Privacy Policy
Your privacy matters to us. This Privacy Policy explains what information TENACE (the “App”) and tenace.fit (the “Website”) collect, how that information is used, and the choices you have. We have written this policy to be as clear and plain as possible — no deliberate legal fog.
1. Who We Are
TENACE (published on the Apple App Store and Google Play as “Tenace Training”) is developed and operated by:
Gustavo Medeiros Souza
Individual developer
Email: contact@tenace.fit
Website: https://tenace.fit
For the purposes of applicable data protection law, Gustavo Medeiros Souza is the data controller for any personal data collected through the App and the Website.
2. Data We Collect
a) Local use — no account required
You can use TENACE without creating an account. In this mode, all workout logs, exercise sets, body measurements, training plans, and history are stored exclusively on your device using a local database. This data is never transmitted to our servers or any third party. It is deleted when you uninstall the App or use the “Erase All Data” option in the App’s Settings screen.
b) Optional account — cloud backup
You may optionally create a TENACE account using your email address and a password. Creating an account enables cloud backup of your training data so it can be restored if you change devices or reinstall the App.
When you create an account and enable cloud backup, the following data is transmitted to and stored on our cloud infrastructure:
- Account credentials: email address and encrypted password.
- Training data: workout logs, exercise sets, reps, weights, notes, training plans, and body composition entries (weight, body fat percentage, circumferences).
- App usage data: streaks, achievement badges, and training history.
This data is stored using Supabase (supabase.com), a third-party cloud infrastructure provider. Supabase stores data on servers located in the United States. By creating an account, you acknowledge that your data will be processed and stored by Supabase in accordance with their Privacy Policy.
Account creation is entirely optional. All core app features are available without an account.
c) Email address — Website sign-ups
If you voluntarily submit your email address through the Website’s notification form, we collect and store that email address. Providing your email is entirely optional — you can use the App without ever visiting the Website or submitting your email.
Email submissions are processed via Formspree, a third-party form service. We do not store your email on our own servers — it is held by Formspree and accessible to us through their dashboard.
d) Automatically collected technical data
When you use the App, your device’s operating system may collect standard technical information (such as crash reports or performance diagnostics) and share it with Apple or Google in accordance with the platform’s own privacy policy. This data is collected by the platform, not by us, and is used to improve overall system performance. We receive only aggregated, anonymised crash diagnostics through App Store Connect and Google Play Console, which contain no personally identifiable information.
3. How We Use Your Data
We use the data we collect exclusively to:
- Provide and maintain the App’s cloud backup and sync functionality;
- Authenticate your account and keep it secure;
- Restore your training data when you reinstall the App or change devices;
- Send the one-time launch notification if you signed up on the Website.
We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes. We do not use your training data to serve you ads.
4. Third-Party Services
The App and Website use the following third-party services that may process personal data:
- Supabase — cloud database and authentication for the optional account and backup feature. Privacy Policy
- Formspree — Website email form processing. Privacy Policy
- Apple App Store / Google Play — platform-level analytics and crash diagnostics, subject to Apple’s and Google’s own privacy policies.
5. Data Retention
Account data: Your cloud data is retained for as long as your account exists. You may delete your account at any time from the App’s Settings screen. Upon deletion, your account credentials and all associated training data are permanently removed from our servers within 30 days.
Local data: Stored on your device until you uninstall the App or erase data manually via Settings.
Website email: Retained until the launch notification is sent, then deleted within 30 days, unless you have separately opted in to further communications. To request earlier deletion, email us at contact@tenace.fit with the subject line “Delete my data” and we will process your request within 30 days.
6. Your Rights
Regardless of where you are located, you have the right to:
- Access — request a copy of the personal data we hold about you;
- Correction — request that we correct inaccurate personal data;
- Deletion — delete your account and all associated cloud data directly from the App’s Settings screen, or by contacting us;
- Portability — export your training data as a CSV file directly from the App;
- Objection — object to our processing of your personal data;
- Withdrawal of consent — delete your account at any time to stop cloud processing, without affecting the lawfulness of processing before withdrawal.
To exercise any of these rights, use the App’s Settings screen or contact us at contact@tenace.fit. We will respond within 30 days. There is no charge for making a request.
7. Security
We take reasonable technical and organisational measures to protect your data. Account passwords are hashed and never stored in plain text. Data in transit is encrypted using TLS. Supabase maintains its own security certifications — see their security documentation for details.
8. Cookies & Analytics
The Website currently uses no cookies, no tracking pixels, and no third-party analytics services (such as Google Analytics). We do not track your browsing behaviour on tenace.fit.
If this changes in the future, we will update this policy before doing so and, where required by law, obtain your consent.
9. GDPR — For Residents of the European Economic Area
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the following additional provisions apply to you under the General Data Protection Regulation (GDPR) or equivalent legislation.
Lawful basis for processing: Account data and website email are processed on the basis of your consent (Article 6(1)(a) GDPR), provided when you voluntarily create an account or submit the sign-up form. You may withdraw consent at any time by deleting your account or contacting us at contact@tenace.fit. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
International data transfers: Your data may be processed by Supabase on servers located outside the EEA. Supabase maintains appropriate safeguards for international data transfers. Your email address is also processed by Formspree, which may store data outside the EEA. For details, refer to Supabase’s Privacy Policy and Formspree’s Privacy Policy.
Right to lodge a complaint: If you believe our processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with your local supervisory authority (e.g., your national Data Protection Authority).
10. Children’s Privacy
The App and Website are not directed at children under the age of 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child under 13 has created an account or provided us with their email address, please contact us at contact@tenace.fit and we will promptly delete that information.
For users aged 13–17, we encourage parental involvement in their use of the App. Please review this Policy together with any minors in your care.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the App’s features, or applicable law. When we make changes, we will update the “Last updated” date at the top of this page.
For material changes — particularly those that affect how we process your account or training data — we will make reasonable efforts to notify you (for example, by sending an email if we have your address, or by posting a prominent notice on the Website) before the changes take effect.
We encourage you to review this policy periodically. Your continued use of the Website or App after the effective date of changes constitutes your acceptance of the revised policy.
12. Contact
If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please reach out:
Gustavo Medeiros Souza
Email: contact@tenace.fit
Website: https://tenace.fit
We aim to respond to all privacy-related enquiries within 30 days.