Legal

Privacy policy.

Last updated: January 2026

At Omaka, we take your privacy seriously. This policy explains what data we collect, why we collect it, and how we protect it. We believe in transparency and giving you control over your personal information.

What we collect.

Account information

Email address used to create your account and communicate with you about your subscription.

Fitness profile

Quiz responses including fitness goals, experience level, available equipment, and preferences. This personalizes your workouts.

Workout data

Workout completions, feedback ratings, and exercise history to improve your training recommendations.

Health data (optional)

If you grant permission, we sync with Apple Health to access sleep, heart rate, and activity data for better workout personalization.

What we don't collect.

  • ×We don't track you outside the app
  • ×We don't sell your data to third parties. Ever.
  • ×We don't use your data for advertising
  • ×We don't share health data with insurance companies

How we use your data.

  • Generate personalized workout plans based on your goals and feedback
  • Adjust workout intensity based on your recovery and sleep
  • Send you workout reminders and updates (if enabled)
  • Improve our service based on aggregate, anonymized usage patterns

Data storage & security.

Your data is stored securely on Supabase (PostgreSQL database hosted in the EU). All data is encrypted in transit (TLS 1.3) and at rest (AES-256).

Payment information is processed by Stripe (web) or Apple (iOS). We never see or store your credit card details.

Your rights (GDPR).

Under GDPR and similar privacy laws, you have the right to:

  • AccessRequest a copy of all data we hold about you
  • RectificationCorrect any inaccurate personal data
  • ErasureDelete your account and all associated data
  • PortabilityExport your data in a machine-readable format
  • ObjectOpt out of certain data processing activities

To exercise any of these rights, delete your account from the app settings or contact us.

Data retention.

We retain your data for as long as your account is active. When you delete your account, we permanently delete all personal data within 30 days.

Anonymized, aggregate data (e.g., total workouts completed across all users) may be retained indefinitely for service improvement.

Third-party services.

We use the following third-party services:

  • SupabaseDatabase and authentication (EU)
  • StripeWeb payment processing (PCI-DSS compliant)
  • AppleiOS payment processing and HealthKit integration
  • VercelWebsite hosting
  • ResendTransactional emails

Contact us.

Questions about this privacy policy or your data? Contact us at hello@getomaka.com.

See also our Terms of service.