Privacy Policy
This Privacy Policy describes how NETBULLS Sp. z o.o. ("ProovX", "we", "us", or "our") collects, uses, and discloses your information when you use the ProovX mobile application, the ProovX Dev and ProovX Test builds, the ProovX web application, or any other ProovX service that links to this policy (collectively, the "Service").
By using the Service, you agree to the collection and use of information in accordance with this policy.
Information We Collect
Information you provide to us
- Account information. When you create an account or sign in, we collect your email address, display name, phone number, and — if you choose to use them — credentials from linked social identity providers (e.g., Google, Apple).
- Profile information. Optional profile details you enter, such as gym affiliation, preferences, or avatar.
- Training data. Workouts, sessions, metrics (such as reps, duration, and training logs), notes, and any other content you record within the Service.
- Communications. Messages, support requests, and feedback you send to us.
Information collected automatically
- Device information. Device model, operating system version, application version, language, and time zone.
- Usage information. Interactions with app features, navigation events, and diagnostic logs when errors occur. These are used to maintain and improve the Service.
- Authentication tokens. Stored securely on your device to keep you signed in across sessions.
We do not collect your precise location, contacts, photos, camera input, or microphone data unless you explicitly grant permission and use a feature that requires it.
Information from third parties
- Authentication. We use a self-hosted instance of Logto as our identity provider. Logto processes sign-in credentials, including those from linked social providers if you choose to use them.
- Phone verification. We use Twilio Verify to send SMS verification codes during phone-based sign-in. Twilio receives your phone number for this purpose.
- Map services. When you use location-based features, we use Mapbox to render maps. Mapbox may receive approximate region information necessary to render map tiles.
- Data sync. We use a self-hosted PowerSync instance to synchronize your training data between your devices and our backend.
How We Use Your Information
We use the information we collect to:
- Provide, maintain, and operate the Service;
- Authenticate you and keep your sessions active across devices;
- Synchronize your training data between your devices;
- Send you transactional messages such as verification codes and account-related notifications;
- Diagnose bugs, analyze aggregated usage patterns, and improve app performance and reliability;
- Communicate with you in response to support requests;
- Comply with applicable legal obligations.
We do not use your information for advertising, profiling for marketing purposes, or any purpose unrelated to operating the Service.
Data Storage and Security
- All data in transit is encrypted using TLS 1.2 or higher.
- Data at rest is stored on infrastructure we operate, primarily hosted in the European Union.
- Access to personal data is restricted to authorized personnel who need it to operate the Service.
- We implement reasonable technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction.
No method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.
Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service. When you request deletion of your account, we delete your personal information within a reasonable period, subject to any legal or operational retention requirements.
Aggregated or anonymized data that cannot reasonably be linked back to you may be retained for analytical purposes.
Your Rights
Depending on your jurisdiction, you may have the following rights in relation to your personal data:
- Access — request a copy of the personal data we hold about you;
- Rectification — request correction of inaccurate or incomplete information;
- Erasure — request deletion of your personal data;
- Restriction — request that we limit the processing of your data;
- Objection — object to certain types of processing;
- Portability — request your data in a machine-readable format;
- Withdrawal of consent — withdraw consent where processing is based on consent.
To exercise any of these rights, please contact us at the email address below. We will respond within a reasonable time frame and in accordance with applicable law.
Third-Party Processors
We share personal data with the following processors, solely to operate the Service:
| Processor | Purpose | Data shared |
|---|---|---|
| Logto (self-hosted) | Authentication | Email, name, user ID, social provider identifiers |
| Twilio Verify | SMS verification | Phone number |
| Mapbox | Map rendering | Approximate region for tile requests |
| PowerSync (self-hosted) | Data sync | Training data, user identifiers |
We do not sell your personal information. We do not share your personal information with advertising networks, data brokers, or any party for marketing purposes.
International Data Transfers
Your data is primarily stored and processed in the European Union. Where data is transferred outside the European Economic Area (for example, through our third-party processors), we rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.
Children's Privacy
The Service is not directed at children under 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at the email below and we will take steps to delete such information.
Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will post the updated version on this page and revise the "Last updated" date at the top. For material changes, we will provide additional notice (for example, via the app or via email where appropriate).
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us: