Spotr Logo← Back to Home

Privacy Policy

Last Updated: December 24, 2025

1. Introduction

Spotr Labs LLC ("Spotr," "we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

This Privacy Policy applies to personal information processed by us, including on our website (www.spotr.fit), our mobile application, and other online or offline offerings. This Privacy Policy is incorporated by reference into our Terms of Service, which govern your use of the Service.

By using the Service, you consent to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the Service.

2. Information We Collect

The categories of personal information we collect depend on how you interact with the Service. We may collect the following types of information:

2.1 Information You Provide Directly

  • Account Information: Name, email address, and phone number for account creation and authentication.
  • Profile Information: Age, gender, height, weight, fitness goals, and other information you choose to provide to personalize your experience.
  • Workout Data: Exercise logs, sets, reps, weights, workout history, and performance metrics you enter or generate through use of the Service.
  • Communications: Messages, feedback, support requests, and other communications you send to us.
  • Payment Information: If you make a purchase, our payment processors (Apple, Stripe) collect payment details. We do not store full credit card numbers.

2.2 Information Collected Automatically

  • Device Information: Device type, operating system, unique device identifiers, and mobile network information.
  • Usage Data: Features used, pages viewed, actions taken, time and duration of use, and other interaction data.
  • Log Data: IP address, access times, browser type, and referring URLs.
  • Analytics Data: Aggregated and anonymized data about how users interact with the Service.

2.3 Information from Third-Party Sources

  • Authentication Providers: If you sign in using Sign in with Apple, we receive your Apple ID and, if you choose to share it, your name and email.
  • Third-Party Integrations: If you connect third-party services (e.g., Apple HealthKit), we may receive data from those services with your consent.

3. Apple HealthKit Integration

If you choose to connect Spotr to Apple HealthKit, we may read and/or write health and fitness data with your explicit permission. The specific data points accessed are disclosed in the app at the time permission is requested and may change as we add new features.

How We Use HealthKit Data:

  • To personalize your workout recommendations
  • To display your fitness metrics within the app
  • To write completed Spotr workouts back to Apple Health

HealthKit Data Protections:

  • We will NOT use HealthKit data for advertising or marketing purposes.
  • We will NOT sell HealthKit data to third parties.
  • We will NOT share HealthKit data with third parties for their marketing purposes.
  • We will NOT use HealthKit data to build user profiles for advertising.
  • HealthKit data is stored securely and transmitted using encryption.

Spotr maintains all HealthKit information in accordance with Apple's development guidelines and App Store Review Guidelines.

You can disconnect HealthKit access at any time through your device's Settings > Health > Data Access & Devices.

4. Phone Number Authentication

Seamless and Secure Mobile Authentication
Spotr uses your phone number solely for the purpose of providing a secure and seamless authentication experience. When you sign up or log in, we send a one-time verification code via SMS to confirm your identity.

Phone verification step 1 - Enter phone number
Phone verification step 2 - Create account

How We Use Your Phone Number:

  • To send one-time verification codes via SMS for account creation and login
  • To verify your identity when logging in from a new device
  • To help recover access to your account

We do NOT use your phone number for marketing, share it with third parties for their purposes, or use it for any purpose other than authentication.

5. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Service: To operate, maintain, and deliver the features and functionality of the Service.
  • Personalization: To customize your workouts, recommendations, and experience based on your preferences and history.
  • Communications: To send you service-related notices, respond to inquiries, and provide customer support.
  • Analytics and Improvement: To understand how users interact with the Service and to improve functionality, performance, and user experience.
  • Safety and Security: To detect, prevent, and address fraud, abuse, security risks, and technical issues.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

6. AI-Powered Features and Data Processing

Certain chat, voice, and coaching features in Spotr use third-party machine-learning and large-language-model ("LLM") services. When you use these features:

  • Text, audio, and related workout data you provide may be transmitted to external AI providers to generate responses.
  • These providers process data under their own terms and privacy policies.
  • By using AI-powered features, you consent to this data sharing.

We select AI providers that maintain appropriate security and privacy practices, but Spotr is not responsible for the data handling practices of third-party AI providers.

AI-generated content may contain errors or recommendations that are not suitable for your individual circumstances. You should not rely solely on AI-generated content for fitness, health, or medical decisions.

7. Sharing Your Information

We do not sell your personal information. We may share your information in the following circumstances:

7.1 Service Providers

We share information with third-party vendors who perform services on our behalf, including:

  • Authentication: Twilio (SMS verification)
  • Payment Processing: Apple, Stripe
  • Analytics: PostHog, Firebase
  • Cloud Infrastructure: AWS, Google Cloud
  • AI/LLM Services: Third-party machine learning providers

These providers are contractually obligated to use your information only to provide services to us and to maintain appropriate security measures.

7.2 Legal Requirements

We may access, preserve, and disclose your information if we believe in good faith that doing so is required or appropriate to:

  • Comply with applicable law, regulation, legal process, or governmental request
  • Enforce our Terms of Service or other agreements
  • Protect the rights, property, or safety of Spotr, our users, or others
  • Detect, prevent, or address fraud, security, or technical issues
  • Assist with an investigation or prosecution of suspected or actual illegal activity

7.3 Business Transfers

If Spotr is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice in the app of any change in ownership or uses of your personal information.

