Reps AI – Privacy Policy

Last Modified: 25 May 2026

This Privacy Policy (“Policy”) describes how we collect, share, and use your personal information, as well as how to exercise your privacy rights and choices.

Scope

This Policy applies to Reps AI’s platform, including the related mobile applications, products, websites, technology, software, and services (collectively, the “Services”). Please also read our Terms of Service available at https://repsai.fit/terms (“Terms”), which set out the terms governing the Services. As used in this Policy, the words “Reps AI,” “us, ” “our,” or “we” means Reps AI Pte. Ltd. Under this Policy, Reps AI acts as a data controller or “business” for the personal information we process. This means we decide how to collect and process personal information.

Information We Collect

Information You Provide

Account Information: We collect account information such as your name, email address, year of birth, gender, and password. If you sign in with Google or Apple, we receive your name and email address from those providers in place of a password.
Profile Information: We collect information you provide about yourself, such as your weight, height, fitness goals, and level of experience.
Support Information: We collect the information you provide in connection with requests for support.

Information From Using the Services

Workout and Chat Content: We store the workout content you log (exercises, sets, reps, weights) and your AI chat conversations as part of your private workout history. This content is associated with your account and is not shared publicly or with other users.
Push Notifications:If we enable push notifications in the future, we will request your permission first. You can opt out at any time in your device’s settings. We do not currently send push notifications.
Activity Data: “Activity Data” is information about the workouts you record in Reps AI, such as exercises performed, sets, reps, weight lifted, and workout duration.
Performance Metrics: We generate metrics from your information to help you analyze your performance.
Server Logs: Our backend service provider (Supabase) records technical request logs such as timestamps, the endpoint accessed, and HTTP status codes for security monitoring and operational purposes. We do not collect device advertising identifiers (such as IDFA on iOS), do not use cookies, and do not run third-party advertising or analytics SDKs in the mobile application.
Subscription Information: If you purchase a subscription, we receive transaction details (such as product purchased, purchase date, transaction ID, and subscription status) from Apple via our subscription management provider (RevenueCat). We do not collect your payment card information; all payment processing is handled directly by Apple, and your card details are never visible to us.
Voice Recordings: When you use voice input to log a workout or interact with AI features on Reps AI, audio is recorded on your device and transmitted to OpenAI for transcription. Audio is not stored on our servers; only the resulting transcribed text is retained as part of your workout history. We do not use voice recordings for biometric identification.

Information From Other Sources

Authentication Providers: When you sign in with Apple or Google, we receive your name and email address from those providers (or a private relay address if you have Apple’s “Hide My Email” enabled).

Microphone and Audio Data

Microphone access is a sensitive permission. We ask for it prior to you using the voice feature to log a workout or interact with AI features on Reps AI. We do not listen passively or record in the background. When you use this feature, your audio is transmitted to OpenAI for transcription. Please see the “How OpenAI Processes your Audio” section below for further information.

Why We Need It: Reps AI requests microphone access solely to enable you to use the voice feature to log a workout and/or interact with AI features on Reps AI.
What We Record: Audio is captured only while you are actively using the voice feature indicated by the green recording indicator.
Where Processing Happens: Audio is encrypted and transmitted over Transport Layer Security (TLS) to OpenAI’s API servers in the United States for processing. We do not process voice recordings on our own servers. Please see the “How OpenAI Processes your Audio” section below for what OpenAI does with this data.
Revoking access:You can revoke microphone permission at any time in your device’s Settings app under Reps AI (on iOS) or in Settings → Apps → Reps AI → Permissions (on Android). This disables the voice feature but does not affect other Reps AI features.

How OpenAI Processes Your Audio

We use the OpenAI API (operated by OpenAI, L.L.C., 3180 18th Street, San Francisco, CA 94110, USA) to transcribe and/or process voice recordings. The disclosures below are based on OpenAI’s current API data policies.

Model Training:OpenAI does not use data submitted via its API to train or improve its models by default. Unless we explicitly opt in to share data, your audio recordings are not used to train OpenAI’s models. Please see OpenAI’s data use policy.
Retention by OpenAI (Abuse Monitoring Logs): By default, OpenAI retains API inputs and outputs — including audio sent to the API — in abuse monitoring logs for up to 30 days to enforce its usage policies. Such data is deleted after 30 days, unless a longer period is required by law.
Standard API: We use the standard OpenAI API. Your audio may be retained by OpenAI for up to 30 days for abuse monitoring, after which it is deleted.
OpenAI’s Own Privacy Policy: OpenAI processes your data as a sub-processor acting on our behalf, subject to a Data Processing Agreement. You can review OpenAI’s privacy practices at openai.com/policies/privacy-policy. For data rights requests relating to data held by OpenAI, contact us at [email protected] and we will coordinate with OpenAI on your behalf.

