Privacy Policy

This Privacy Policy explains how MEDUSAPPS LTD ("we", "us", "our") collects, uses, and protects your information when you use the IRON TRACK application and website at iron-track.pro (the "App"). By using the App, you agree to the practices described below.

1. Who We Are

The App is operated by MEDUSAPPS LTD, a company registered in England and Wales (Company No. 17298962), with registered office at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom. We are the data controller responsible for your personal data.

2. Information We Collect

Information you provide

• Account information — when you sign up or log in using email, Google Sign-In, or Apple Sign-In, we receive your email address and a basic account identifier. We do not receive your password from Google or Apple.
• Profile and training data — such as body measurements, weight, height, calories and nutrition data, lifts logged, one-rep-max calculations, programs followed, and goals you enter.
• Cycle-related data (optional, women's mode) — any menstrual cycle information you choose to enter to enable cycle-synced training features.
• AI coach conversations — questions and messages you send to the in-app AI coach.
• Connected health & fitness sources (optional) — if you choose to connect them, we read data such as calories burned, activity, and related fitness metrics from Apple Health / Apple Watch, Google Fit / Health Connect, Fitbit, and Garmin. We only access this with your permission, and you can disconnect at any time.
• Contact details — such as your email address if you contact us for support.

Information collected automatically

• Device and usage data — such as device type, operating system, app version, language, and basic usage events needed to operate and improve the App.
• Local storage — we store your language preference and certain app settings locally on your device.

3. How We Use Your Information

• To provide core features: tracking lifts, calculating 1RM, delivering programs, and powering the real-time AI coach.
• To personalise training guidance, including cycle-synced recommendations where you have opted in.
• To maintain, secure, troubleshoot, and improve the App.
• To respond to your support requests and communicate with you.
• To comply with legal obligations.

4. Legal Bases for Processing

Where the UK GDPR applies, we process your data on the bases of: performance of our contract with you (to provide the App), your consent (for optional features such as cycle tracking), our legitimate interests (to improve and secure the App), and compliance with legal obligations.

5. Health and Sensitive Data

Cycle and certain fitness data may be considered health-related (special category) data. We only process this where you have given explicit consent by choosing to use the relevant features. You can stop using these features and delete the associated data at any time.

6. AI Coach Processing

Messages you send to the AI coach are processed to generate responses. We do not sell these conversations. We use reputable service providers to deliver AI functionality and apply appropriate safeguards to any data shared with them.

7. Connected Health & Fitness Devices

If you choose to connect a health or fitness source — such as Apple Health / Apple Watch, Google Fit / Health Connect, Fitbit, or Garmin — the App reads fitness data (for example calories burned and activity) only with your explicit permission, so it can be shown and used inside the App for your training. We honour the following commitments for this data:

• We use it solely to provide health and fitness features to you within the App.
• We do not use it for advertising or marketing, and we do not sell it.
• We do not share it with third parties except as needed to operate the App or where required by law.
• You can disconnect a source or revoke its permission at any time through your device or the App.

8. Sharing Your Information

We do not sell your personal data. We use trusted service providers who help us operate the App, including Google Firebase / Firestore (for secure cloud database and storage), Google and Apple (for sign-in authentication), and our AI infrastructure provider (to power the AI coach). These providers process data on our instructions under appropriate agreements. We may also disclose data where required by law.

9. International Transfers

Your data may be processed outside the United Kingdom or European Economic Area. Where this occurs, we rely on appropriate safeguards such as standard contractual clauses or adequacy decisions.

10. Data Retention

We keep your information for as long as you use the App or as needed to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. You may delete your data at any time as described below.

11. Your Rights

Depending on your location, you may have the right to access, correct, delete, restrict, or object to the processing of your data, to withdraw consent, and to data portability. To exercise these rights, contact us using the details below. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO).

12. Children's Privacy

The App is not intended for children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us data, please contact us so we can remove it.

13. Security

We use reasonable technical and organisational measures to protect your data. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date above, and where appropriate we will provide additional notice.

15. Contact Us