Privacy Policy for Workout Notepad
Last Updated: April 4, 2025
Introduction
Thank you for choosing Workout Notepad ("Software"), provided by LandersWeb LLC ("LandersWeb", "we", "us", or "our"). We are committed to protecting your privacy and being transparent about how we handle your information. This Privacy Policy explains what information we collect, how we use and share it, and your rights regarding your data when you use our Software, which includes our mobile applications and related websites or services.
If you have any questions or concerns about this policy or our practices, please contact us at support@workoutnotepad.co.
By using our Software, you agree to the collection and use of information in accordanceance with this policy. If you do not agree with the terms outlined here, please discontinue use of our Software immediately.
Information We Collect
We collect information necessary to provide and improve our Software and personalize your experience. The types of information we collect include:
- Account Information:
- Email Address: Collected when you register an account. Used as a unique identifier, for account management (password resets, security notifications), and for sending important service-related updates.
- Optional Name: You may choose to provide your name, either by allowing access through an OAuth provider (like Google or Apple Sign-In) or by entering it directly in the app. This is used to personalize your experience (e.g., greeting you by name). It is not required.
- User-Generated Content:
- Workout Data: Information you log about your exercises, sets, reps, weights, etc.
- Images and Videos: You may optionally upload images or videos (e.g., for exercise context or form reference). These are stored and displayed within your account.
- Technical and Usage Information:
- Analytics Data: We use third-party analytics services (Google Analytics, New Relic) to understand how users interact with our Software. These services may collect information such as device identifiers, IP addresses (which may be anonymized by the service), approximate geographic location, device model and operating system, crash reports, and usage patterns (e.g., features used, session duration). This data helps us improve the app, diagnose issues, and understand usage trends, typically analyzed in an aggregated or de-identified form. Use of this data by analytics providers is governed by their respective privacy policies:
- Google Analytics: https://support.google.com/analytics/answer/7318509?hl=en
- New Relic: https://newrelic.com/termsandconditions/privacy
- Device Information: We identify your device's operating system (iOS/Android) and potentially the device model to optimize the user interface and diagnose platform-specific issues.
- Analytics Data: We use third-party analytics services (Google Analytics, New Relic) to understand how users interact with our Software. These services may collect information such as device identifiers, IP addresses (which may be anonymized by the service), approximate geographic location, device model and operating system, crash reports, and usage patterns (e.g., features used, session duration). This data helps us improve the app, diagnose issues, and understand usage trends, typically analyzed in an aggregated or de-identified form. Use of this data by analytics providers is governed by their respective privacy policies:
- Communications:
- Push Notifications: With your explicit consent, we may send push notifications to your mobile device for important updates, reminders, or other relevant information related to the Software. You can manage push notification preferences in your device settings or app settings.
Providing optional information (like name, images, videos) or enabling push notifications is not mandatory, but choosing not to may limit certain personalization features or functionalities.
How We Use Your Information
We use the collected information for the following purposes:
- To Provide and Manage the Service: Creating and managing your account, enabling login, processing workout data, storing backups, and providing core app functionality.
- To Personalize User Experience: Displaying your optional name, showing your uploaded images/videos in context.
- To Communicate with You: Sending essential service updates, security alerts, password reset emails, and responding to support requests. Sending push notifications if you have opted-in.
- To Improve and Optimize the Software: Analyzing usage patterns and technical data (often aggregated or de-identified) to identify bugs, troubleshoot issues, enhance features, and improve overall performance and usability.
- To Ensure Security and Compliance: Detecting and preventing fraud or abuse, enforcing our Terms of Service and EULA, complying with legal obligations, and protecting the rights, property, or safety of LandersWeb LLC, our users, or the public.
Information Sharing and Disclosure
LandersWeb LLC respects your privacy. We do not sell or rent your personally identifiable information (like email address or name) to third parties for their marketing purposes. We share information only in the following circumstances:
- With Service Providers: We engage third-party companies and individuals to perform services on our behalf. These include:
- Cloud Hosting and Backup: Amazon Web Services (AWS) hosts our application data, including your account information and user-generated content.
- Analytics Providers: Google Analytics and New Relic help us understand app usage. These service providers have access to your information only to perform tasks on our behalf and are obligated contractually or by their own policies not to disclose or use it for other purposes.
- For Legal Reasons: We may disclose your information if required by law, subpoena, or other legal process, or if we have a good faith belief that disclosure is reasonably necessary to:
- Comply with a legal obligation.
- Protect and defend the rights or property of LandersWeb LLC.
- Prevent or investigate possible wrongdoing in connection with the Software.
- Protect the personal safety of users or the public.
- Protect against legal liability.
- Business Transfers: If LandersWeb LLC is involved in a merger, acquisition, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different Privacy Policy.
- Aggregated or De-identified Data: We may share aggregated or de-identified information, which cannot reasonably be used to identify you, for purposes such as industry analysis or improving our services.
Cookies and Tracking Technologies
Our mobile application does not currently use cookies. Our website may use essential cookies for basic functionality. If we implement cookies or similar tracking technologies more broadly in the future (e.g., for website analytics or enhanced features), we will update this policy and implement necessary consent mechanisms as required by law.
Data Retention
We retain your personal information for as long as your account is active or as needed to provide you with the Software and fulfill the purposes outlined in this policy. We also retain information as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, and for backup and disaster recovery purposes.
When you request account deletion, we will take steps to delete your personally identifiable information (email, optional name) and your user-generated content (workout data, images, videos) from our active systems within a reasonable timeframe.
