Data Safety
Summary
Intensiq collects only what is needed to run your training and recovery features. We do not sell your data. We do not use advertising trackers. You can export or delete your data at any time. Storage is on EU-region infrastructure.
Personal info we collect
Email address (account identification, transactional and product email). Optional display name. Collected: yes. Shared: no. Required: email is required to create an account.
Health and fitness data we collect
Workout logs you create in the app (exercises, weights, time-to-failure, dates), and — only if you explicitly import or connect them — heart rate, resting heart rate, HRV, sleep, weight, and body composition. Collected: yes. Shared: no. Optional: all health data is opt-in.
App activity we collect
In-app actions needed to deliver the product (e.g. last-active timestamp for inactivity reminders, page errors for diagnostics). Collected: yes. Shared: no. Optional: diagnostics can be disabled by signing out.
Device or other IDs
An authenticated session token in browser storage. No advertising IDs. No device fingerprinting. Collected: session token only. Shared: no.
Financial info
Payments for Pro subscriptions are processed by Stripe. Intensiq never sees or stores your full card number. Stripe stores billing data under its own privacy policy. Collected by Intensiq: subscription status and customer ID only. Shared: no.
Photos, videos, audio, files, location, contacts, messages, calendar, web history
Not collected. Set-recording video, if you opt in, stays on your device unless you explicitly upload a clip to your own private library; nothing is shared with other users.
Data shared with third parties
None for the purpose of advertising or analytics resale. Email delivery uses Resend (your email address is transmitted so the provider can deliver mail). Payments use Stripe (only the data required to process the transaction). Authentication and database hosting use Supabase / Lovable Cloud (EU-region).
Data is encrypted in transit
Yes. All traffic between the app and our backend uses HTTPS / TLS.
Data is encrypted at rest
Yes. The managed Postgres database encrypts data at rest, and storage buckets are encrypted by the provider.
Users can request data deletion
Yes. Sign in and use the in-app delete-account control, or email privacy@intensiq.fit. All personal data is removed within 30 days; backups are purged on rotation.
Users can request data export
Yes. Email privacy@intensiq.fit and we will return your workout logs and account data in JSON within 30 days.
Independent security review
The app follows the OWASP Mobile Top 10 checklist. No third-party penetration test has been published yet.
Children and families
Intensiq is not intended for users under 18 and is not part of the Designed for Families program.
Android permissions we request
INTERNET (required to sync data). POST_NOTIFICATIONS (optional, used only for training reminders you schedule yourself). Health Connect read permissions (optional, only if you turn on health-data import; reads steps, heart rate, workouts). The app does not request location, contacts, SMS, camera, or microphone for any required feature.
Contact
Privacy questions, deletion requests, data exports: privacy@intensiq.fit.