Privacy Policy

Last updated: 5 June 2026

Lifto (“the app”) is a workout-tracking and effective-volume-analysis app. This policy explains what data the app handles and where it goes. The short version: Lifto has no servers of its own. Your data lives on your device and, when you are signed into iCloud, in your own private iCloud account. We — the developer — cannot see it.

What data Lifto handles

• Workout data you enter: templates, exercises, sets (weight, reps, RIR), notes, gym profiles, and completed-workout history.
• Health metrics during a workout (optional): if you grant Apple Health access, Lifto reads your heart rate and active energy (calories) to show live metrics during a session, and stores the session’s average heart rate and active calories alongside that completed workout. With your permission it also writes your completed workouts back to Apple Health.
• Settings and preferences: unit choice (kg/lbs), timer settings, and display options, stored locally on your device.

Where your data is stored

• On your device, using Apple’s local storage.
• In your own private iCloud, via Apple’s CloudKit (container iCloud.com.iuliabrezeanu.Lifto). This syncs and backs up your workouts — including the workout heart-rate and calorie metrics above — across your own Apple devices.
• This iCloud data lives in your private CloudKit database under your own Apple ID. It is Apple-managed infrastructure that the developer cannot access. There is no Lifto account, no developer-operated server, no remote API, and no server-side processing of your data.
• If your device is not signed into iCloud, Lifto stores everything locally only and remains fully functional — sync is a convenience, not a requirement.

What Lifto does NOT do

• No cross-app tracking, no ads. Lifto does not track you across apps or websites, uses no advertising identifier (IDFA), and contains no advertising or attribution SDKs.
• No third-party AI. Your data is never sent to any third-party AI service.
• Your workout data is never sold or shared. Your workouts, templates, and health metrics stay on your device and in your private iCloud — we have no access to them and never sell or share them.

Usage analytics (anonymous, opt-in)

To understand which features are used and improve the app, Lifto can record anonymous in-app activity — for example which screen you open, when you start or finish a workout, and how you interact with the paywall — using PostHog as our analytics processor.

• It is off by default and opt-in: nothing is collected or transmitted unless you explicitly turn it on. We ask once with a clear prompt, and you can change your choice anytime in Profile → Privacy → Share Usage Analytics.
• When enabled, it is anonymous: tied only to a random device identifier generated by PostHog, never to your name, email, or Apple ID (there is no Lifto account).
• It contains no personal data and none of your workout content (no weights, reps, exercises, notes, heart rate, or calories) — only feature-usage events.
• With the same opt-in consent, Lifto also reports anonymous app-health diagnostics gathered by Apple’s MetricKit — aggregate performance figures (launch time, hangs, memory, CPU) and crash reports (code-level stack information). These contain no personal data or workout content and exist only to help us find and fix crashes and slowdowns.
• It is not used for advertising and is never linked with third-party data.
• If you decline or later turn it off, no analytics events leave your device (the analytics SDK is not even initialized without your consent).

Apple Health

Health access is optional. Lifto requests permission to read heart rate and active energy and to write completed workouts to Apple Health. You can grant, limit, or revoke this at any time in Settings → Privacy & Security → Health → Lifto. Health data Lifto reads during a workout is shown live and the per-session summary (average heart rate, active calories) is saved with that workout, which then syncs to your private iCloud as described above.

Subscriptions

Lifto Pro is an auto-renewable subscription processed entirely by Apple’s App Store (StoreKit). Lifto never sees or stores your payment information. Purchase and subscription state is managed by Apple; manage or cancel anytime in your App Store account settings.

Your control

• Delete individual workouts, or clear all history, from Profile → Data.
• Disable iCloud sync by signing the device out of iCloud or turning off iCloud for Lifto in Settings → [your name] → iCloud.
• Revoke Health access in the iOS Health app at any time.

Children

Lifto is not directed at children and does not knowingly collect data from children.

Contact

Questions about this policy: [email protected]