Privacy Policy — The Program
Legal

Privacy Policy

Last updated: May 18, 2026

This Privacy Policy describes how The Program App ("we", "us", or "our") collects, uses, and shares information when you use The Program – Pocket Coach (the "App"), our companion website at theprogramapp.com, and any related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

Account Information

When you sign up using Apple Sign In or Google OAuth, we receive your email address and a unique identifier from the authentication provider. We do not receive your password.

Fitness and Health Data

The App collects workout data that you enter or upload, including:

  • Exercise names, sets, repetitions, weights, durations, distances, and perceived exertion (RPE)
  • Bodyweight, lifting goals, and personal records (PRs)
  • Training program details and weekly progressions
  • Session dates and frequency

This is sensitive personal data. We treat it accordingly: we do not sell it, share it with advertisers, or use it for any purpose unrelated to operating the Service.

User-Generated Content

If you upload images of workout sessions or PDF documents containing training programs, we store and process this content to provide features such as session parsing and document-based AI coaching responses.

Usage and Technical Information

We collect basic technical information necessary to operate the App, including device type, operating system version, app version, and approximate request timing. We do not use third-party analytics services that profile your behavior.

Purchase Information

If you make in-app purchases, transaction data is processed by Apple App Store or Google Play. We receive confirmation of your purchase and entitlement to features, but we do not receive your payment card details or full billing address.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Generate personalized coaching responses based on your training history
  • Parse workout images and documents into structured training data
  • Display your training history and progress over time
  • Process in-app purchases and credit balances
  • Communicate with you about your account, updates, and support
  • Detect and prevent fraud, abuse, or technical issues

3. Third-Party Services

The Service relies on the following third-party providers, each with their own privacy practices:

  • Anthropic — AI coaching, workout image parsing, and document analysis. Your text and image content may be sent to Anthropic's Claude API for processing. Anthropic Privacy Policy
  • OpenAI — Text embeddings for searching your uploaded training documents. OpenAI Privacy Policy
  • Supabase — Storage of uploaded images and files. Supabase Privacy Policy
  • MongoDB Atlas — Primary database for your account data and workout logs.
  • Emergent — Backend application hosting.
  • Apple App Store / Apple Sign In — iOS authentication and in-app purchases. Apple Privacy Policy
  • Google Play / Google OAuth — Android authentication and in-app purchases. Google Privacy Policy
  • GoHighLevel — Email communication and onboarding for our website. GoHighLevel Privacy Policy
  • RevenueCat — Subscription and in-app purchase management (when applicable). RevenueCat Privacy Policy

We provide these third parties only with the minimum information needed to operate their respective functions. They are contractually obligated to use this information only as instructed by us and consistent with this Privacy Policy.

4. Information Sharing

We do not sell your personal information. We do not share your information with advertisers. We do not share your fitness, health, or training data with third parties except as necessary to provide the Service (e.g., sending content to Anthropic's Claude API to generate coaching responses).

We may disclose your information if required to do so by law, in response to a valid legal request, or to protect the rights, property, or safety of users or the public.

5. Data Retention

We retain your account information and workout data for as long as your account remains active. If you delete your account, we delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes such as fraud prevention.

Uploaded images and documents are retained as long as they are associated with your account. You can delete individual uploads at any time from within the App.

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access — Request a copy of the personal information we hold about you
  • Correction — Request that we correct inaccurate information
  • Deletion — Request that we delete your information
  • Portability — Request your data in a structured, machine-readable format
  • Objection — Object to certain uses of your information

To exercise any of these rights, email us at [email protected]. We respond within 30 days.

7. Children's Privacy

The Service is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at [email protected] and we will delete it.

8. Data Security

We use industry-standard security measures including HTTPS/TLS encryption for all data in transit, secure password handling via OAuth providers (we never store passwords directly), and access controls on our database and storage services. No security system is perfectly secure, and we cannot guarantee absolute security.

9. International Users

The Service is operated from the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States. By using the Service, you consent to this transfer.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under GDPR. The legal basis for our processing is your consent and our legitimate interest in providing the Service.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA). We do not sell personal information as defined by the CCPA.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We will notify you of material changes by email or in-app notification.

11. Contact Us

If you have questions about this Privacy Policy or our practices, contact us at:

The Program App Email: [email protected]
Website: https://theprogramapp.com

© 2026 The Program App. All rights reserved.

Privacy Contact