Privacy Policy
Last updated: March 14, 2026
BeeStudio ("we", "us", "our") operates the BeeStudio mobile application (the "App") for iOS and Android. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use the App.
By using BeeStudio, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the App.
1. Information We Collect
1.1 Account Information
When you create an account, we collect:
- Email address (required)
- Full name (required)
- Password (securely hashed; we never store or access your raw password)
If you sign in using Apple or Google, we receive your name, email address, and an authentication token from the respective provider. We do not receive or store your Apple or Google password.
1.2 Profile Information
You may optionally provide:
- Profile picture (avatar)
- Bio
- Activities and interests
- Social media handles (Instagram, TikTok, X/Twitter)
1.3 Health and Fitness Data
With your explicit permission, BeeStudio reads health and fitness data from Apple HealthKit (iOS) and Google Health Connect (Android). This data is read-only — we never write data back to your health platform. Data we may read includes:
- Heart rate (average, maximum, and time-series samples)
- Active energy burned (calories)
- Step count
- Distance walked or run
- Heart Rate Variability (HRV)
- Running speed samples
- Workout and exercise sessions
- Workout route data (GPS coordinates and altitude)
We do not use health data for advertising, marketing, or data mining. We do not sell health data to third parties, including advertising networks, data brokers, or information resellers.
1.4 Workout and Exercise Data
When you use the App, we collect:
- Workout sessions (exercises, sets, reps, weight, duration, distance, RPE)
- Effort ratings and workout notes
- Custom exercises you create (name, description, instructions, video URL, muscle groups)
- Training plans you create or follow
1.5 Coaching Data
If you use the coaching features (as a trainer or client), we collect:
- Trainer-client relationships and status
- Plan assignments and progression phases
- Visibility settings (what data a client shares with their trainer)
- Trainer specializations and coaching notes
1.6 Social and Connection Data
- Friend requests and friendship status
- Plan sharing between users
- Public profile information visible to other users
1.7 Location Data
- Foreground location: We may request your location to display a map during certain activities. This data is used only in the App interface and is not stored on our servers.
- Workout route data: GPS coordinates from your workouts may be read from Apple HealthKit or Google Health Connect and stored to display your activity routes.
We do not track your location in the background.
1.8 Device and Technical Data
- Error reports: We use Sentry to collect crash reports and error logs to improve app stability. This includes stack traces, device type, OS version, and app version. No personally identifiable information is intentionally included in error reports.
- Network status: We detect online/offline status to enable offline functionality.
- Usage analytics: We may collect anonymized, aggregate usage analytics to understand how the App is used and improve the experience.
1.9 Locally Stored Data
The App stores data on your device for offline functionality, including cached workout, exercise, and plan data, in-progress workout backups, and user preferences. This data remains on your device and is cleared when you delete the App or your account.
2. How We Use Your Information
We use your information to:
- Provide core functionality: logging workouts, tracking progress, managing training plans, and coaching relationships.
- Sync health data: reading wearable data to enrich your workout records with heart rate, calories, steps, routes, and other metrics.
- Enable social features: connecting with friends, sharing plans, and trainer-client interactions.
- Display maps and routes: showing your workout routes on a map.
- Improve the App: analyzing crash reports and errors to fix bugs and improve stability.
- Communicate with you: sending important account-related notifications.
We do not use your data for:
- Advertising or marketing by third parties
- Selling or renting your personal information
- Building advertising profiles
- Tracking you across other apps or websites
3. How We Share Your Information
We do not sell your personal information. We share data only in the following circumstances:
3.1 With Other Users (Based on Your Settings)
- Public profile: Your name, avatar, bio, activities, and social handles are visible to other users.
- Coaching: If you are a coaching client, your trainer may see your workouts and analytics based on the visibility settings you control.
- Friends: Users you connect with can see your public profile.
- Shared plans: Plans you share are visible to the recipients.
3.2 With Service Providers
We use the following third-party services to operate the App:
| Provider |
Purpose |
Data Accessed |
| Supabase (EU-West-1) |
Database, authentication, file storage |
All account and app data |
| Apple HealthKit |
Health data sync (iOS) |
Health metrics (read-only) |
| Google Health Connect |
Health data sync (Android) |
Health metrics (read-only) |
| Sentry |
Error monitoring and crash reporting |
Error logs, device context |
| Mapbox |
Map rendering |
Current location (for display only) |
| Expo |
App build and update infrastructure |
App version, build info |
These providers process data on our behalf and are bound by their own privacy policies and data protection obligations.
3.3 Legal Requirements
We may disclose your information if required by law, regulation, legal process, or governmental request.
4. Health Data (Apple HealthKit & Google Health Connect)
We treat health data with the highest level of care:
- Health data is accessed only with your explicit permission and can be revoked at any time through your device settings.
- Health data is used solely to provide fitness tracking and workout insights within the App.
- Health data is never used for advertising, marketing, or data mining.
- Health data is never sold to third parties, including advertising networks, data brokers, or information resellers.
- Health data is never shared with third parties except as strictly necessary to provide core App functionality (stored securely in our database).
- You can disable health data syncing at any time in the App's settings.
5. Data Storage and Security
5.1 Where Your Data Is Stored
- Server data is stored on Supabase infrastructure located in the EU (eu-west-1, Ireland).
- Local data is stored in your device's secure app sandbox (SQLite database and app storage).
5.2 Security Measures
- All data is transmitted over HTTPS/TLS encryption.
- Server-side data is protected by Row Level Security (RLS) policies, ensuring users can only access their own data.
- Authentication uses secure session tokens with automatic refresh.
- OAuth sign-in (Apple, Google) uses the industry-standard PKCE flow.
- Passwords are securely hashed — we never have access to your raw password.
6. Data Retention
- Active accounts: We retain your data for as long as your account is active.
- Deleted accounts: When you delete your account, your data is permanently deleted from our servers immediately. This action is irreversible. Locally stored data is cleared when you sign out or delete the App.
- Cached data: Local cached data is automatically pruned based on expiration rules and removed when you delete the App.
7. Your Rights and Choices
You have the right to:
- Access your data: View your profile, workouts, and health data within the App.
- Update your data: Edit your profile information at any time.
- Delete your account: Delete your account and all associated data from within the App (Profile (scroll to bottom)).
- Control health data access: Enable or disable health data syncing in the App, or revoke permissions in your device settings.
- Control coaching visibility: Choose what data your trainer can see through visibility settings.
- Manage connections: Accept, decline, or remove friend and coaching connections.
For EU/EEA Users (GDPR)
If you are located in the European Economic Area, you additionally have the right to request a copy of your personal data, request correction of inaccurate data, request deletion ("right to be forgotten"), object to or restrict processing, and data portability. To exercise these rights, contact us at the email below.
For California Users (CCPA)
California residents have the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell personal information.
8. Children's Privacy
BeeStudio is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly. If you believe a child has provided us with personal information, please contact us.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this policy. We encourage you to review this policy periodically.
10. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: privacy@beestudio.fit