BaseWorkout Privacy Policy

Privacy Policy Last updated: 29/10/2025
Your privacy is important to us. Therefore, the personal data you share with us is protected with sensitivity.
We, as Base Workout, in our capacity as “Data Controller,” aim to inform you with this privacy and personal data protection policy regarding:

  • Which of your personal data will be processed and for what purpose,
  • With whom and why the processed data may be shared,
  • Our data processing methods and legal basis,
  • What your rights are concerning your processed data.

 

1. Personal Data Collected, Collection Method, and Legal Basis

Our application’s operating principle is based on giving you maximum control over your data. We process your data in three different ways:
a) Data Stored Only On Your Device (SwiftData) Your core data, such as workout logs, exercise diaries, progress statistics, and personal notes you create while using the app, are stored locally only on your device using SwiftDatatechnology.

  • Access: We (Base Workout) or any third party cannot access this data, and it is not sent to our servers.
  • Control: You have full control over your data. If you delete the application, this data is also permanently deleted from your device.

b) Account and Authentication Data (Supabase) If you choose to create an account or log in to our application, we use the Supabase infrastructure for this process.

  • Data Collected: To manage your account, we process your email address, password (securely hashed), or, if you use social login (e.g., Google, Apple), the basic identification details provided by that platform (name, email, etc.).
  • Legal Basis: This data is collected based on the legitimate interest processing condition for the establishment of our service agreement with you and to ensure the security of your account.

c) Subscription Management Data (RevenueCat) If you subscribe to in-app premium features, we use the RevenueCat service to manage and verify your subscriptions.

  • Data Collected: RevenueCat processes your subscription status (active, canceled, etc.), purchase history, and a unique anonymous user ID.
  • Important Note: Your credit card details or other sensitive payment information are not collected or stored by us or RevenueCat. These transactions are handled securely and directly by the Apple App Store or Google Play Store.

 

2. Purpose of Processing Your Personal Data

The data you share with us and store on your device will be processed for the following purposes:

  • To create your Base Workout account and allow you to log in securely (via Supabase),
  • To manage and verify your premium subscriptions and provide you with access to the relevant features (via RevenueCat),
  • To enable you to securely store and manage your workout data and progress on your device (via SwiftData),
  • To provide you with technical support regarding our services or to inform you about updates,
  • To fulfill our legal obligations (e.g., sharing data with judicial and administrative authorities upon request).

 

3. Third-Party Service Providers and Data Transfer

As Base Workout, we do not share your personal workout data stored on your device with SwiftData with any third party.
However, to provide the application’s core functionalities (authentication and subscription), we must work with the following third-party service providers:

  • Supabase (Authentication): Used to manage user accounts and provide secure login. Supabase may store data on its servers (in Europe or the USA).
    • Supabase Privacy Policy: https://supabase.com/privacy
  • RevenueCat (Subscription Management): Used to verify and manage your subscription status.
    • RevenueCat Privacy Policy: https://www.revenuecat.com/privacy/

These service providers conduct their data processing activities in accordance with their own privacy policies.
Advertising and Analytics: The current version of our application does not use third-party advertising or detailed analytics services such as Google AdMob, Firebase Analytics, or Crashlytics.

4. Your Rights as a Data Subject

In accordance with applicable data protection laws (such as GDPR or KVKK), everyone, by applying to the data controller, has the right to:

  • Learn whether their personal data is being processed,
  • Request information if their personal data has been processed,
  • Learn the purpose of processing personal data and whether it is used in accordance with that purpose,
  • Know the third parties to whom personal data is transferred, domestically or abroad,
  • Request the correction of personal data if it is incomplete or incorrectly processed,
  • Request the deletion or destruction of personal data,
  • Request that the operations carried out pursuant to the two preceding items be notified to third parties to whom the personal data has been transferred,
  • Object to the emergence of a result against the person themselves by analyzing the processed data exclusively through automated systems,
  • Request compensation for damages in case of suffering damages due to the unlawful processing of personal data.

To exercise the rights listed above, you can contact us via the email address [email protected].

5. Contact & Consent

To provide you with services in line with your requests, it is entirely your choice whether to accept the processing of only your necessary personal data (account and subscription data).
By continuing to use the application, you will be deemed to have accepted our privacy policy. If you do not accept, please uninstall the application from all your devices.
For any questions, you can contact us at [email protected].

Scroll to Top