Legal Document

Privacy Policy

📅 Effective: March 26, 2026🏢 supsync.app

Plain-English Summary

We collect your health and fitness data to power SyncOS's adaptive recommendations. We never sell your data. You can delete your account and all associated data at any time.

01Who We Are

SyncOS is a wellness intelligence platform operated by supsync.app ("we," "us," or "our"). Our platform — accessible at supsync.app — connects your training, nutrition, and supplement data into a single adaptive recommendation engine.

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use SyncOS. By creating an account or using the platform, you agree to the practices described here.

For questions or concerns, contact us at: privacy@supsync.app

02Information We Collect

2.1 Information You Provide Directly

  • Account information: Name, email address, password
  • Profile information: Training age, experience level, primary fitness goal, body weight, height
  • Training data: Workout logs, exercise selections, sets, reps, weights, and training phases
  • Nutrition data: Food logs, macro and calorie targets, meal timing
  • Supplement data: Products in your stack, dosages, timing, and custom supplement entries
  • Custom library items: Custom exercises, foods, and supplement products you create
  • Billing information: Processed securely by our payment processor; we do not store full card numbers

2.2 Information Collected Automatically

  • Usage data: Pages viewed, features used, session duration, click patterns
  • Device data: Browser type, operating system, device type, screen resolution
  • Log data: IP address, access timestamps, error logs
  • Cookies: Session cookies, preference cookies, and analytics tokens (see Section 8)

2.3 Health-Related Data

SyncOS collects data that may constitute health-related information, including training loads, nutritional intake, supplement usage, and recovery markers. We treat this category of data with heightened care and use it solely to provide and improve the SyncOS service.

03How We Use Your Information

PurposeData Used
Powering the adaptive recommendation engineTraining logs, nutrition data, supplement stack, profile
Generating phase-matched macro targetsTraining phase, goal, body weight, activity level
Supplement stack auditing and redundancy detectionSupplement products and dosages
Personalizing your experienceUsage patterns, feature preferences
Sending transactional emailsEmail address
Processing payments and managing subscriptionsBilling information (via payment processor)
Preventing fraud and ensuring securityIP address, device data, log data
Improving the platform and fixing bugsAnonymized usage data and error logs
Legal complianceAs required by applicable law

Marketing

We will only send you product-related communications (updates, new features, tips) if you opt in. You can unsubscribe at any time using the link in any email we send.

04How We Share Your Information

We do not sell your personal data. We share your information only in the following circumstances:

4.1 Service Providers

  • Payment processing: Stripe (billing and subscriptions)
  • Cloud infrastructure: Supabase (database and auth), Vercel/Replit (hosting)
  • Email delivery: Transactional email service providers

4.2 Legal Requirements

We may disclose your information if required to do so by law, court order, or to protect the rights, property, or safety of supsync.app, our users, or others.

4.3 Business Transfers

If supsync.app is involved in a merger, acquisition, or asset sale, your information may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.

05Data Storage & Retention

Your data is stored on servers located in the United States. If you are accessing SyncOS from outside the United States, please be aware that your data will be transferred to and processed in the U.S.

We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or compliance purposes (e.g., billing records for up to 7 years as required by tax law).

06Security

We implement industry-standard technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit using TLS/HTTPS
  • Encryption of sensitive data at rest
  • Row-level security (RLS) policies — your data is accessible only to your authenticated session
  • Access controls limiting employee access to personal data
  • Regular security reviews and vulnerability assessments

Limitation

No method of transmission or storage is 100% secure. While we take strong precautions, we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at security@supsync.app.

07Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your account and personal data ("right to be forgotten")
  • Portability: Request your data in a portable, machine-readable format
  • Restriction: Request that we limit processing of your data in certain circumstances
  • Objection: Object to processing based on legitimate interests or for direct marketing
  • Withdrawal of consent: Withdraw consent where processing is based on consent

To exercise any of these rights, email privacy@supsync.app. We will respond within 30 days. We may need to verify your identity before fulfilling your request.

Account Deletion

You can delete your account directly from Settings → Account → Delete Account. This initiates full data removal within 30 days.

08Cookies & Tracking

TypePurposeDuration
EssentialAuthentication, session management, securitySession / 30 days
FunctionalRemembering preferences and settings1 year
AnalyticsAnonymized platform usage and performance monitoring90 days

We do not use advertising or third-party tracking cookies. You can manage cookies through your browser settings, though disabling essential cookies may affect platform functionality.

09Children's Privacy

SyncOS is not directed at children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you believe a child has created an account, please contact us at privacy@supsync.app and we will promptly delete the account and associated data.

10Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email and/or a prominent notice on the platform at least 14 days before the changes take effect. Your continued use of SyncOS after that date constitutes acceptance of the updated policy.

11Contact Us

For privacy-related questions, data requests, or concerns:

Data Controller

supsync.app

Privacy Email

privacy@supsync.app