← Back to home

Privacy Policy

Last updated: 29 May 2026

This policy explains how Reposia handles your personal data and your rights under UK data-protection law (the UK GDPR and the Data Protection Act 2018). Reposia is a fitness, nutrition and recovery app for iOS, operated by an individual (sole trader) based in the United Kingdom ("Reposia", "we", "us", "our"), who is the data controller for the limited personal data described below. You can reach us at support@reposia.app.

The short version: almost everything stays on your device, your Apple Health data is never uploaded to us, and the small amount we hold on our server exists only to run your subscription and the optional AI features. We do not sell your data, show ads, or use third-party advertising or analytics trackers.

1. What we handle, why, and our legal basis

Under UK GDPR we must have a lawful basis for each use of personal data. The personal data we (as controller) process on our server is deliberately minimal:

Your Apple user identifier (a stable, app-specific ID from Sign in with Apple), and your name/email only if you choose to share them — to recognise your account. Legal basis: performance of our contract with you.
Subscription status (free/premium, plan, renewal/expiry events) — to unlock or lock Reposia Pro. Legal basis: contract.
AI-usage counters (how many AI analyses you've used this period, and the reset date) — to enforce the fair-use allowance. Legal basis: contract, and our legitimate interest in keeping the service sustainable and preventing abuse.
AI request content (the photo or text you submit) — processed transiently to return your result (see §5). Legal basis: contract.
An AI-call log (timestamp and success/failure status of each AI request) — for reliability and abuse prevention. Legal basis: legitimate interest.
Referral codes/claims, if you use referrals — to grant rewards and prevent abuse. Legal basis: contract and legitimate interest.
Apple Health data — read on your device with your consent and not sent to us (see §3). Legal basis: your consent, given in iOS.

2. Data stored on your device & iCloud

Your workouts, meals, recipes, goals, body weight and app settings are stored locally on your iPhone using Apple's on-device database. If you enable iCloud Sync, this data syncs across your own Apple devices through your private iCloud account (Apple's CloudKit). It is tied to your Apple ID and is not accessible to us. Roughly 95% of your data never leaves your device or your iCloud account.

3. Apple Health (HealthKit)

With your explicit permission, Reposia reads health metrics from Apple Health — such as heart-rate variability, resting heart rate, sleep, respiratory rate, blood oxygen, active energy, steps and body mass — to show your recovery score, activity and trends, and writes back body weight you log. In line with Apple's requirements and our own commitment:

Health data is read and used on your device only and is never transmitted to our servers.
We do not use Health data for advertising or marketing, we do not sell it, and we do not share or disclose it to any third party.
It is used solely to provide the app's health and fitness features.

You can grant or revoke this access at any time in iOS Settings → Privacy & Security → Health. Revoking it simply hides the related features; the rest of the app keeps working.

4. Sign in with Apple

You authenticate with Sign in with Apple. We receive a stable, app-specific Apple user identifier (and your name/email only if you choose to share them) so we can recognise your account for subscription status and AI-usage limits. We never receive your Apple password. If you used Apple's "Hide My Email", we only ever see the relay address.

5. AI food logging

When you use the optional AI features (photo or text food logging), the photo or text you submit is sent over an encrypted (HTTPS) connection to our server (hosted on Cloudflare) and then to our AI provider (Anthropic) to estimate the food's calories and macros. This content is processed only to generate your result. It is not used to train AI models. Our AI provider may retain it briefly for security and abuse-prevention purposes before deletion, in line with their API terms; we do not store your photos or meal text on our own server. If you don't use the AI features, no meal content ever leaves your device.

6. Subscriptions

Reposia Pro is sold and billed by Apple through the App Store. Subscription management is handled with the help of RevenueCat, a subscription-infrastructure provider. We receive subscription status events (e.g. that your subscription started, renewed or expired) so we can unlock or lock Pro features. We never receive or store your payment-card details — those are handled entirely by Apple.

7. What our server stores

Our server (Cloudflare D1) holds a single record per user: your Apple user identifier, your plan (free/premium), your AI-usage counters and reset date, your subscription-active-until date, and (separately) an append-only log of AI calls (timestamp + success/failure). We do not store your meals, workouts, health data, recipes or photos on our server.

8. Who we share data with

We do not sell your data. We use a small number of carefully chosen service providers (processors/sub-processors) strictly to run the service:

Apple — Sign in with Apple, App Store billing, HealthKit, iCloud.
Cloudflare — hosting of our server, database and this website.
Anthropic — AI processing of food photos/text you submit.
RevenueCat — subscription status management.
Open Food Facts — barcode lookups (a barcode you scan is sent to retrieve product data; this is a public, community database).

9. International transfers

Some of these providers (including Anthropic, Cloudflare and RevenueCat) are based in, or process data in, the United States. Where personal data is transferred outside the UK, it is protected by appropriate safeguards — such as the UK extension to the EU Standard Contractual Clauses (the International Data Transfer Addendum) or a relevant adequacy decision — so it receives an essentially equivalent level of protection.

10. How long we keep it

We keep your account record for as long as you have an account. AI request content (photos/text) is not retained on our server beyond completing your request. The AI-call log is kept only as long as needed for reliability and abuse prevention. When you delete your account (§12), your server record is removed.

11. How we protect your data

All traffic to our server is encrypted in transit (HTTPS/TLS). Access to AI features is authenticated with a short-lived token derived from Sign in with Apple. We minimise what we collect, and most of your data never leaves your device. No system is perfectly secure, but we take reasonable technical and organisational measures appropriate to the limited data we hold.

12. Your rights

Under UK GDPR you have the right to: access your personal data; have it corrected; have it erased; restrict or object to its processing; data portability; and to withdraw any consent you have given (such as Health access) at any time, without affecting prior processing. You can delete your account and server record at any time from Settings → Delete account in the app, or contact us at support@reposia.app to exercise any of these rights. We will respond within one month. If you are unhappy with how we handle your data, you have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

13. Automated decision-making

The AI features produce estimates to assist you; they do not make decisions that produce legal or similarly significant effects about you. We do not carry out automated decision-making of the kind restricted by Article 22 of the UK GDPR.

14. Children

Reposia is intended for users aged 16 and over and is not directed at children under 16. We do not knowingly collect personal data from children under 16; if you believe a child has provided us data, contact us and we will delete it.

15. This website

This website is a simple static site hosted on Cloudflare. It sets no advertising or tracking cookies. It loads fonts from Google Fonts, which may involve a request to Google's servers to deliver the font files; no profiling or advertising identifiers are used.

16. Changes to this policy

We may update this policy as the app evolves or the law requires. Material changes will be reflected by the "Last updated" date above and, where appropriate, highlighted in the app.

17. Contact

Questions about your privacy, or to exercise your rights? Email support@reposia.app.