← Home

Privacy Policy

Last updated: 06/13/2026

1. Data Controller

  • Matteo Ardu
  • Bingener Weg 73, 40229 Düsseldorf, Deutschland
  • Email: info@calisthenicsexperience.com

2. Data Collected

  • Identification data: first name, last name, email address
  • Access data: password (encrypted), authentication tokens
  • Physical data (optional): age, height, body weight — voluntarily provided by the user to personalise training plans
  • Fitness data: training level, goals, workout history
  • Usage data: access logs, language preferences, app interactions
  • Profile image (optional): avatar uploaded by the user
  • Purchase data: subscription status and transaction identifier, managed via the stores (Apple/Google) and RevenueCat; we do not process your payment card data
  • Diagnostic data: technical error and crash logs (via Sentry) to detect and fix malfunctions
  • Product analytics data: anonymous interaction events (e.g. screen views, features used) via PostHog, with infrastructure in the European Union; collected only with explicit consent and switchable off at any time in Settings
  • Health data synced with Apple Health / Health Connect (optional): if you enable sync, the app writes your completed workouts, estimated calories and body weight, and may read the body weight you logged in Health

3. Purposes of Processing

  • Service provision: account creation and management
  • Personalization: generation of adaptive training plans
  • Service communications: registration confirmation and password reset emails
  • Service improvement: aggregated and anonymous usage analysis
  • Diagnostics and stability: detection and fixing of errors and crashes (Sentry)
  • Product analytics: aggregated understanding of usage to improve features (PostHog), with consent only
  • Legal obligations: compliance with applicable regulations

4. Legal Basis (Art. 6 GDPR)

  • Contract performance (art. 6 par. 1 lit. b): to provide the service
  • Explicit consent (art. 6 par. 1 lit. a): for physical and fitness data
  • Legitimate interest (art. 6 par. 1 lit. f): for service improvement and crash diagnostics (Sentry), with data minimisation
  • Consent (art. 6 par. 1 lit. a): for product analytics (PostHog), revocable at any time
  • Legal obligation (art. 6 par. 1 lit. c): for regulatory compliance

5. Health Data

Data relating to physical condition (weight, height, age, fitness level, workout history) may be considered health data under Art. 9 GDPR. Such data is optional and processed exclusively with the explicit consent of the user, given during onboarding, and is used solely for the generation of personalised training plans. If you enable sync with Apple Health or Health Connect, workouts, estimated calories and body weight are shared with your Health account (Apple/Google) under your control: we do not sell them or use them for advertising, and you can revoke access at any time in your device settings.

6. Data Retention

  • Account data: for the duration of the contractual relationship
  • Workout history: for the duration of the active account
  • Access logs: maximum 12 months
  • Backup data: maximum 30 days after account deletion

7. Data Transfers

  • Supabase Inc. (USA) — database and authentication — with adequate safeguards under art. 46 GDPR
  • Google LLC — OAuth authentication — with adequate safeguards under art. 46 GDPR
  • Apple Inc. (USA) and Google LLC (USA) — in-app purchase processing and subscription management
  • RevenueCat, Inc. (USA) — technical subscription management — with adequate safeguards under art. 46 GDPR
  • Google LLC (Gemini) and OpenAI, L.L.C. (USA) — AI processing to generate plans and feedback; prompts may include the fitness data you provide — with adequate safeguards under art. 46 GDPR
  • Sentry (Functional Software, Inc.) — error and crash diagnostics — with adequate safeguards under art. 46 GDPR
  • PostHog, Inc. — product analytics, infrastructure in the European Union — activated only with consent
  • Apple Health / Health Connect (Google) — synced health data stays in your Health account on the device, under your control; it is not used for advertising
  • No data is sold to third parties.

8. Your Rights

  • Access (art. 15): obtain a copy of your data
  • Rectification (art. 16): correct inaccurate data
  • Erasure (art. 17): request deletion of your data
  • Portability (art. 20): receive data in a structured format
  • Objection (art. 21): object to processing based on legitimate interest
  • You can delete your account directly in the app (Profile section) or by email
  • To exercise your rights: info@calisthenicsexperience.com

9. Security

Data is protected by encryption in transit (TLS) and at rest. Access to data is limited to authorised personnel.

10. Changes

Any changes will be communicated by email to registered users with at least 15 days notice.

11. Complaints

You have the right to lodge a complaint with the competent supervisory authority. In Germany: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW).

CX
Calisthenics eXperience logo

Calisthenics eXperience

Matteo Ardu

Premium Online CoachingApp-Integrated Training SolutionsDigitizing Elite Calisthenics

Download on the App StoreGet it on Google Play

Newsletter & Social

No spam. Only Applied Science & Performance updates.

© 2026 Calisthenics eXperience — Matteo Ardu

Professional Online Coaching • Specialized Personal Training Düsseldorf

Calisthenics eXperience | App & Coaching — Matteo Ardu