Last updated: June 2026
The data controller for the purposes of the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and the Irish Data Protection Act 2018 is:
Can Ayan (sole trader) Ireland Email: info@kalibrefin.com
We are referred to in this policy as "we", "us", or "the controller".
This policy covers the iOS application "Hybrid Athlete Pro" and the optional AI Coach proxy service (together, the "Service"). By using the Service you acknowledge the practices described below.
Looking for the legal framework around use of the Service (medical disclaimer, liability cap, subscriptions, governing law)? That's in our separate Terms of Service.
We process only what's needed to make the Service work for you. We use one privacy-respecting analytics provider (Google Firebase Analytics) to understand anonymous, aggregate product usage — see §2.5. There are no advertising or attribution SDKs, and we never sell your data.
experience level, training-style preference.
optional difficulty feedback.
photo (compressed locally, never uploaded), homeCity (city-level only, used for social proximity filtering — no GPS, user-typed).
visibility, list of athletes you blocked or reported.
locally — v1.0 has no cross-user backend so messages do not leave your device in the current shipment).
This data lives in iOS UserDefaults / SwiftData / the app sandbox. It is never uploaded to our servers as a whole. iOS handles backup and restore through your iCloud account if you have it enabled — we do not operate that path and have no access to your iCloud backup.
When you sign in with Apple, we receive:
chose "Hide My Email" when signing in.
The user identifier is hashed before any network call and is the only identifier we ever transmit. We never store your real email; if you use Apple's relay address, we never see your real email at all.
Starting in v1.0.2 the optional AI Coach path is live. When your device supports Apple Intelligence (iPhone 15 Pro+ on iOS 26+) Coach Notes are generated entirely on-device by Apple Intelligence — no network calls take place. On every other device the app sends a small JSON payload to a Cloudflare Worker we operate, which forwards it to Groq, Inc. (api.groq.com) running Meta's Llama 3.3 70B model.
The payload sent to the Worker contains:
stored only on your device, rotated on reinstall — cannot be linked back to your Apple ID, email, or name).
difficulty rating.
Before the payload leaves our Worker we strip your display name to a single initial (e.g. "C."). The athlete's plan content is the only data the model actually receives.
The payload contains no persistent personal identifiers, no email, no real name, no location, no health metrics beyond what you have explicitly logged in the Service. Groq processes the payload to generate the response and, per Groq's free-tier policy effective at the time of this update, does not retain or use the data for model training. We log only error codes and rate-limit counters; we never log prompt content.
Topic guard. The AI Coach is configured to discuss only training, exercise, recovery, sport-relevant nutrition, sport performance, injury-prevention concepts, and your own plan. Off-topic questions (politics, finance, medical diagnosis, general chat, etc.) are refused with a fixed bilingual message and do not result in any model output.
Disabling the AI Coach. You can disable the remote AI Coach at any time from Profile → AI Coach Settings → "Use AI enrichment". With it off, Coach Notes are generated by the deterministic on-device renderer and no network calls leave your device.
city-level homeCity string you type during onboarding.
leaves your device).
subscription is processed entirely by Apple's App Store — we never see or store your card number, billing address, or Apple ID. We read only your subscription entitlement STATUS (active / not) locally on your device via StoreKit, to unlock the app; that status is not transmitted to us or any third party.
To understand how the app is used — and, honestly, where people get stuck so we can fix it — we use Google Firebase Analytics. This is limited to anonymous, aggregate product-usage measurement:
app, advancing through an onboarding step, viewing the subscription screen, starting a trial, completing a workout, or viewing an AI review. Events carry only non-identifying parameters (e.g. which step, which plan, whether a trial was started).
that Firebase assigns. It is not linked to your name, email, Apple ID, or any profile data. Your sport, injury, and training data are never sent to Firebase.
advertising identifier (IDFA), we do not enable Google Ads / signals features, and NSPrivacyTracking remains false — none of this data is used to track you across other apps or websites.
Profile → Privacy → "Share anonymous usage data". With it off, no analytics events are recorded or transmitted.
