Privacy Policy

MacroMinds ("we", "our", "us", or "the Platform") provides software for gyms and their members — programming, classes, member nutrition, performance tracking, payments, AI insights, and an in-gym TV board. This policy explains what personal data we collect, how we use it, who we share it with, and the choices you have.

It covers our website, web app, and the related companion mobile experience. Cookies and similar technologies are covered in more detail in our Cookie Policy.

MacroMinds serves two kinds of users — gyms and their members — and our data-protection role differs by context:

• For gym member data(the data a member generates inside their gym's community — workouts, meals, weigh-ins, class results), the member's gym is generally the party that decides how that data is used, and we act as a service provider/processor on the gym's behalf under a data processing agreement.
• For account and direct-relationship data (creating your account, our own analytics, communications from us, and information submitted through our public partnership form), we act as the controller.

If your data is governed by your gym, requests about it may be directed to your gym as well as to us; we will help fulfill them.

Account & identity

• Name, display name, and email address
• Password (held by our auth provider as a salted hash — we never see or store it in plain text)
• Date of birth, biological sex (used for nutrition/energy calculations)
• Phone number, city/state/country, timezone and unit preferences (optional)
• Profile bio and avatar

Health & fitness data

• Height, body weight and weight history, target weight, body-fat percentage
• Activity level and weight goal
• Calorie/macro targets and nutrition history
• Meal logs (food names, descriptions, macros) and meal photos
• Progress/body photos (front/side/back) and profile photo galleries
• Workout and performance data — personal bests, lifts, times, class results
• AI-generated summaries and insights about your training and nutrition

Gym, community & communications

• Gym memberships and roles (athlete, coach, staff, owner), join requests and notes
• Community feed posts, comments, likes, follows, event RSVPs, class survey responses
• Direct and group messages within the platform
• Coach notes and access grants

Payment data

• Subscription status, plan, and billing periods, and the identifiers our payment processor (Stripe) assigns. Card numbers are entered directly with Stripe and are never stored on our systems.
• For gym owners: business contact details, address, and the Stripe Connect account information needed to receive payouts.

Usage & device data

• Product analytics events, pages visited, and performance metrics (only if you accept analytics — see section 10)
• IP address, browser, and device information captured by our analytics provider when enabled
• A mobile push-notification token, if you enable notifications in the companion app

Prospective-partner data

• If you submit our partnership form, the gym and contact details you provide there.

Some of what MacroMinds handles is sensitive — body weight and body-fat history, photos of identifiable people, nutrition and dietary data, date of birth, and biological sex. We use this data only to provide the features you and your gym use it for, and we apply the sharing rules described below. Some jurisdictions treat this as "special category" data requiring your explicit consent; by providing it you consent to our use of it as described here.

• Provide the platform's features to you and your gym
• Calculate nutrition targets and generate AI insights and reports
• Connect you with your gym, coaches, and community
• Process subscriptions and payments
• Send service communications and, if enabled, push notifications
• Understand and improve how the product is used (analytics, with your consent)
• Keep the platform secure and enforce our Terms

We do not sell your personal information. We share it only as described here.

Service providers (subprocessors)

We rely on the following providers to operate the platform. Each processes data only to provide its service to us:

Your gym and its staff

If you join a gym, that gym's owner, staff, and coaches can see data needed to coach you. Staff at your primary gymcan view your performance, nutrition, weigh-in numbers (including body-weight and body-fat), and AI reports as part of running the gym's program — and may be able to read messages in gym-linked conversations. Progress photos are an exception: they are private to you and are never shown to your gym's staff — they are stored in a restricted bucket and served only through short-lived signed links to you, unless you choose to publish a shareable link for a specific photo (which you can revoke at any time). Other members of your gym can see your profile and performance according to your visibility settings.

Things you choose to share publicly

Some features can expose data outside your gym when you opt in: public share links you generate, a public profile or post, your gym's public page, and the gym's TV board display. Public share links and leaderboards can be viewed by anyone who has the link, and a shared leaderboard may include other athletes' names and scores. Only share what you're comfortable making public.

Legal & safety

We may disclose data if required by law, to enforce our Terms, or to protect rights and safety.

When you use AI features — meal-photo macros, menu scanning, workout parsing, nutrition targets, and athlete reports — the relevant data is processed by Anthropic (Claude). When a gym uses the marketing-flyer feature with a member's photo, that photo and the member's name are processed by Google (Gemini). We instruct these providers to process the data only to return a result to us, and not to use it to train their general models; the specific commitments are governed by our agreements with those providers. AI outputs are informational and are not medical or professional advice.

Essential cookies keep you signed in and the app working. Analytics (PostHog) runs only if you accept it in our cookie banner, and you can change your choice at any time. Full detail is in our Cookie Policy.

Depending on where you live, you may have rights to access, correct, delete, export, or restrict use of your data, and to object to certain processing. You can:

• View and edit much of your data directly in the app
• Control profile and photo visibility, and whether public sharing is enabled
• Accept or reject analytics at any time via our cookie banner
• Export a copy of your data as a JSON file directly from the app (Profile → Edit Profile → Your data)
• Permanently delete your account and data directly from the app (Profile → Edit Profile → Delete account). If your account owns, staffs, or coaches a gym, deletion is handled with our support team instead so the gym's data can be transferred first.

You can also make any of these requests by contacting contact@macrominds.io. If your data is governed by your gym, we may coordinate with the gym to fulfill it. Note that our payment processor retains transaction records as required by financial-compliance law, so those records cannot always be fully erased.

We keep your personal data for as long as your account is active and as needed to provide the service. When an account is deleted, we remove its records from our primary database. Some data persists longer where required — for example, payment records held by our processor, backups that age out on a rolling basis, and copies held by the AI providers under their own terms. We are continuing to formalize retention periods; if you have a specific request, contact us.

We rely on established infrastructure providers and apply access controls appropriate to a platform of our size. Specifically: authentication is handled by Supabase; data is encrypted in transit (TLS) and our providers (Supabase, Stripe, Vercel) encrypt data at rest on their infrastructure; access to data within the platform is governed by role- and membership-based rules. Some files (such as progress photos) are served through expiring, signed links, while other images (such as public avatars and feed images) are served from public URLs. No system is perfectly secure, and we cannot guarantee absolute security.

We are based in the United States and our core providers (including Supabase and PostHog) process data on US infrastructure. If you access MacroMinds from outside the US, your data will be transferred to and processed in the US, which may have different data-protection laws than your country.

MacroMinds is intended for users 18 and older. We do not intend to knowingly collect personal data from anyone under 18. Gyms are responsible for ensuring the members they enroll meet this requirement. If you believe a minor has provided us data, contact contact@macrominds.io and we will address it.

We may update this policy as the product and our practices evolve. Material changes will be communicated by email or in-app notice. Continued use after changes means you accept the updated policy.

Questions or requests about your privacy? Contact contact@macrominds.io.