How We Use Your Information

To Provide the Services

Create and Update Your Account: We process information, such as your Account Information and Profile Information, to create and update your account.
Process Your Subscription: We process information to manage your subscription.
Record Your Activities and Analyze Your Performance: We process your Activity Data and other information to help you record and analyze your performance. For example, we may compare your past efforts or help you set goals for training.
Customize Your Experience: We use information to personalize your experience. For example, we may suggest workouts, exercises, or new features based on your training history.
Provide AI Features:We use and develop machine learning (“ML”) and artificial intelligence (including large language models) (“AI”) to provide features designed to enhance your training and improve the Services (“AI Features”). AI Features include, for example, protecting the integrity and security of our Services, or providing personalized training guidance. Depending on your privacy controls and sharing permissions, we also may use personal information such as health information for AI Features, for example, to provide you with training analysis and recommendations.
Visualize Your Activities: We use information to visualize your activities, such as creating charts and summaries from your training log or performance metrics.
Contact You About the Services: We may contact you about material changes to our Terms, when investigating alleged violations of our Terms, or with customer support messages.

To Assist You with a Request

We use information to provide support in response to your requests and comments. Depending on your request, this may require us to access your account (for example, to troubleshoot or replicate a reported issue).

To Analyze and Improve Our Services

Services Improvement: We use information about how the Services are functioning (such as server logs and crash reports) to analyze, develop, troubleshoot, increase functionality, and otherwise improve the Services. We do not use third-party analytics SDKs in the mobile application.
AI Development: We may use aggregated, de-identified information to evaluate and improve the quality, reliability, and accuracy of our AI features. We do not share your personal information with OpenAI or any other model provider for the purpose of training their models.

Marketing Communications

Reps AI is a subscription-based service and does not display advertisements or sponsored content. If we send service-related emails (such as confirmation of a subscription, security notices, or product updates), you may opt out of non-essential messages via the unsubscribe link in the email or by contacting us. We do not share your information with advertising networks or advertising partners.

To Protect You, Others, and the Services

We aim to protect users, enforce our Terms and promote safety. We use automated tools, device information, log files, and other information for these purposes. For example, we seek to detect misuse and bad actors, and to remove content that violates our Terms, such as hate speech or spam. We reserve the right to review accounts and user actions to ensure compliance with our Terms, and we can suspend or terminate accounts as a result. We may also process your information when we believe it is necessary to prevent serious harm.

To enhance safety and privacy for our younger users, we use your age to help confirm that an athlete is old enough to use Reps AI, and to help provide an age-appropriate experience.

To Conduct Public Interest Research

We may process information for research aimed at improving public safety, health, or wellbeing.

To Manage Legal and Regulatory Obligations

We may use information to manage or respond to demands or obligations related to the law, government entities, or other regulatory bodies with respect to the Services.

How We Share Your Information

We may share your information as follows:

Service Providers

We may share your information with third parties to support, improve, promote, and secure the Services; process payments; or fulfill orders. These service providers only have access to the information necessary to perform specified functions on our behalf. We require them to protect and secure your information.

OpenAI:We send voice recordings, workout descriptions, and limited training history to OpenAI’s APIs. Voice audio is processed for transcription only and may be retained by OpenAI for up to 30 days for abuse monitoring, after which it is deleted. Per OpenAI’s API terms, OpenAI does not train models on data submitted through their API. OpenAI acts as a data sub-processor. We have entered into a Data Processing Agreement with OpenAI that requires it to protect your data, use it only for stated purposes, and comply with applicable privacy law including GDPR.
Supabase:Our database, authentication, and serverless function provider. All workout data, account information, and authentication tokens are stored on Supabase’s infrastructure under their security controls.
Google:If you choose to sign in with Google, we use Google Identity Services to authenticate you. Google provides us with your name and email address. Your interactions with Google are governed by Google’s Privacy Policy at policies.google.com/privacy.
Apple:If you choose to sign in with Apple, we use Sign in with Apple to authenticate you. Apple provides us with your name (if shared) and a verified email address (which may be a private relay address). Your interactions with Apple are governed by Apple’s Privacy Policy at apple.com/legal/privacy.

Advertising Partners

We do not share your personal information with advertising networks, advertising partners, or data brokers. Reps AI does not display third-party advertisements, and we do not use your information for cross-app or cross-site behavioral advertising.

Corporate Affiliates, Subsidiaries, and Acquirers of Our Business or Assets

We may share your personal information with our corporate family of companies, including affiliates and subsidiaries. Our subsidiaries may process that information under their own Privacy Policies.

If Reps AI becomes involved in a business combination, acquisition, securities offering, bankruptcy, reorganization, dissolution, or other similar transaction, we may share or transfer your information in connection with such transaction.

Legal Requirements and Prevention of Harm

We may preserve and share your information with third parties, including law enforcement, public or governmental agencies, or private litigants, within or outside your country of residence, if we determine that the law compels or reasonably requires such disclosure. This may include responding to court orders, warrants, subpoenas, or other legal or regulatory process, or disclosures that are otherwise permitted by law.