AI Form Check is an optional Pro feature. When you choose to record a short clip of yourself performing an exercise — or upload one you already filmed from your photo library — and request feedback:
service (Google Gemini) for the sole purpose of analyzing your movement technique and returning coaching feedback. We do not** store your video — it is transmitted for analysis and discarded. We do not retain it on our servers.
in-app consent screen naming the third-party AI and ask you to agree. No video leaves your device until you do. You can withdraw consent anytime from Profile → Privacy → "AI Form Check video analysis"; after that you'll be asked to consent again before any further upload.
We do not perform facial recognition and do not use the video to identify you. Because it is not used for unique identification, it is not processed as biometric / special-category data.
medical advice. The video is never used for advertising or profiling.
only — the microphone is never accessed and no audio is captured. Only the picture (your movement) is recorded and analyzed.
each form check (the feedback plus a copy of the clip) is saved locally on your device only — it is never uploaded to us for storage. You can delete any single report, or all of them, anytime from Form Check → your reports. Deleting also removes the saved clip.
Each category of processing has an identified lawful basis:
| Processing | Lawful basis (GDPR Art 6) | |---|---| | Storing onboarding answers, plan, history on your device | Contract (Art 6(1)(b)) — necessary to provide the Service you signed up for. | | Apple Sign-In identifier (hashed) for account identity | Contract (Art 6(1)(b)) — without it, your data cannot be associated with your account. | | Apple Sign-In email/name (if you share them) | Contract (Art 6(1)(b)). | | Storing chat messages locally between matched athletes | Contract (Art 6(1)(b)) — necessary to provide the social pairing feature you opted into. | | Storing your homeCity (city-level only) for social proximity filtering | Contract (Art 6(1)(b)) — required for the matchmaking feature. | | Sending anonymised training digest to the AI Coach proxy (when your device cannot run Apple Intelligence) | Contract (Art 6(1)(b)) — necessary to deliver the AI Coach feature on devices without an on-device model. | | Security, rate-limit, abuse-prevention logs at the proxy | Legitimate interest (Art 6(1)(f)) — protecting the Service from abuse without identifying individual users. |
We do not rely on consent (Art 6(1)(a)) for any of the above because none of the processing is optional in a way that would make consent meaningful — you control whether to trigger AI Coach in the first place, which is the closest analogue to opt-in.
Training history, body assessments, and recovery feedback can reasonably be considered health-adjacent data under GDPR Article 9. We process it on the following Article 9 lawful bases:
| Processing | Article 9 lawful basis | |---|---| | Storing training history, assessment scores, recovery feedback on your device | Explicit consent (Art 9(2)(a)) — by signing in and confirming eligibility at first launch you explicitly consent to processing of health-adjacent training data necessary to provide the Service. You may withdraw consent at any time by deleting your account in Profile → Delete account, which removes all such data immediately. | | Sending anonymised training summary to AI Coach (if you trigger it) | Explicit consent (Art 9(2)(a)) — each AI Coach interaction is a discrete, user-initiated action that constitutes fresh explicit consent for that payload. |
We do not process Article 9 data for any purpose other than delivering the Service to you. We do not share it with third parties (apart from the AI Coach proxy when you explicitly trigger it), sell it, or use it for any kind of profiling, scoring, or decision-making with legal or similarly significant effects.
next workout reflects your history and preferences.
used to filter Discover candidates to athletes near you with compatible profiles. Chat messages with matched athletes are stored locally so you can coordinate co-training.
digest is used to generate your daily Coach Note and Q&A answers. On devices that support Apple Intelligence this runs entirely on-device; otherwise the digest is sent to our Cloudflare Worker as described in §2.3.
We do not use your data for advertising, profiling for marketing, automated decision-making with legal effects, or any purpose beyond delivering the Service.
you trigger a generation on a device without Apple Intelligence. See Groq's privacy policy.
Intelligence runs on-device when supported; no data leaves your phone in that path. Governed by Apple's privacy policy.
Groq call and serves these legal pages. See Cloudflare's privacy policy.
We do not sell or rent your data to anyone, ever. We do not share data with advertisers, data brokers, or analytics providers.
Groq, Apple, and Cloudflare are headquartered in the United States. Personal data transferred to them therefore leaves the European Economic Area (EEA).
We rely on the following GDPR-compliant transfer mechanisms:
self-certified under the EU–US DPF. The European Commission's adequacy decision of 10 July 2023 recognises DPF-certified US transfers as providing an adequate level of protection.
where DPF coverage is not yet available, we rely on the European Commission's 2021 SCCs as the transfer mechanism. The payload is also anonymised (no persistent personal identifiers, display name reduced to a single initial) before it leaves our Worker.
