Skip to content
Progress Pics

Privacy Policy

Last updated: July 2025

Progress Pics - Body Tracker is built privacy-first. By default, every photo, note and measurement stays on your device. This policy explains exactly what we collect, why, and how it's protected.

Introduction

Progress Pics - Body Tracker ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application (the "App").

Our Privacy-First Commitment

Progress Pics - Body Tracker is designed with privacy at its core. Your fitness journey and body transformation photos are deeply personal, and we've built our app to ensure maximum privacy and data protection.

Information We Collect

1. Personal Information

  • RevenueCat user identifier
  • Email address
  • Device information

2. Progress Pics - Body Tracker and Data

  • Progress Pics - Body Tracker
  • Measurements (e.g. weight, body fat %)
  • Check-in dates, notes, and metadata
  • App preferences and settings

3. Technical Information

  • Device and app version
  • Anonymised usage analytics and crash logs
  • Authentication tokens

How We Use Your Information

  • Store and display your progress data
  • Enable comparisons and progress tracking
  • Sync data (when cloud backup is enabled)
  • Improve app performance and support
  • Manage subscriptions via RevenueCat

Data Storage and Security

1. Local Storage (Default)

  • Data stored locally by default
  • Protected by your device's OS-level data protection
  • Biometric/PIN protection available

2. Optional Cloud Backup (Premium Feature)

  • Fully optional, premium-only feature
  • Photos are end-to-end encrypted on your device with XChaCha20-Poly1305 before upload. The encryption key is derived from a 24-word recovery passphrase that never leaves your phone. We cannot see, decrypt, or recover your photos.
  • Photo metadata (weight, notes, dates, body-fat estimates) is stored in plaintext on the server so the app can sort and filter it across devices.
  • Hosted on Supabase. Requires explicit consent to enable.

3. Security Measures

  • End-to-end encrypted photo storage (when cloud backup is on)
  • HTTPS in transit for all server traffic
  • Secure authentication and sessions
  • Regular security updates

Data Sharing and Disclosure

We do not:

  • Sell or share your data
  • Access your photos without permission
  • Use your data for advertising

We may share data:

  • To comply with legal obligations
  • For account recovery (with consent)
  • With trusted service providers under NDA

Third-Party Services

Your Rights and Choices

  • View and export your data
  • Delete individual entries or your whole account
  • Manage backup, biometrics, PIN, notifications, and theme
  • Cancel subscriptions via app store

Data Retention

  • Local data remains until you delete it
  • Cloud data removed upon account deletion or grace period end
  • Account data purged within 30 days of deletion request

Children's Privacy

Progress Pics - Body Tracker is not intended for children under 13. If we discover we've collected such data, we'll delete it immediately.

International Data Transfers

If you're outside the US, your data may be processed there. We ensure appropriate safeguards for international transfers.

Changes to This Policy

We may update this policy and notify you through the app and by updating the "Last Updated" date.

Contact Us

If you have any questions, reach out at: privacy@progresspics.app

Your Consent

By using Progress Pics - Body Tracker, you consent to this Privacy Policy. If you disagree, please do not use the app.