Privacy Policy

Effective date: April 05, 2026

This Privacy Policy explains how Synergym (“we”, “us”, “our”) collects and uses personal data when you use synergym.fit (the “Service”). We are committed to complying with the EU General Data Protection Regulation (GDPR).

Who we are (Data Controller)

Synergym is the data controller for the processing described in this policy. Contact: privacy@synergym.fit

Data we collect

  • Account data: email address, password (stored in hashed form).
  • Authentication data: login/session identifiers and, if you sign in with Google, OAuth identifiers (e.g., provider and user ID) and basic profile information returned by Google (such as email and name).
  • Workout data: workout logs containing sets and reps recorded in the Service.
  • Technical data: basic device/browser information and IP address as part of standard server logs.

How we use your data (purposes)

  • To provide and operate the Service (create accounts, authenticate users, store and display workout logs).
  • To allow trainers to view workout logs for athletes they are connected with in the Service.
  • To maintain the security and reliability of the Service (fraud prevention, troubleshooting, and performance monitoring).

Legal bases (GDPR)

  • Contract (Art. 6(1)(b)): processing required to provide the Service you request (account and workout log functionality).
  • Legitimate interests (Art. 6(1)(f)): keeping the Service secure and preventing abuse.
  • Consent (Art. 6(1)(a)): where required, such as accepting this Privacy Policy and consenting to non-essential cookies/analytics.

Where your data is stored

The Service is hosted on Heroku. Data is stored in infrastructure operated by our hosting providers and their subprocessors. We take reasonable measures to protect data in transit and at rest.

Third-party services

  • Google OAuth: if you choose “Continue with Google”, Google processes authentication and shares certain profile data with us. Your use of Google services is governed by Google’s own terms and privacy policy.

How long we keep your data

We keep your personal data for as long as your account is active, or as needed to provide the Service. You can delete your account at any time, which will remove your account and associated data from the Service (subject to limited technical backups).

Your rights (EEA/UK)

Depending on your location, you may have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time (where processing is based on consent)

To exercise these rights, contact us at privacy@synergym.fit. You also have the right to lodge a complaint with your local data protection authority.

Cookies

We use cookies for essential functionality (for example, keeping you signed in) and may use basic analytics to understand usage and improve the Service. You can accept cookies/analytics using the banner shown on your first visit.

Changes to this policy

We may update this Privacy Policy from time to time. We’ll post the updated version on this page and update the effective date.

We use cookies for essential functionality and basic analytics to understand usage and improve Synergym. By clicking “Accept”, you consent to this use.