PRIVACY POLICY

UnderHooked is a Brazilian Jiu-Jitsu training companion app. We collect the minimum information needed to run the app: your account info, the training sessions and techniques you log, and a few technical signals (push tokens, crash logs, anonymized usage). We do not sell your data. We do not share identifying data with advertisers. We do not track you across other apps or websites.

Plain-English version: we treat your training journal like your training journal — your private record of mat time. Aggregated, anonymized data may be used to improve the product. Your name, account, and individual sessions stay yours.

Account information

• Email address (required for sign-in)
• Display name and username
• Profile photo (optional)
• Phone number (optional, for opted-in gym SMS)
• Authentication tokens managed by our auth provider

Training data

• Sessions you log (date, duration, gym, energy, body, mind)
• Roll-by-roll outcomes and submissions
• Techniques in your playbook + A-game tags
• Competition results and structured debriefs
• Belt rank, stripes, XP, streaks
• Notes you choose to write
• Injury entries (private to you by default; you can opt to share with your gym's coach)

Gym affiliation

• Your home gym (if you select one)
• Tap-in records from your gym's QR check-in

When you select a home gym, coaches at that gym can view your profile (display name, belt, attendance, last check-in) within their gym dashboard. Cross-gym access is blocked by row-level security — only coaches at your gym can see your data.

Family / kids you add

If you add a child as a dependent profile (parent path), we collect on your behalf and at your direction: the child's first name, optional last name, optional date of birth, optional profile photo, belt color and stripe count, and the child's training history (class attendance and belt promotions). See Section 08 for full details on how kid data is handled.

Coach-published content (gyms only)

If you are a coach at an affiliated gym, videos, audio, and text you record or upload through Move of the Day or announcements are stored on our servers and shown to members of your gym. Recording uses your device camera, microphone, and photo library only with your explicit permission, prompted at the moment you tap record or pick a clip. Members of your gym can view this content; non-members cannot.

Device + technical data

• Push notification token (so we can deliver MOTDs and alerts)
• Crash and error logs (so we can fix bugs)
• App usage events (e.g. “paywall shown”) — linked to your account but used in aggregate to improve the product
• Approximate device type and OS version

Purchase data

• Subscription status (Free, Premium, Gym Member)
• Purchase events from Apple or Google (we do NOT receive your card or payment details — those go straight to the platform)

Location (only when you tap “Use my location”)

The Gym Finder has an optional “Use my location” button that lets you sort gyms by distance and surface nearby academies. When you tap it, iOS prompts for location permission and we request your approximate coordinates once from the operating system. The coordinates are used only to compute distances client- side; we do not store them on our servers, do not track you over time, and the app does not request location in the background. Decline the permission and the rest of the app still works fully.

We do not collect: your contacts, your photos library or camera roll (we only access photos and videos you explicitly select or record at the moment you tap to upload), your activity in any other app, or any continuous / background location.

• To run the app — log sessions, sync to your other devices, deliver pushes
• To bill subscribers — verify entitlements with the App Store / Play Store
• To improve the product — aggregated analytics about which features people use
• To detect and fix crashes
• To deliver coach-published MOTD and announcements if you've joined a gym
• To respond to your support requests

We do not use your data for advertising, profile-building, or sale to third parties.

We share specific data with the following processors, each contractually obligated to protect it:

Supabase (database + auth)

Your account, training data, and gym affiliation are stored on Supabase servers. Supabase processes this data on our behalf to provide database and authentication services.

RevenueCat (subscriptions)

We use RevenueCat to manage subscription state from Apple and Google. RevenueCat receives your anonymous user ID, subscription product ID, and entitlement status. They do not receive your name, training data, or payment information.

Apple App Store / Google Play

When you purchase a subscription, your card and billing details go directly to Apple or Google. We never see your payment information. Apple and Google's privacy policies apply to that transaction.

Sentry (error tracking)

When the app crashes, we send a stack trace and minimal context to Sentry to diagnose the bug. This may include your user ID but does not include the contents of your training data.

PostHog (product analytics)

We log anonymous events about how the app is used (e.g., “screen viewed: Journal”) to PostHog. Events are linked to your user ID but PostHog does not combine them with data from other companies. Events record screen names and feature interactions only — never the contents of form inputs, journal entries, notes, or messages.

Expo (push notifications)

We use Expo's push notification service to deliver pushes. Expo relays the message to Apple Push Notification service or Firebase Cloud Messaging.

We retain your account and training data as long as your account is active. Crash logs and analytics events are retained for up to 90 days for diagnostic purposes, then aggregated and anonymized.

When you delete your account, we delete your personal data within 30 days, subject to legal retention requirements (e.g., tax records related to subscription transactions).

You have the right to:

• Access the personal data we hold about you (use the in-app data export — Profile → Privacy & Data → Download My Data)
• Correct inaccurate data (edit your profile in the app)
• Delete your account and all associated data
• Object to or restrict processing
• Receive your data in a portable format (JSON)
• Withdraw consent at any time

To exercise any right, email support@underhooked.app or use the in-app controls under Profile → Privacy & Data.

California residents (CCPA), EU residents (GDPR), and UK residents (UK GDPR) have additional rights, including the right to file a complaint with your local supervisory authority.

You can delete your account directly from the app: Profile → Privacy & Data → Delete Account. This permanently removes:

• Your account and authentication credentials
• All your training sessions, rolls, submissions, notes
• Your playbook and competition entries
• Achievement unlocks and XP
• Injury logs
• Your push notification token

What remains: any aggregated, anonymized statistics that can no longer be linked to you, plus minimum records required by law (e.g., transaction records related to past purchases).

Direct accounts: UnderHooked does not allow users under 13 to create their own account. Account holders must be 13 or older. We do not knowingly let a child under 13 sign up for an account directly. If we learn a direct account belongs to a child under 13, we delete it immediately.

Parent-managed kid profiles:Parents and gym staff may add a child as a dependent profile to track that child's Brazilian Jiu-Jitsu training. When a parent or coach adds a child, we collect, on the parent's authority and at their direction:

• The child's first name and (optionally) last name
• An optional profile photo provided by the parent
• Belt color, stripe count, and promotion history
• Class attendance records (date, time, gym)
• Optional date of birth

This information is visible to the parent who created the profile and to coaching staff at the child's home gym for legitimate gym-management purposes (attendance, belt progression, class rostering). It is never sold, shared with advertisers, or used to target the child with marketing.

A parent may view, edit, or delete their child's dependent profile at any time from the Family section of the app. Deleting the parent's account also removes every dependent profile they added.

If you believe your child's dependent profile was created without your consent, email support@underhooked.app and we will delete it immediately.

UnderHooked is operated from the United States. Our processors (Supabase, RevenueCat, Sentry, PostHog, Expo) operate primarily from the United States. If you use the app from outside the US, your data is transferred to and processed in the United States.

We rely on standard contractual clauses or equivalent safeguards for any international transfers.

We implement commercially reasonable technical and organizational measures to protect your data:

• HTTPS for all client-server communication
• Database-level row security (you can only read your own data, plus same-gym data if your coach grants it)
• Encryption at rest for stored data
• Passwords hashed using industry-standard algorithms by our auth provider — we never see or store your password in plaintext
• Limited access controls — only the engineering team can access production systems

No system is perfectly secure. If we discover a breach affecting your personal information, we will notify you and the appropriate regulators as required by law.

We may update this policy as the product evolves. We'll notify you of material changes by email or in-app notice and update the effective date at the top.

Questions, requests, or complaints? Email support@underhooked.app. We respond within 5 business days.