Privacy Policy – Hercule – Fitness Chronicle

Effective date: 17 October 2025

This Privacy Policy explains how Hercule – fitness chronicle (the “App”) collects, uses, and shares information. The App is developed by Zafer Siar Konyar (“we”, “us”, or “our”). If you have questions, contact: siarkonyar@gmail.com.

1. Scope

This policy applies to the App on Android and iOS and to any related services that link to this policy.

2. What we collect

2.1 Account and authentication

• Account identifiers (e.g., email address) when you sign up or sign in.
• Authentication tokens and basic profile info provided by Google Sign-In and Sign in with Apple (as applicable).

2.2 App content you create

• Exercise logs you enter (e.g., exercises, sets, reps, weights, notes).
• Date labels and their metadata (e.g., emoji/icon, label name, optional description, color).
• Optional timestamps and usage metadata (e.g., when an item was created or updated).

2.3 Device and usage data

• Basic technical data sent by your device when using Firebase services (e.g., IP address at the time of request, device model, OS version). We do not collect precise location.
• Crash and performance data if enabled by Firebase Crashlytics/Performance Monitoring (no sensitive content fields are intentionally captured).

2.4 Local (offline) storage

• The App uses local storage (AsyncStorage) on your device to temporarily store your exercise logs and labels for offline use and faster loading. These items sync to our database when you are online.

2.5 Data we do not intentionally collect

• We do not collect your precise geolocation, contacts, photos, or microphone data.
• We do not collect payment information within the App.

3. How we use your information

• To provide core features: account creation, secure sign-in, creating and viewing exercise logs, assigning labels to dates, and syncing data across devices.
• To maintain and improve the App (including debugging, crash analysis, and performance monitoring).
• To communicate with you about important updates, security alerts, and changes to this policy or terms.
• To comply with legal obligations and enforce our terms and policies.

4. Legal bases for processing (EEA/UK users)

• Performance of a contract: to provide and operate the App and your account.
• Legitimate interests: to maintain security, prevent misuse, and improve the App.
• Consent: where required by law (e.g., future advertising or marketing features). You can withdraw consent at any time in settings (if available) or by contacting us.
• Legal obligation: to comply with applicable laws and requests from authorities.

5. Sharing and disclosure

• Service providers: We use Google Firebase (including Firebase Authentication and Cloud Firestore) to host and process data on our behalf.
• Authentication providers: Google and Apple process your sign-in data per their own privacy policies.
• Legal reasons: We may disclose information if required to comply with law, regulation, legal process, or to protect rights, property, or safety.
• Business changes: If we are involved in a merger, acquisition, or asset sale, your information may be transferred as permitted by law and you will be notified where required.
• We do not sell your personal information.

6. Advertising

No ads at this time. If we later introduce advertising or ad-related SDKs (e.g., AdMob), we will update this policy, request any required consent (where applicable), and reflect the change in the app stores’ Data Safety/App Privacy sections before ads begin.

7. Data retention

• We keep your account data and content (exercise logs, labels) for as long as your account is active.
• If you request deletion, we will delete or anonymize your personal data within a reasonable period unless we must retain it for legal, security, or operational continuity reasons.
• Local (offline) data in AsyncStorage remains on your device until you delete it by uninstalling the App, clearing the App’s data, using any in-app “clear data” feature (if available), or requesting account deletion (server-side data).

8. Your rights

8.1 EEA/UK residents (GDPR/UK GDPR)

• Access, rectification, erasure, restriction, objection, and data portability.
• Where processing is based on consent, you may withdraw consent at any time.
• You may lodge a complaint with your local supervisory authority.

8.2 California residents (CCPA/CPRA)

• Right to know, delete, correct, and non-discrimination.
• We do not “sell” or “share” personal information as defined by the CPRA.

8.3 Exercising your rights

To exercise your rights or request account/data deletion, email siarkonyar@gmail.com. We may need to verify your identity and the ownership of the account.

9. International data transfers

We rely on Google Firebase services which may process data in multiple regions, including the United States. Where required, we implement appropriate safeguards for international transfers, such as standard contractual clauses or equivalent mechanisms provided by service providers.

10. Security

We use reasonable technical and organizational measures to protect your information, including Firebase Authentication, secure communication, and access controls. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Children’s privacy

The App is not intended for children under 13. If you are in the EEA/UK, you must be at least the age of digital consent in your country (typically 16) or have verifiable parental consent. If we learn we have collected personal data from a child contrary to this section, we will delete it.

12. Third-party services

• Google Firebase (Authentication, Cloud Firestore, and potentially Crashlytics/Performance Monitoring).
• Google Sign-In and Apple Sign-In for authentication.

These services process your data under their own terms and privacy policies.

13. Data Safety (Google Play) and App Privacy (App Store)

We disclose our data practices in the stores’ required sections. Those disclosures reflect the data types described in this policy and will be updated if our practices change (e.g., adding ads).

14. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated policy in the App or at the link provided in the app stores and update the effective date. Material changes will be communicated as required by law.

15. Contact

Developer: Zafer Siar Konyar
Email: siarkonyar@gmail.com

16. Summary of data categories

• Collected: Account identifiers (email), authentication tokens, exercise logs, date labels, basic device/usage data, crash/performance telemetry (if enabled).
• Stored on device (offline): Exercise logs and labels in AsyncStorage until synced or cleared.
• Not collected: Precise location, contacts, photos, microphone, payment data.
• Sharing: With service providers (Firebase, auth providers); not sold.