Legal

Privacy Policy

Last updated: 27.03.2026

This Privacy Policy explains how IronYou ("IronYou", "we", "us", or "our") collects, uses, stores, and shares personal information when you use our website, app, and related services (the "Services").

1. Who we are

IronYou is operated by Nikolas Czerný.

Contact email: info@ironyou.app
Location: Dobříš, Czechia

2. Information we collect

We may collect the following categories of information:

  • Account information, such as your email address, password hash, login provider details, and account settings. If you choose to sign in with Google, we may receive account identifiers and basic account information made available by Google for authentication, such as your Google account ID and email address.
  • Workout and product data, such as workouts, exercises, sets, templates, workout history, and progress-related information you create in the Services.
  • Profile and settings data, such as units, workout preferences, body weight, goals, or other information you choose to enter.
  • Technical and diagnostic data, such as IP address, browser type, device information, request logs, crash or error information, and security-related logs.
  • Support or feedback messages, if you contact us or submit feedback.
  • Essential cookies and similar technologies, such as session cookies and remember-me/login cookies required to operate the Services.

3. How we collect information

  • Directly from you when you create an account, sign in, use the Services, log workouts, create templates, or contact us.
  • Automatically when you use the Services, through server logs, security tools, and essential cookies.
  • From authentication providers, if you choose to sign in with a third-party login method.

4. Why we use your information

We use personal information to:

  • Provide, maintain, and improve the Services.
  • Create and manage your account.
  • Store your workouts, templates, settings, history, and progress summaries.
  • Display workout context and product features based on your usage.
  • Secure the Services, detect abuse, prevent fraud, and troubleshoot technical issues.
  • Respond to support requests and communicate with you about your account or the Services.
  • Comply with legal obligations and enforce our Terms.

5. Legal bases for processing

Depending on your location, we may process personal information under one or more of the following legal bases:

  • Performance of a contract — to provide the Services you request.
  • Legitimate interests — to operate, improve, secure, and maintain the Services.
  • Consent — where required by law for optional features or optional tracking.
  • Legal obligation — where we must process data to comply with law.

6. How we share information

We may share information with service providers that help us operate the Services, including:

  • Hetzner for hosting and infrastructure.
  • Neon for database infrastructure.
  • Resend for transactional email delivery.
  • Google if you choose to use Google Sign-In for authentication.

We may also disclose information where required by law, to protect the rights, safety, and security of users or the Services, or in connection with a merger, acquisition, financing, or sale of assets.

We do not sell personal information for money.

7. International transfers

Your information may be processed in countries other than your own, depending on where our service providers operate. Where required by law, we use appropriate safeguards for such transfers.

8. Data retention

We generally retain account, workout, template, and profile data for as long as your account remains active and as reasonably necessary to provide the Services, maintain backups, resolve disputes, enforce agreements, and comply with legal obligations.

  • Account, workout, template, and profile data: usually for as long as your account remains active.
  • Server, security, and diagnostic logs: for a limited period reasonably necessary for operations, debugging, and security.
  • Support messages: for as long as reasonably needed to respond to and keep records of support requests.

If you request deletion of your account, we will make reasonable efforts to delete or anonymize personal information from active systems within a reasonable period.

9. Your rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or export your personal information, and to withdraw consent where consent is the basis for processing.

To make a privacy-related request, contact info@ironyou.app.

10. Cookies and similar technologies

We use essential cookies and similar technologies needed to operate the Services, such as session cookies, login-related cookies, and security-related cookies.

We do not currently rely on optional analytics or marketing cookies in this Policy version. If that changes, we may update this Privacy Policy and any related cookie disclosures.

11. Children

The Services are not directed to children under the age of 13, or any higher age required by applicable local law, without appropriate authorization where required.

12. Third-party services

The Services may rely on third-party providers for infrastructure, authentication, and email delivery. If you choose to use Google Sign-In, your use of Google's authentication services is also subject to Google's own privacy practices and terms.

13. Security

We use reasonable technical and organizational measures designed to protect personal information. However, no method of storage or transmission is completely secure.

14. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version here and revise the “Last updated” date.

15. Contact

If you have questions about this Privacy Policy or your data, contact: info@ironyou.app