Sign in with Apple terms and DPF certification.
You can request a copy of the relevant transfer documentation by emailing info@kalibrefin.com.
| Data | Retention | |---|---| | On-device data (onboarding, history, profile, cache) | Stored on your device for as long as you keep the app installed. Wiped immediately if you delete your account or uninstall. | | Apple Sign-In credential (Keychain) | Held in your iOS Keychain until you delete the account or revoke Apple Sign-In access. | | AI Coach payload at our Cloudflare Worker | Not persisted. Processed in-memory, anonymised, forwarded to Groq, response returned, request discarded. | | AI Coach payload at Groq | Processed under Groq's free-tier policy in force at the time of this update — not retained for model training. | | Rate-limit counters at the proxy | Rolling 24-hour / 30-day window; aggregate counts only (no payload content). |
If you delete your account via Profile → Manage data → Delete account, every layer of our local state is wiped immediately and irreversibly.
You have the following rights with respect to your personal data. To exercise any of them, email info@kalibrefin.com with a brief description. We respond within one month (extendable by two months for complex requests, per GDPR Art 12(3)) and do not charge a fee for reasonable requests.
| Right | What it means here | |---|---| | Access (Art 15) | Receive confirmation of what we hold and a copy. Most of what we hold lives on your device — the in-app Profile → Manage data screen is the fastest export route. | | Rectification (Art 16) | Correct inaccurate or incomplete data. Onboarding and profile fields are user-editable in the app at any time. | | Erasure / "right to be forgotten" (Art 17) | Wipe your data. Tap Profile → Manage data → Delete account for immediate, irreversible deletion of all local state, the Keychain credential, and the migration flag. Email us to confirm if needed. | | Restriction of processing (Art 18) | Ask us to stop processing while a dispute is resolved. In practice the easiest path is to stop using the AI Coach feature (the only off-device processing). | | Data portability (Art 20) | Receive your data in a machine-readable format. The on-device store is JSON; we can produce a copy on request. | | Object (Art 21) | Object to processing based on legitimate interest. Applies to our security/abuse-prevention logs on the proxy. | | Withdraw consent (Art 7(3)) | We do not rely on consent (see §3) so there is nothing to withdraw. You can always stop using the Service and delete the account. | | Automated decision-making (Art 22) | We do not perform automated decision-making with legal or similarly significant effects. |
You can revoke Sign in with Apple at any time via iOS Settings → Apple ID → Password & Security → Apps Using Apple ID. The Service catches the revocation on next launch and wipes local state automatically.
If you believe our processing infringes GDPR, you have the right to lodge a complaint with a supervisory authority — in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.
The Irish supervisory authority (lead authority for this Service) is:
Data Protection Commission (DPC)
21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
Website: <https://www.dataprotection.ie>
Online complaint form: <https://www.dataprotection.ie/en/contact/how-make-complaint>
We would appreciate the chance to address your concern first — email info@kalibrefin.com — but you are not required to contact us before contacting the DPC.
We apply commercially reasonable safeguards:
TLS 1.2+ over HTTPS.
kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly — not synced to iCloud Keychain, not exported on backup.
from the app, rate-limits per hashed user ID, and does not log payload contents.
exactly what data is collected and which Apple APIs are used.
No system is perfectly secure. We will notify affected users without undue delay if we become aware of a personal data breach likely to result in a risk to your rights and freedoms, per GDPR Art 33–34.
The Service is not directed at children. Under the Irish Data Protection Act 2018 (§31), the digital age of consent in Ireland is 16. We do not knowingly process data from anyone under 16. If you believe a child under 16 has used the Service, contact us at info@kalibrefin.com and we will delete any associated data immediately.
Our Terms of Service additionally require all users to be at least 18 years old (see Terms §3).
We will update the "Last updated" date at the top of this page and post the new version at the same URL. Material changes (new categories of data, new recipients, new purposes) will trigger an in-app notice the next time you open the Service.
Questions, deletion requests, data subject rights, or anything else:
Can Ayan (Data Controller) Email: info@kalibrefin.com
For complaints to the Irish supervisory authority, see §8 above.