Privacy Policy

Last updated: 14.12.2025

This Privacy Policy explains how we process personal data when you use the Workout Flow mobile application (“App”).

We take data protection seriously and process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable German data protection laws.

1. Controller

The controller responsible for data processing is:

Anja Zigic Borkovac
Gerhart-Hauptmann-Str. 10
90763 Fürth, Germany
Email: workout-flow-contact@getsend.app

2. Scope of This Privacy Policy

This Privacy Policy applies to the Workout Flow mobile application for iOS and Android.

The App:

• does not require user accounts
• stores workout data locally on your device only
• does not sync workout data to any cloud backend
• does not collect heart rate or sensor data

3. Data Processed by the App

3.1 Local Workout Data (On-Device Only)

The App allows you to:

• create workouts
• run workouts
• store completed workouts
• view analytics based on completed workouts

All workout data is stored exclusively on your device.
We do not have access to this data, and it is not transmitted to our servers.

Legal basis:
Article 6(1)(b) GDPR (performance of the app’s functionality)

3.2 Pseudonymous App Identifier

When you first start the App, a randomly generated, pseudonymous identifier is created.

This identifier:

• is not your device ID
• does not identify you personally
• cannot be used to track you across apps
• is reset if the app is deleted

This identifier is used only for:

• anonymous analytics
• technical error diagnostics

Legal basis:
Article 6(1)(a) GDPR (consent)

4. Analytics (Firebase Analytics)

We use Google Firebase Analytics to understand how the App is used and to improve its functionality.

Firebase Analytics collects:

• anonymized usage events
• app performance data
• pseudonymous identifiers

We do not send:

• names
• email addresses
• device identifiers
• detailed workout records or completed workout history

The App may send anonymous usage events (for example, when a workout is started) that include non-identifying configuration parameters such as durations or timer structure. These events do not include exercise names, or user-specific performance data.

IP addresses are anonymized by Google.

Provider:
Google Ireland Limited
Gordon House, Barrow Street, Dublin 4, Ireland

Legal basis:
Article 6(1)(a) GDPR (consent)

You can disable analytics at any time in the App settings.

5. Error Tracking (Sentry)

We use Sentry to detect and fix technical errors.

Sentry processes:

• crash reports
• anonymized technical diagnostics
• a pseudonymous app identifier

We do not send:

• personal data
• contact information
• workout details
• device identifiers

Provider:
Functional Software, Inc. (Sentry)
San Francisco, USA

Data transfers are protected by appropriate safeguards (EU-US Data Privacy Framework / Standard Contractual Clauses).

Legal basis:
Article 6(1)(f) GDPR (legitimate interest in app stability and security)

6. Contact & Support Forms (Tally)

If you contact us via a support or contact form, we process:

• first name
• last name
• email address
• message content

This data is used only to respond to your inquiry.

Provider:
Tally BV
Ghent, Belgium

Legal basis:
Article 6(1)(b) GDPR (responding to inquiries)

We do not use this data for marketing purposes.

7. No Health or Medical Data Processing

The App is a fitness and wellness application.

We do not:

• collect heart rate data
• process sensor or medical data
• provide medical advice or diagnostics

8. Data Retention

• Local workout data remains on your device until you delete it or uninstall the App.
• Analytics and error data are retained only as long as necessary for their purpose.
• Contact inquiries are deleted after the request is resolved, unless legal obligations require longer retention.

9. Data Sharing

We do not sell or share your data with third parties.

Data is shared only with:

• Firebase (analytics)
• Sentry (error tracking)
• Tally (contact forms)

Each provider acts as a data processor under GDPR and is contractually bound to comply with data protection laws.

10. Your Rights

Under GDPR, you have the right to:

• access your personal data
• request correction or deletion
• withdraw consent at any time
• object to processing
• lodge a complaint with a supervisory authority

For Germany, the supervisory authority is your local Landesdatenschutzbehörde.

To exercise your rights, contact us at: workout-flow-contact@getsend.app

11. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• encrypted data transmission
• minimal data collection
• restricted access to systems

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
The latest version will always be available within the App and on our website.

13. Contact

If you have questions about this Privacy Policy, please contact:

Anja Zigic Borkovac Email: workout-flow-contact@getsend.app