Privacy Policy

Version 1.0 | Last Updated: 29 December 2024

Who We Are

Kraft is a fitness tracking application developed by Orber & Co. Ltd
Company Number: 13086066
86-90 Paul Street, London, EC2A 4NE

Data Protection: privacy@orber.co

Our Privacy Commitment

PRIVACY BY DESIGN: Kraft is built with your privacy as a core principle. Your workout data is securely encrypted and stored in the cloud.

We comply with:

UK GDPR (UK General Data Protection Regulation)
Data Protection Act 2018
Privacy and Electronic Communications Regulations

1. Information We Collect

Account Data

When you create an account, we collect:

Email address
Display name
Profile information (height, weight, fitness goals)

Workout Data (Stored in Cloud)

Your workout data is securely stored in our cloud infrastructure:

Workout history and exercise logs
Personal records and progress data
Custom exercises and workout templates
Body measurements (if you choose to track them)

Anonymous Analytics (Optional)

With your consent, we may collect anonymized usage data:

App crash reports
Feature usage statistics
Device type and OS version

WE DO NOT COLLECT:

Your precise location, health data from Apple Health/Google Fit without explicit permission, payment information (we use Apple/Google for in-app purchases), or any data that can identify you personally without your consent.

2. How We Use Your Data

Core App Functionality

Display your workout history and progress
Calculate personal records and statistics
Sync your data across all your devices
Provide exercise recommendations

AI Features

Generate personalised workout insights
Analyse workout patterns
Provide exercise recommendations

Note: AI processing uses anonymised data only. Your personal identifiers are never shared with AI providers.

3. Data Sharing

WE DO NOT SELL YOUR DATA - EVER.

We only share data with trusted service providers when necessary:

Supabase (Cloud Storage)

Secure data storage for your workout data (EU servers)

Anthropic (AI Features)

Anonymised data for AI-powered insights

RevenueCat (Subscriptions)

Subscription management through app stores

All processors have GDPR-compliant Data Processing Agreements.

4. Data Security

We protect your data with:

TLS 1.3 encryption for all network transfers
AES-256 encryption for cloud-stored data
Secure authentication (email or Apple Sign-In)
EU-based server infrastructure
Regular security audits

5. Your Rights

Right to Access

Export all your data directly from the app

How: Settings > Export Data

Right to Erasure

Delete all your data instantly

How: Settings > Delete All Data (local) or Delete Account (cloud)

Right to Data Portability

Export your data in standard formats (JSON/CSV)

How: Settings > Export Data

Right to Object

Opt out of analytics at any time

How: Settings > Privacy > Disable Analytics

Right to Lodge a Complaint

Information Commissioner's Office (ICO)

Website: ico.org.uk/make-a-complaint

Phone: 0303 123 1113

6. Data Retention

Account data: Duration of account + 30 days after deletion
Workout data: Duration of account + 30 days after deletion
Analytics data: Anonymised and retained for 2 years

Your workout data is never automatically deleted - you have full control.

7. International Transfers

Your data is primarily stored in EU-based servers. When using AI features, anonymised data may be processed in the USA under Standard Contractual Clauses (SCCs) with GDPR safeguards.

8. Children's Privacy

Kraft is intended for users aged 13 and older. We do not knowingly collect data from children under 13. If you believe we have collected data from a child, please contact us immediately.

9. Changes to Policy

Material changes require 30 days email and in-app notice. Non-material changes update the "Last Updated" date. Continued use means acceptance.

10. Contact Us

Privacy Enquiries: privacy@orber.co
General Support: kraft@orber.co

Postal Address:
Orber & Co. Ltd
86-90 Paul Street
London, EC2A 4NE
United Kingdom