Your privacy matters. This policy explains exactly what data Deadline Personal Training collects, how it is used, and the rights you have over it. We aim to be plain about this — no jargon, no surprises.
1. What Data We Collect
We collect only what is needed to operate the Service. This includes:
- Account information — your email address and a securely hashed password, provided when you register.
- Profile information — your name, age, weight, height, gender, and any physical limitations you choose to enter.
- Quiz answers — your responses to the Reckoning onboarding quiz, including fitness level, goals, available equipment, training frequency, and preferred style.
- Workout plans — plans you choose to save to your Grimoire, including the generated text and the parameters used to create them.
- Session logs — workout sessions you log in Blood & Iron, including exercise name, RPE, notes, and whether a personal record was achieved.
- Measurements — body measurements you optionally track over time.
- Nutrition logs — food entries you optionally log, including calories and macros.
- Exercise history — a record of exercises you have logged to personalise future AI-generated plans.
2. How Your Data Is Stored
All account data, profile information, workout logs, saved plans, and history are stored in a secure PostgreSQL database hosted on Replit's infrastructure. Your password is never stored in plain text — it is hashed using bcrypt before storage.
Some UI preferences — such as whether you have dismissed the install prompt or completed the
onboarding checklist — are stored in your browser's localStorage. This data never
leaves your device and is not transmitted to our servers.
We do not use any third-party analytics, advertising trackers, or data brokers. No tracking pixels. No cross-site cookies.
3. Third-Party Services
We use the following third-party services to operate the app:
- Anthropic (Claude AI) — When you generate a workout plan, we send a prompt to Anthropic's API containing your profile data, quiz answers, and relevant training history. This data is used solely to generate your workout and is subject to Anthropic's Privacy Policy. Anthropic does not use API inputs to train their models by default.
- Replit — The app is hosted on Replit's infrastructure. Your data resides on servers operated by Replit and is subject to Replit's Privacy Policy.
- Google Fonts — We load typefaces from Google Fonts, which may log your IP address to serve the font files. See Google Fonts Privacy FAQ.
We do not sell your data to any third party, ever.
4. Cookies
Deadline uses a single session cookie to keep you logged in while you use the app. This cookie is strictly necessary for the Service to function and does not track you across other websites. It expires when your session ends or when you log out.
We do not use advertising cookies, analytics cookies, or any other non-essential cookies.
5. Your Rights
You have meaningful control over your data:
- Access — All of your data is visible to you within the app at any time.
- Correction — You can update your profile, quiz answers, and any logged data directly in the app.
- Deletion — You can request full deletion of your account and all associated data by emailing us at privacy@deadline-training.com. We will process deletion requests within 30 days.
- Portability — If you would like an export of your data, contact us at the address above and we will provide it in a readable format.
- Objection — If you believe your data is being used in a way you did not consent to, please contact us immediately.
Depending on your location, you may have additional rights under applicable law such as GDPR or CCPA. We honour those rights regardless of your jurisdiction.
6. Data Retention
We retain your data for as long as your account is active. If you request account deletion, all personal data will be permanently removed from our systems within 30 days, except where retention is required by law.
7. Children's Privacy
Deadline Personal Training is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
8. Security
We take reasonable technical and organisational measures to protect your data, including password hashing, session-based authentication, and encrypted connections (HTTPS). No system is completely immune to breaches, but we are committed to minimising risk and will notify affected users promptly if a data breach occurs.
9. Changes to This Policy
If we make meaningful changes to this Privacy Policy, we will update the "Last Updated" date at the top of this page. For significant changes, we will make a reasonable effort to notify active users. Your continued use of the Service constitutes acceptance of the revised policy.
10. Contact
For any privacy-related questions, data requests, or concerns, please contact us at:
privacy@deadline-training.com