KINETIC — Privacy Policy

1. What we collect

We collect only what is necessary to provide the Kinetic fitness tracking service:

Your display name and email address
Workout data you log (exercises, sets, reps, weight)
Body metrics you choose to record (weight, body fat %)
Device type and browser (for bug reporting only, not profiling)

We do not collect your phone number, physical address, payment details, or health conditions beyond what you voluntarily log.

2. How we use your data

To provide and improve the Kinetic service
To send transactional emails (email verification, password reset)
To calculate your personal records, streaks, and progress statistics
To detect and fix bugs or performance issues

We do not use your data for advertising, profiling, or sell it to third parties. Ever.

3. Data storage and security

Your data is stored on secure servers. Passwords are hashed using Argon2id and are never stored in plain text. Authentication tokens are hashed with SHA-256 at rest. We use HTTPS for all data in transit.

4. Your rights (GDPR & POPIA)

You have the right to:

Access all data we hold about you via Settings → Export My Data
Delete your account and all associated data via Settings → Delete Account
Correct your personal information at any time in your profile settings
Object to any processing by contacting us directly

Account deletion is a 30-day soft delete — you have 30 days to change your mind before data is permanently erased.

5. Cookies

Kinetic does not use tracking cookies or analytics cookies. We use localStorage in your browser to store your session token and cached profile data. This data never leaves your device except when making API requests to our server.

6. Third-party services

We use the following third-party services:

Google Fonts — to load typefaces. Google may log font requests.
Tailwind CSS CDN — for styling in the prototype. Production builds will self-host this.

7. Contact

Questions about this policy? Email us at privacy@kinetic.musi.net.za.