← Back to Home

Privacy Policy for the Hyprog iOS App

1. Data Controller

The data controller responsible for processing your personal data under the General Data Protection Regulation (GDPR) is:

Lukas Möller
c/o POSTFLEX PFX-083-616
Emsdettener Straße 10
48268 Greven, Germany
Email: support@hyprog.app

2. Core Principle: Local Storage and Apple CloudKit

Your privacy is our highest priority. We do not operate our own servers to store your personal profiles or health data. All fitness and body data collected within the app is stored exclusively locally on your device and within your private Apple iCloud database (CloudKit). We do not have access to this data at any time.

3. Apple Health (HealthKit) Integration

Our app integrates with Apple's HealthKit framework (Apple Inc., 1 Cupertino, CA 95014, USA) to provide you with a seamless fitness experience.

  • Reading Data: With your explicit consent, we read data such as calories burned, heart rate, pace, weight, and waist circumference from Apple Health to display and analyze them within the app.
  • Writing Data: With your consent, we save completed workouts and manually entered body measurements directly to your Apple Health app.

STRICT HEALTHKIT DATA USAGE POLICY: We guarantee that data collected from Apple HealthKit will never be used for marketing, advertising, or similar use cases. We do not sell this data to data brokers or share it with third parties. Processing is strictly limited to providing the app's core functionality based on your consent (Art. 6 (1) (a) GDPR). You can revoke these permissions at any time in your iOS "Health" settings.

4. Analytics with PostHog (Anonymized)

To detect bugs, fix crashes, and understand which features of our app are used, we use the analytics service PostHog.

  • Data Minimization: We have configured PostHog to anonymize your IP address before storage (IP masking). Absolutely no health data, text inputs, or personal profiles are sent to PostHog.
  • EU Hosting: The collected anonymized telemetry data (e.g., app launches, button clicks) is hosted on servers located within the European Union.

The legal basis for this is our legitimate interest in the stability and improvement of the app (Art. 6 (1) (f) GDPR) or your consent, if obtained via the app tracking dialog (Art. 6 (1) (a) GDPR).

5. In-App Purchases and Subscriptions (RevenueCat)

We use RevenueCat (RevenueCat, Inc., USA) to manage in-app purchases and subscriptions. RevenueCat does not process any health data. It only processes an anonymous App User ID, purchase tokens, and your purchase history (which subscription was purchased and when) to unlock premium features for you. The legal basis for this is the performance of a contract (Art. 6 (1) (b) GDPR).

6. Contact and Support

If you contact us via email, we will store your email address and the content of your message solely for the purpose of processing your request. This data will be deleted once your inquiry has been fully resolved.