This Privacy Policy explains how Athlora ("Athlora", "we", "us", or "our"),
operated by Athlora GbR, collects, uses, and protects
your personal data when you use the Athlora mobile application (the "App").
By using the App you agree to the practices described in this policy. If you do not agree,
please do not use the App.
Contact:personalfitnessvs@gmail.com
1. Who we are
Athlora is a social fitness application that lets you track workouts, share progress (posts,
video clips, and stories), take part in challenges and duels, message and call other members,
and follow your step and activity stats.
The data controller responsible for your personal data is
Athlora GbR, contactable at
personalfitnessvs@gmail.com.
2. What data we collect
2.1 Account and profile data
Sign-in data via Google Sign-In: your email address, name, and profile picture, provided through your Google account.
Profile data you enter: username, bio, avatar, optional location (city and country, shown publicly on your profile), and optional fitness metrics such as gender, age, height, and weight.
2.2 Content you create
Posts, Reels (video clips), and Stories: photos, videos, captions, and thumbnails you upload.
Comments, reactions, and reports you submit.
2.3 Fitness and health data
Workouts and sessions: exercises, sets, duration, calories, and progress you record in the App.
Steps and activity: step counts from your device's step sensor.
This health and fitness data is used to show you your own statistics and progress. We do not sell it.
2.4 Communications
Chat messages (text and any media you attach) between you and other users.
Voice and video calls: calls are transmitted peer-to-peer (WebRTC). We do not record the audio or video of your calls. We process minimal signaling data needed to connect a call.
2.5 Social graph
Your followers, the people you follow, friends, close friends, and your participation in challenges, duels, and leaderboards.
2.6 Device and diagnostic data
Push notification token (Firebase Cloud Messaging) to deliver notifications you have enabled.
Diagnostic and crash data collected via Firebase Crashlytics when the App crashes or encounters an error (for example, device model, operating system version, and a technical stack trace). This helps us fix bugs and improve stability. Crash reporting is disabled in development builds.
2.7 Device permissions we request
Camera and microphone — to take photos and videos and to make voice/video calls.
Photos and media — to let you select images and videos from your gallery.
Notifications — to send reminders and updates you opt into.
Physical activity / step sensor — to count your steps.
You can change or revoke these permissions at any time in your device settings.
2.8 What we do not collect
We do not collect your precise or background location.
We do not knowingly collect data from children (see Section 8).
3. How we use your data
We use your data to:
provide and operate the App (your account, feed, workouts, social features, messaging, and calls);
show you your own fitness statistics and progress;
deliver notifications you have enabled;
keep the App and community safe — prevent abuse, review reported content, and enforce our rules;
diagnose crashes and improve the App's stability and performance.
4. Legal bases for processing (where GDPR or similar laws apply)
Performance of a contract — to provide the App's core functionality.
Your consent — for camera, microphone, health data, and notifications. You can withdraw consent at any time through your device settings.
Our legitimate interests — to keep the service secure, prevent abuse, and improve the App.
5. How your data is shared
We do not sell your personal data. We share data only as described below.
5.1 Other users
Content you choose to share (posts, reels, stories, profile, comments) is visible to other users according to the visibility settings you select.
5.2 Service providers (processors)
Google Firebase — Authentication, Firestore (database), Cloud Storage (media), Cloud Functions, Cloud Messaging (push notifications), and Crashlytics (crash diagnostics).
Google Sign-In — to authenticate your account.
These providers process data under their own terms and privacy policies. See Google's Privacy Policy at https://policies.google.com/privacy.
5.3 Legal reasons
We may disclose data if required by law, or to protect the rights, safety, and security of our users or the public.
6. Data retention
We keep your personal data while your account is active.
Stories are temporary and automatically expire after 24 hours.
When you delete your account (see Section 7), we delete your personal data and content. Some information may remain in encrypted backups for a limited period before being overwritten, and we may retain anonymized or aggregated data that no longer identifies you.
7. Deleting your account and data
You can request deletion of your account and associated personal data at any time:
In the App: Settings → Delete account (where available); or
By email: write to personalfitnessvs@gmail.com from the email address associated with your account, and we will delete your account and associated data within 30 days.
Deleting your account removes your profile, posts, reels, stories, messages, and fitness data from active systems, subject to the limited retention described in Section 6.
8. Children
Athlora is not directed to children under 13 (or the higher minimum age required in your country — for example, 16 in parts of the European Economic Area). We do not knowingly collect personal data from children below that age. If you believe a child has provided us with personal data, contact us at personalfitnessvs@gmail.com and we will delete it.
9. Security
We use industry-standard measures to protect your data, including encryption in transit and access controls provided by our infrastructure (Firebase). No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
10. International data transfers
Your data is stored and processed on Google's servers and may be transferred to and processed in countries other than the one in which you live. Where required, such transfers are made with appropriate safeguards.
11. Your rights
Depending on where you live (for example under the EU/UK GDPR or the California CCPA/CPRA), you may have the right to:
access the personal data we hold about you;
correct inaccurate data;
delete your data;
restrict or object to certain processing;
request a copy of your data (portability).
To exercise these rights, contact us at personalfitnessvs@gmail.com. You also have the right to lodge a complaint with your local data protection authority.
12. Future features (AI and advertising)
We may, in future versions, introduce AI-assisted coaching (which would process your workout-related data through Google's AI services to generate recommendations) and advertising. Before such features process your data, we will update this policy and, where the law requires it, ask for your consent. These features are not active in the current version.
13. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, for material changes, notify you within the App.
14. Contact us
If you have any questions about this Privacy Policy or your data, contact us at: