Privacy Policy

Last updated: April 4, 2026

Notch ("we," "our," or "us") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights regarding that data.

1. Authentication & Identity

Notch uses anonymous authentication through Supabase. When you first open the app, an anonymous account is created automatically — no email, name, or personal information is required to use Notch. Your account is identified only by a randomly generated user ID.

2. Data We Collect

We collect only what's necessary to deliver your personalized coaching experience:

• Onboarding preferences — your fitness goals, training experience level, workout frequency preference, and available equipment. These are used to generate your workout program.
• Workout data — exercises, sets, reps, weights, and completion status that you log during workouts.
• Coach conversations — messages you send to the AI coach within the app, used solely to generate contextual responses.
• App preferences — settings like dark mode and reminder preferences.

3. Apple Health (HealthKit)

If you grant permission, Notch can read and write workout data to Apple HealthKit. This data is exchanged directly between the app on your device and HealthKit — it is never sent to our servers. You can revoke HealthKit access at any time in your device's Settings.

4. AI Coach & Data Processing

When you interact with the AI coach, your message and relevant workout context are sent to our backend service to generate a response. We do not use your conversations to train AI models. Coach interactions are processed in real time and are not stored beyond what's needed to display your conversation history within the app.

5. Subscriptions & Payments

Subscriptions are managed through Apple's App Store and RevenueCat. We do not collect or store any payment information (credit card numbers, billing addresses, etc.). RevenueCat receives an anonymous app user ID to manage your subscription status — no personal information is shared with them. For details on how RevenueCat handles data, see their privacy policy.

6. Data Storage & Security

Your data is stored in Supabase (hosted on AWS) with row-level security enabled, meaning each user can only access their own data. All data is transmitted over HTTPS. We do not sell, rent, or share your data with third parties for marketing or advertising purposes.

7. Data We Do Not Collect

Notch does not collect your name, email address, phone number, location, contacts, photos, or any device identifiers beyond what's needed for anonymous authentication. There are no social features, no friend lists, and no public profiles.

8. Data Deletion

You can delete your account and all associated data at any time from within the app. Upon deletion, all your workout data, preferences, and coach conversation history are permanently removed from our servers.

9. Children's Privacy

Notch is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has provided us with data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this policy from time to time. If we make significant changes, we'll update the "Last updated" date at the top of this page. Continued use of Notch after changes constitutes acceptance of the updated policy.

11. Contact

If you have questions about this privacy policy or your data, contact us at privacy@notchai.app.