Privacy Policy

Last updated: 1 June 2026

Lift is operated by Riccardo Casale, an individual sole trader based in Italy ("we," "us," or "our"). This Privacy Policy explains how we collect, use, and protect your information when you use the Lift mobile application and the liftgymapp.com website (together, the "Service"). We are the data controller responsible for your personal data, and you can reach us at ricc.casalee@gmail.com.

1. Information We Collect

2. How We Use Your Information and Our Legal Basis

Under the GDPR we must have a lawful basis for each use of your data. We rely on:

3. AI Features and the Providers Who Process Your Data

Some features send your input to third-party AI providers to generate a result. All calls are made from our secure backend — our API keys are never stored on your device. These providers act as our processors and are not permitted to use your data for their own purposes, such as advertising. Each provider processes your input only to return the result we show you in the app.

4. How We Share Your Information

We do not sell your personal information. We share data only with service providers strictly necessary to run the Service:

5. International Data Transfers

Your account and app data are hosted by Supabase. Several of our AI and infrastructure providers (Anthropic, OpenAI, Google) are based in the United States. Where your personal data is transferred outside the European Economic Area, we rely on the European Commission's Standard Contractual Clauses (SCCs) and other appropriate safeguards required by the GDPR.

6. Data Retention

We keep your account and app data for as long as your account is active. If you ask us to delete your data, we will remove it from our backend. Uninstalling the app removes only the local copy on your device — data already stored on our backend remains until you request its deletion. Website analytics are retained only in aggregated, non-identifying form.

7. Your Rights

If you are in the EU/EEA, the GDPR gives you the right to access your data, correct inaccurate data, erase your data, restrict or object to processing, request data portability, and withdraw consent at any time. To exercise any of these rights, email ricc.casalee@gmail.com. For portability, you can also use Export Workout Data in the app's Settings to download a copy of your workout and nutrition data. You also have the right to lodge a complaint with your local supervisory authority — in Italy, the Garante per la protezione dei dati personali (garanteprivacy.it).

8. Security

We protect your data in transit with HTTPS/TLS, store authentication tokens securely in your device's Keychain, and host your data with a provider that encrypts it at rest. No method of transmission or storage is completely secure, but we take reasonable measures to protect your information.

9. Children's Privacy

The Service is intended for users aged 16 and over. We do not knowingly collect personal data from anyone under 16. If you believe a child under 16 has provided us with personal data, contact us and we will delete it.

10. Changes to This Policy

We may update this Policy from time to time. Material changes will be posted on this page with an updated date and, where appropriate, communicated by email.

11. Contact

Data controller: Riccardo Casale, Italy. Questions or requests? Email ricc.casalee@gmail.com.