browser type and version
  • Usage data (pages visited, features used, time spent)
  • QR code scan data (machine identification, timestamps)

3. How We Use Your Information

We use the collected information for various purposes:

  • To provide, maintain, and improve our Service
  • To process transactions and manage subscriptions
  • To personalize your experience and provide AI-powered workout recommendations
  • To communicate with you about updates, support, and promotional offers
  • To provide gym owners with aggregated analytics and insights
  • To detect, prevent, and address technical issues and security threats
  • To comply with legal obligations

4. Information Sharing and Disclosure

4.1 With Gym Owners

If you use our app at a participating gym, we share aggregated and anonymized workout data with the gym owner to help them understand equipment usage patterns. Gym owners do not have access to your personal identity or individual workout details unless you explicitly choose to share them.

4.2 Service Providers

We may share your information with third-party service providers who perform services on our behalf:

  • Paddle - Payment processing
  • Supabase - Database and authentication
  • Google Analytics - Website analytics
  • Google Gemini - AI recommendation engine
  • Vercel - Website hosting

4.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication with password hashing
  • Regular security audits and vulnerability assessments
  • Access controls and employee training
  • Row-level security policies in our database

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. When you delete your account:

  • Personal profile data is deleted within 30 days
  • Workout history can be exported before deletion
  • Aggregated, anonymized data may be retained for analytics
  • Billing records are retained as required by law (typically 7 years)

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access - Request a copy of your personal data
  • Rectification - Correct inaccurate or incomplete data
  • Erasure - Request deletion of your personal data
  • Portability - Export your data in a machine-readable format
  • Restriction - Limit how we process your data
  • Objection - Object to certain processing activities
  • Withdraw Consent - Withdraw previously given consent

To exercise these rights, please contact us at privacy@liftd.ai.

8. GDPR Compliance (EEA Users)

If you are located in the European Economic Area (EEA), we process your personal data under the following legal bases:

  • Contract - Processing necessary to provide our Service to you
  • Legitimate Interests - To improve our services and communicate with you
  • Consent - For marketing communications and optional features
  • Legal Obligation - To comply with applicable laws

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your rights.

9. CCPA Compliance (California Users)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising your rights

We do not sell your personal information.

10. Children's Privacy

Our Service is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@liftd.ai.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, to protect your data during international transfers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Liftd

Email: privacy@liftd.ai

Website: liftd.ai

Terms of Service →Cookie Policy →Contact Us →