Privacy Policy

Last updated: January 2026

At Omaka, we take your privacy seriously. This policy explains what data we collect, why we collect it, and how we protect it. We believe in transparency and giving you control over your personal information.

What We Collect

Account Information

Email address used to create your account and communicate with you about your subscription.

Fitness Profile

Quiz responses including fitness goals, experience level, available equipment, and preferences. This personalizes your workouts.

Workout Data

Workout completions, feedback ratings, and exercise history to improve your training recommendations.

Health Data (Optional)

If you grant permission, we sync with Apple Health to access sleep, heart rate, and activity data for better workout personalization.

What We Don't Collect

  • We don't track you outside the app
  • We don't sell your data to third parties. Ever.
  • We don't use your data for advertising
  • We don't share health data with insurance companies

How We Use Your Data

  • Generate personalized workout plans based on your goals and feedback
  • Adjust workout intensity based on your recovery and sleep
  • Send you workout reminders and updates (if enabled)
  • Improve our service based on aggregate, anonymized usage patterns

Data Storage & Security

Your data is stored securely on Supabase (PostgreSQL database hosted in the EU). All data is encrypted in transit (TLS 1.3) and at rest (AES-256).

Payment information is processed by Stripe (web) or Apple (iOS). We never see or store your credit card details.

Your Rights (GDPR)

Under GDPR and similar privacy laws, you have the right to:

  • Access - Request a copy of all data we hold about you
  • Rectification - Correct any inaccurate personal data
  • Erasure - Delete your account and all associated data
  • Portability - Export your data in a machine-readable format
  • Object - Opt out of certain data processing activities

To exercise any of these rights, delete your account from the app settings or contact us.

Data Retention

We retain your data for as long as your account is active. When you delete your account, we permanently delete all personal data within 30 days.

Anonymized, aggregate data (e.g., total workouts completed across all users) may be retained indefinitely for service improvement.

Third-Party Services

We use the following third-party services:

Supabase - Database and authentication (EU)
Stripe - Web payment processing (PCI-DSS compliant)
Apple - iOS payment processing and HealthKit integration
Vercel - Website hosting
Resend - Transactional emails

Contact Us

Questions about this privacy policy or your data? Contact us at hello@getomaka.com