This Privacy Notice explains how Sundarapilates LLC ("we", "us", "our") collects, uses, and shares personal data when you use the Reps app (the "Service"). Sundarapilates LLC is the data controller for the personal data described in this Notice.
1. Personal Data We Collect
- Account data — email address, display name, handle, password hash, and (optionally) your timezone.
- Service content — workouts you save, rehab plans you build, notes, reminders, and push notification subscription tokens.
- Support messages — anything you send us when you contact support.
- Usage & device data — IP address, browser/device identifiers, user agent, and basic interaction events used for diagnostics and abuse prevention.
- Billing data — your subscription status and plan, plus internal identifiers from our payment provider Paddle. Card details and full billing addresses are handled directly by Paddle and never reach our servers.
2. How We Use Personal Data
- To create and operate your account and provide the Service (contract performance);
- To deliver reminders and notifications you have opted into (contract performance / consent);
- To improve, secure, and prevent abuse of the Service (legitimate interests);
- To respond to support requests (legitimate interests);
- To comply with legal obligations such as tax and accounting (legal obligation).
3. Who We Share Data With
- Service providers / subprocessors — hosting, database, push notification, and analytics providers acting on our instructions.
- Paddle, our Merchant of Record — for sale of subscriptions, payments, billing, tax compliance, invoicing, and subscription management.
- Professional advisers — legal, accounting, and compliance advisers where needed.
- Authorities — where required by law, court order, or to protect our rights and users.
We do not sell your personal data.
4. International Transfers
Our service providers may process data in countries other than the one you live in, including the United States. Where data is transferred out of the UK or EEA, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.
5. Data Retention
We keep personal data for as long as your account is active. If you delete your account, we delete or anonymise the associated data within a reasonable period, unless we are required to keep it longer for legal, tax, or accounting reasons.
6. Your Rights
Depending on where you live, you may have rights to access, rectify, delete, restrict, port, or object to our processing of your personal data, and to withdraw consent where processing is based on consent. UK/EEA residents also have the right to lodge a complaint with their local supervisory authority. We aim to respond to requests within one month.
To exercise these rights, contact us through the in-app support channel.
7. Security
We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and row-level security on our database. No system is completely secure, but we work to reduce risk and respond promptly to incidents.
8. Cookies & Similar Technologies
We use a small number of strictly necessary cookies and local storage entries to keep you signed in and to remember your preferences. We do not use third-party advertising cookies.
9. Children
The Service is not directed to children under 16. If you believe a child has provided us with personal data, contact us and we will delete it.
10. Changes
We may update this Notice from time to time. Material changes will be communicated through the Service. The "Last updated" date at the top shows when the Notice was last revised.
11. Contact
Sundarapilates LLC — privacy questions can be sent through the in-app support channel.