Privacy Policy
Effective date: 15 May 2026
This Privacy Policy explains how Formai ("we", "us", or "our") collects, uses, and protects your personal information when you use the Formai mobile application and website at getformai.com (together, the "Service").
By using the Service, you agree to the collection and use of information as described in this policy.
1. Who We Are
Formai is operated by Engle Consulting Limited, a company registered in England and Wales. If you have any questions about this policy, contact us at alecpringle@outlook.com.
2. Information We Collect
Information you provide directly
- Account information: your email address and password (stored as a one-way hash - we cannot read your password).
- Profile and fitness data: your age, height, weight, training goals, experience level, available equipment, and training schedule.
- Workout logs: sets, reps, weights, and performance data logged during your sessions.
- Physique photos: optional photos for AI-assisted progress tracking. These are stored encrypted and are never shared with third parties except as described below.
Information collected automatically
- Device and usage data: device type, operating system, app version, and usage patterns for debugging and improving the app.
- Error reports: crash and error reports sent to Sentry. These do not include your workout data or photos.
- Push notification tokens: stored only if you enable push notifications.
Information from Apple Health (optional)
If you grant permission, we may read resting heart rate, HRV, and sleep duration. This data is used only to personalise your training recommendations and is not shared with third parties.
3. How We Use Your Information
| Purpose | Legal basis |
|---|---|
| Providing and personalising the Service | Performance of contract |
| Processing your subscription via Apple's In-App Purchase | Performance of contract |
| Sending training reminders and personal record alerts | Consent |
| Detecting and fixing errors | Legitimate interests |
| Improving the app based on usage patterns | Legitimate interests |
| Communicating with you about your account | Performance of contract |
| Complying with legal obligations | Legal obligation |
We do not sell your personal data. We do not use your data for advertising.
4. Third-Party Services
| Service | Purpose | Data shared |
|---|---|---|
| RevenueCat | Subscription billing and entitlement management | Your App Store receipt; no personally identifying information |
| Sentry | Error monitoring and crash reporting | Device info and app state at time of error |
| Expo | Delivering push notifications | Your device push token |
| Fly.io | Hosting the Formai API and database | All data stored in our database |
| AWS S3-compatible storage | Storing physique photos and media assets | Physique photos encrypted at rest |
| OpenAI | AI analysis of physique photos if you use this feature | The photo you submit for that check-in only |
5. Data Storage and Security
Your data is stored on servers located in the European Union. We use industry-standard encryption in transit and at rest. Passwords are hashed using bcrypt and cannot be recovered or read by us.
6. How Long We Keep Your Data
We retain your data for as long as your account is active. If you delete your account, your profile, workout history, and all personal data are permanently deleted from our database within 30 days, and physique photos are deleted from storage immediately.
7. Your Rights
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your account and associated data
- Export your workout data
- Withdraw consent for optional processing
To exercise these rights, contact us at alecpringle@outlook.com. To delete your account, go to Settings - Account - Delete Account in the app.
8. Children
The Service is not directed at children under 16. We do not knowingly collect personal data from anyone under 16.
9. Changes to This Policy
We may update this policy from time to time. If we make material changes, we will notify you via the app or by email at least 14 days before the changes take effect.
10. Contact
Email: alecpringle@outlook.com
Website: getformai.com/support
As a UK-based company, our lead supervisory authority is the Information Commissioner's Office (ICO). You have the right to lodge a complaint with the ICO at ico.org.uk or by calling 0303 123 1113.
If you are resident in the European Union, you may also lodge a complaint with your national data protection authority.