7.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

8. Data Retention

We retain your personal information for as long as your account is active or until you request deletion. Specifically:

  • Account and Profile Data: Retained until you delete your account or request deletion.
  • Workout Data: Retained until you delete your account or request deletion.
  • Usage and Analytics Data: May be retained in aggregated, anonymized form indefinitely for analytics purposes.
  • Communications: Retained as needed to provide support and for legal compliance.

After account deletion, we may retain certain information as required by law or for legitimate business purposes (e.g., to resolve disputes, enforce agreements, or comply with legal obligations).

To request deletion of your data, use the account deletion feature in the app or contact us at support@spotr.fit.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication mechanisms
  • Access controls limiting employee access to personal data
  • Regular security assessments and monitoring
  • Local SQLite database storage for certain user data, reducing network exposure

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

10. International Data Transfers

Spotr is based in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

These countries may have data protection laws that differ from those in your country. By using the Service, you consent to the transfer of your information to the United States and other jurisdictions.

Where required by applicable law, we implement appropriate safeguards for international data transfers, such as standard contractual clauses.

11. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

11.1 Access and Portability

You have the right to access the personal information we hold about you. Most of this information is available directly in the app's user interface.

11.2 Correction

You have the right to correct inaccurate or incomplete information. You can update most information directly in the app.

11.3 Deletion

You have the right to request deletion of your personal information. You can delete your account and all associated data through the account settings page in the app, or by contacting us at support@spotr.fit.

11.4 Opt-Out of Communications

You can opt out of promotional communications by following the unsubscribe instructions in those messages or by contacting us.

11.5 Withdraw Consent

Where we rely on consent to process your information, you may withdraw consent at any time. This will not affect the lawfulness of processing before withdrawal.

To exercise any of these rights, contact us at support@spotr.fit. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

12. California Privacy Rights (CCPA)

This section applies to California residents and supplements the information in this Privacy Policy.

12.1 Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information:

CategoryExamplesCollected
IdentifiersName, email, phone number, IP address, device IDYes
Personal information under Cal. Civ. Code § 1798.80Name, phone numberYes
Protected classification characteristicsAge, gender (if provided)Yes
Commercial informationPurchase history, subscription statusYes
Biometric informationNot collectedNo
Internet or network activityUsage data, log data, analyticsYes
Geolocation dataGeneral location from IP addressYes
Sensory dataVoice recordings (if using voice features)Yes
Professional or employment informationNot collectedNo
Education informationNot collectedNo
InferencesFitness preferences, workout patternsYes

12.2 Sources of Personal Information

We collect personal information from:

  • Directly from you
  • Automatically through your use of the Service
  • Third-party authentication providers (Apple)
  • Third-party integrations you connect (HealthKit)

12.3 Business Purposes for Collection

We use personal information for the purposes described in Section 5 of this Privacy Policy.

12.4 Sale and Sharing of Personal Information

We do NOT sell your personal information. We do NOT share your personal information for cross-context behavioral advertising.

12.5 Your California Privacy Rights

As a California resident, you have the right to:

  • Know: Request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Delete: Request deletion of your personal information, subject to certain exceptions.
  • Correct: Request correction of inaccurate personal information.
  • Non-Discrimination: Exercise your rights without receiving discriminatory treatment.

12.6 How to Submit a Request

To exercise your California privacy rights, you may:

  • Use the account deletion feature in the app
  • Email us at support@spotr.fit
  • Include "California Privacy Request" in the subject line

We will verify your identity before fulfilling your request by matching information you provide with information we have on file.

12.7 Authorized Agents

You may designate an authorized agent to submit a request on your behalf. We may require proof of authorization and identity verification.

12.8 Shine the Light

California residents may request information about disclosure of personal information to third parties for direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.

13. Children's Privacy

The Service is not intended for children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children under these ages.

If we become aware that we have collected personal information from a child under the applicable age without parental consent, we will take steps to delete that information promptly.

If you believe we have collected information from a child under the applicable age, please contact us immediately at support@spotr.fit.

14. Cookies and Tracking Technologies

14.1 Website

Our website may use cookies and similar technologies to:

  • Maintain session state and authentication
  • Analyze website traffic and usage patterns
  • Improve website functionality

14.2 Mobile App

Our mobile app may use:

  • Analytics SDKs to understand app usage
  • Crash reporting tools to identify and fix bugs
  • Device identifiers for authentication and security

14.3 Your Choices

  • Browser Settings: You can configure your browser to reject cookies or alert you when cookies are sent.
  • Device Settings: You can reset your mobile advertising identifier or opt out of personalized ads through your device settings.

14.4 Do Not Track

Some browsers offer a "Do Not Track" (DNT) signal. There is no industry consensus on how to respond to DNT signals, and we do not currently respond to them. However, you can use the other controls described in this section to manage tracking.

15. Third-Party Links and Services

The Service may contain links to third-party websites, apps, or services that we do not control. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you access.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending you an in-app notification or email for significant changes

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Email: support@spotr.fit

Address:
Spotr Labs LLC
3 The Green, Suite B
Dover, DE 19901

© Spotr Labs LLC 2025