Delta is a place to train, not to be tracked. This policy lays out — in plain language — every kind of data the app touches, the handful of providers that help us run it, and the controls you have over all of it.
Information We Collect
We collect only what the app needs to work and improve — grouped by purpose, not buried in prose.
- Account. Name and email when you sign in with Apple. On first launch we create an anonymous account so Delta works without signing in; sign in later and your data links to it. Your profile may add a username, bio, photo, date of birth, gender, and fitness preferences you choose to provide.
- Workout & fitness data. Exercise logs, sets, reps, weights, duration, volume, routines, programs, goals, and personal records you create.
- Health data. Heart rate during workouts (Apple Watch or a Bluetooth monitor you connect), estimated calories, body weight, height, measurements, and body-fat estimates — synced to your account so it follows you across devices.
- Photos & media. Progress photos stay on your device. Your profile photo and images you attach to posts, stories, or messages are uploaded to our cloud storage so they can be shown. Photos sent to AI features are handled per Section 03.
- Social content. Posts, comments, likes, stories, club activity, and messages you create.
- Purchases. Subscription status and history, via Apple and RevenueCat. We never see or store your card details.
- Usage & diagnostics. Interaction events (screens, features) via PostHog (EU-hosted), plus crash and performance data via Sentry. We also store your push token, device type, OS, and app version.
Apple Health (HealthKit)
With your permission, Delta connects to Apple Health.
- We read body weight, height, body-fat %, heart rate, resting heart rate, HRV, VO2 max, active energy, workouts, date of birth, and biological sex — to pre-fill metrics, show live heart rate, and estimate calories.
- We write the workouts you complete in Delta, so your training appears in Apple Health.
- Some HealthKit-derived values are synced to your account so they appear on your other devices.
We never use Apple Health data — or any health and fitness data — for advertising, marketing, or data mining, and we never sell it to data brokers.
You can revoke Health access anytime in iOS Settings → Privacy & Security → Health.
AI Features
Some features use AI. When you choose to use them, data is sent to OpenAI through our secure server proxy — never directly from your device, and OpenAI never receives your name or email from us.
- Body Analysis & Evolve: body photos you submit, to estimate composition and build your program.
- Weekly Check-In: your check-in photo and progress metrics.
- Form Check: still frames from your exercise video (which show you and your surroundings) — the video itself stays on your device.
- AI Coach & insights: your messages and relevant training context.
Per OpenAI's API policy, data sent through the API is not used to train their models. AI results are stored with your account so you can revisit them. AI features are optional — Delta works fully without them.
How We Use Your Information
- Provide, maintain, and improve the app
- Sync your data across your devices
- Generate personalized AI training recommendations
- Calculate statistics, progress analytics, and personal records
- Operate the social features you choose to use
- Process and manage your subscription
- Send service notifications you have enabled
- Diagnose crashes, fix bugs, and understand which features are used
- Detect and prevent fraud or abuse
Data Storage & Security
- Stored on Supabase (PostgreSQL) in the European Union (AWS eu-central-1, Frankfurt), with Row Level Security so only you can access your private data
- Encrypted in transit (TLS) and at rest
- Authentication tokens are kept in your device's Keychain
- Delta is offline-first — your data lives on your device with background sync
- Exercise demonstration videos are delivered via Cloudflare's CDN; this involves no personal data
- Where data is processed outside the EU (e.g. OpenAI or Sentry in the US), we rely on the EU Standard Contractual Clauses and the EU–US Data Privacy Framework
Your Rights (GDPR & CCPA)
Depending on where you live — including under the EU GDPR and the California CCPA/CPRA — you have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your account and all associated data
- Export your data in a portable format
- Object to or restrict certain processing
- Withdraw consent for consent-based features (Health, AI, social sharing)
- Lodge a complaint with your local data protection authority. We do not sell or "share" personal information as defined by the CCPA.
Our GDPR legal bases are: performance of our contract with you (core functionality and sync), your consent (Health, AI, social), and our legitimate interests (security, fraud prevention, improving the app).
Deleting your account: in the app, go to Settings → Edit Profile → Delete Account. This permanently deletes your account and data as described in Section 09. You can also email us to exercise any right.
Data Retention
We retain your data while your account is active. When you delete your account, we permanently delete your personal data, workout history, and media within 30 days. Some anonymized, aggregated data may be kept for analytics.
Children's Privacy
Delta is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn we have, we delete it promptly.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes through the app or via email.
Contact
Delta is operated by Harun Can Demirkıran, the data controller responsible for your personal data under the GDPR.
For privacy questions, data-protection (GDPR / CCPA) requests, or to exercise any of your rights, contact us at celerise@celerise.app.
Social Features & Visibility
Think before attaching health stats or photos to public posts — anything you post is visible to the community.