We may also retain, preserve or disclose your information if we determine it is reasonably necessary or appropriate to: (1) prevent death, serious bodily injury, or other significant harm; (2) address issues of national security or other issues of public importance; (3) prevent or detect violations of our Terms or fraud or abuse of Reps AI or its users; or (4) protect our operations or our property or other legal rights, including in connection with actual or potential litigation.

Cookies and Tracking Technologies

Reps AI is a native mobile application and does not use cookies, web beacons, tracking pixels, or third-party advertising SDKs. We do not track your activity across other apps or websites, and we do not use Google Analytics, Mixpanel, Amplitude, or similar third-party analytics products in the mobile application.

This website (repsai.fit) may use minimal essential cookies required for it to function. We do not use cookies on this website for analytics or advertising.

Your Privacy Rights and Choices

You may review, change, or terminate your account at any time, depending on your country, province, or state of residence. We provide a variety of privacy controls to manage your information. We encourage our users to adjust their controls to align with their desired experience.

Below are privacy rights that may be available to you under applicable laws depending on where you live and subject to potential limitations and exceptions. If you need further assistance exercising your rights, please contact us by using the contact details provided in the “Contact Us” section below.

Access and Portability: You may have the right to know, and request access to, the personal information we collect, use, share, or otherwise process about you. You can access much of your information by logging into your account.
Rectify or Correct: You may have the right to correct inaccurate information. You may correct, amend, or update Profile Information or Account Information at any time by adjusting that information in your account settings.
Restrict or Delete: You may have the right to restrict or delete personal information. You can delete individual workouts and AI chat sessions in the app, and you may delete your entire account from within the app settings or by contacting us at [email protected]. Once deleted, we cannot reinstate your data. Following deletion of your account, it may take up to 45 days to remove your personal information and any residual data from our backend systems and backups.

Automated Decision-Making: We sometimes use AI Features and automated decision-making to analyze your personal information, as described above. But we do not use these technologies for decisions that have legal or similarly significant effects on you.

Children’s Privacy

Our Services are not intended for, nor directed to, children under 13 years of age, and we do not knowingly collect personal information – including voice data – from anybody under 13 years of age. If you are under 13 years of age, do not use the Services.

We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children under 13 years of age to never provide their personal information through any of our Services. If you have reason to believe that a child under the age of 13 has provided personal information to us, please contact us, and we will discontinue the provision of the Services accordingly.

Additional Important Privacy Information

How We Protect Information

We implement measures to manage your information securely and consistently with this Policy. We maintain administrative, technical, and physical safeguards in accordance with appropriate industry standards that are designed to protect against unauthorized use, disclosure, or access to personal information. However, despite our safeguards and efforts to secure your personal information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your personal information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

OpenAI also maintains its own security programme, details of which are available at openai.com/security. No method of transmission is 100% secure. If we become aware of a breach affecting your data, we will notify you as required by applicable law.

Retention of Information

We retain information as long as needed to provide the Services, subject to our legal obligations. We generally keep information associated with your account until you delete it or we no longer need the information to provide the Services. In making these determinations, we consider the amount, nature, and sensitivity of the personal information, the purposes for which we process it, whether we can achieve those purposes through other means, and applicable legal requirements.

Cross Border Data Transfers

If you are located outside of the United States and choose to use the Services or provide information to us, you acknowledge and understand that your information will be transferred, processed, and stored in the United States.

When you use the voice feature, your audio recordings are transferred to OpenAI’s servers in the United States. If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with data transfer restrictions, this constitutes an international transfer of personal data.

Our Data Processing Agreement with OpenAI incorporates the EU Standard Contractual Clauses approved by the European Commission, providing appropriate safeguards for transfers to the United States.

Data Subject Rights:Only you or someone legally authorized to act on your behalf may make a request related to your personal information. Please see the “Your Privacy Rights and Choices” section for a list of rights we provide to you, as well as how to exercise them.

Authorized Agents: You may appoint an authorized agent to exercise any of your privacy rights on your behalf. To verify that your authorized agent acts on your behalf, we will ask for proof from your agent and may require that you also verify your identity.

Privacy Policy Updates

Reps AI reserves the right to modify this Policy at any time, including when OpenAI changes its data handling practices in ways that affect users. If we make changes to this Policy, we will post the revised policy and its effective date on our website. If we make changes we deem to be material, we will provide prominent, advance notice. If you object to any changes to this Policy, you should stop using the Services and delete your account. We will complete deletion within 30 days and will request deletion of any associated data from OpenAI on your behalf.

Contact Us

If you have questions about our privacy practices, this Policy, or would like to contact us or our Data Protection Officer, you can do so by emailing us at [email protected].

For OpenAI-specific data requests, you may also contact OpenAI directly at privacy.openai.com or [email protected].