However, please note that some information may be retained for longer periods where necessary:
- Purchase Information: Transaction history related to any in-app purchases will be retained for financial record-keeping.
- Anonymized/Aggregated Data: Data that has been anonymized or aggregated for analytics or service improvement may be retained indefinitely as it no longer identifies you.
- Legal/Compliance: Information may be retained as required by law or for legitimate compliance, security, or fraud prevention purposes (e.g., in backups or logs, subject to secure deletion policies).
Security Measures
We implement technical and organizational measures designed to protect your information. We use secure methods like hashing and salting for password storage (passwords themselves are never stored). Communication between the app and our servers is typically encrypted using HTTPS/TLS.
However, please be aware:
- No system is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security against breaches or unforeseen vulnerabilities.
- Encryption at Rest: Your personal information (such as email address, optional name, and workout data) stored on our servers is currently NOT encrypted at rest. While access controls are in place, this means the raw data could potentially be readable if unauthorized physical or logical access to the storage were obtained. We strongly advise against storing highly sensitive personal details within the app's notes or other fields.
- Your Responsibility: You are responsible for maintaining the security of your account credentials and accessing the Software within a secure environment.
Transmission of information to and from our Software is at your own risk. In the event of a data breach involving your personal information, we will notify you and relevant authorities as required by applicable law.
Your Rights and Choices
Depending on your location and applicable law (such as GDPR for EEA residents or CCPA/CPRA for California residents), you may have certain rights regarding your personal information:
- Access: You have the right to request access to the personal information we hold about you.
- Correction (Rectification): You have the right to request correction of inaccurate or incomplete personal information. You can often update basic account information (like your optional name) directly within the app settings.
- Deletion (Erasure): You have the right to request the deletion of your personal information, subject to certain exceptions (e.g., legal obligations, ongoing service provision). You can typically initiate account deletion within the app or by contacting us.
- Restrict Processing: You may have the right to request that we restrict the processing of your personal information under certain conditions.
- Object to Processing: You may have the right to object to the processing of your personal information under certain conditions (e.g., for direct marketing, though we don't currently engage in this).
- Data Portability: You may have the right to receive a copy of the personal information you provided to us in a structured, commonly used, and machine-readable format.
- Withdraw Consent: Where we rely on your consent for processing (e.g., for push notifications), you have the right to withdraw that consent at any time.
- Lodge a Complaint: You have the right to lodge a complaint with your local data protection supervisory authority if you believe our processing of your personal information violates applicable law.
To exercise these rights, please contact us at support@workoutnotepad.co. We will respond to your request in accordanceance with applicable laws. We may need to verify your identity before processing your request.
Opting Out:
- Email Marketing: We currently only send service-related emails. If we introduce marketing emails, you will be able to unsubscribe via a link in the email or by contacting us.
- Push Notifications: You can disable push notifications at any time through your device's settings menu.
- Analytics: While you cannot typically opt-out of basic operational analytics within the app, you can often limit ad tracking or reset advertising identifiers in your mobile device settings, which may affect some analytics data collection.
International Data Transfers
Our servers, operated by AWS, are currently located in the United States. If you are accessing the Software from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States. Data protection laws in the U.S. may differ from those in your jurisdiction. By using the Software, you consent to this transfer, storage, and processing in the U.S.
If we transfer data to service providers in other regions in the future, we will take appropriate steps to ensure your information remains protected in accordanceance with this Privacy Policy and applicable law.
Children's Privacy
Our Software is not intended for or directed at individuals under the age of 16. We do not knowingly collect personal information from children under 16.
If you are a parent or guardian and believe your child under 16 has provided us with personal information without your consent (or in violation of our policy), please contact us immediately at support@workoutnotepad.co. If we become aware that we have collected personal information from a child under 16 without verification of parental consent where required, or in violation of our policy, we will take steps to remove that information from our servers.
California Residents' Privacy Rights
If you are a resident of California, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA). These rights, largely covered in the "Your Rights and Choices" section, include:
- Right to Know: Request information about the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes for collecting it, and the categories of third parties with whom we share it.
- Right to Delete: Request deletion of your personal information, subject to certain exceptions.
- Right to Correct: Request correction of inaccurate personal information.
- Right to Opt-Out of Sale/Sharing: We do not "sell" your personal information in the traditional sense or "share" it for cross-context behavioral advertising.
- Right to Limit Use of Sensitive Personal Information: We do not collect sensitive personal information as defined by CPRA that would require offering this specific right.
- Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights.
California's "Shine The Light" law (Civil Code Section 1798.83) permits users who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. As stated, we do not share your personal information with third parties for their own direct marketing purposes.
To exercise your California privacy rights, please contact us at support@workoutnotepad.co.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you either through an in-app notification, by sending an email to the address associated with your account, or by posting a prominent notice within the Software or on our website prior to the change becoming effective. We will also update the "Last Updated" date at the top of this policy.
We encourage you to review this Privacy Policy periodically. Your continued use of the Software after the effective date of any changes constitutes your acceptance of the revised policy. If you disagree with the changes, you must stop using the Software and may request account deletion.
Contact Information
If you have any questions, comments, or concerns about this Privacy Policy or our data practices, please contact our Data Protection Officer (DPO):
Jake Landers
LandersWeb LLC
Email: jake@workoutnotepad.co. (for DPO-specific inquiries)
General Support Email: support@workoutnotepad.co.