Sign Up Free

Legal

PRIVACY
POLICY.

Effective date: March 29, 2026

LIFTL ("we", "us", or "our") is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and the choices you have. By using LIFTL, you agree to the practices described here.

Information We Collect.

Account data — When you create an account, we collect your email address and, optionally, a display name and profile photo.

Workout data — Every session, set, rep, and weight you log is stored and associated with your account. This is the core data that powers your progress tracking.

Profile preferences — Your unit preference (lbs / kg), theme settings, and accent color choices.

Spotify credentials — If you connect Spotify, we store an encrypted OAuth access token and refresh token on your behalf to enable playback control. We never store your Spotify password.

Usage data — Anonymized page views and performance metrics collected via Vercel Analytics to help us improve the product.

How We Use Your Data.

We use your data exclusively to provide and improve the LIFTL service:

  • Displaying your workout history, progress charts, and personal records
  • Computing estimated 1-rep maxes, volume totals, and muscle group breakdowns
  • Controlling Spotify playback when you start a workout (if connected)
  • Sending transactional emails such as email verification and password resets
  • Monitoring application performance and diagnosing errors

We do not sell, rent, or share your personal data with third parties for advertising or marketing purposes.

Third-Party Services.

LIFTL relies on the following trusted third-party providers to deliver the service:

  • Supabase — Database, authentication, and file storage. Your data is stored in Supabase-managed PostgreSQL databases.
  • Vercel — Application hosting, edge delivery, and anonymized analytics.
  • Spotify — Optional music integration. Subject to Spotify's own Privacy Policy if connected.

Each provider operates under their own privacy and security standards. We encourage you to review their policies if you have questions about how they handle data.

Data Retention.

Your account and workout data are retained for as long as your account is active. If you delete your account, all associated data — including sessions, sets, personal records, and preferences — is permanently removed from our systems within 30 days.

Anonymized, aggregated usage statistics may be retained indefinitely as they cannot be linked to any individual.

Your Rights.

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your workout data in a portable format
  • Withdraw consent for Spotify integration at any time via Settings

To exercise any of these rights, contact us at privacy@liftl.io.

Security.

We implement industry-standard security practices including TLS encryption for data in transit, encrypted storage for OAuth tokens, and row-level security policies on our database to ensure users can only access their own data. No system is 100% secure, and we encourage you to use a strong, unique password for your account.

Changes to This Policy.

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. Significant changes will be communicated via email or an in-app notice. Continued use of LIFTL after changes are posted constitutes acceptance of the updated policy.

Contact.

If you have any questions about this Privacy Policy, please reach out:

Email: privacy@liftl.io
Or use the Contact page.