Posturato · Legal
Privacy Policy
Effective May 28, 2026
This policy explains what data Posturato ("we," "us") collects when you use the Posturato app (on iPhone and Android) and this website, why we collect it, and the choices you have. We wrote it in plain English on purpose.
1. The short version
- All AI in Posturato runs on your device.Body-pose detection runs on-device (Apple's Vision framework on iPhone, Google ML Kit on Android). The plain-English explanation of your score, the daily insight on the Home tab, and personalized tips use an on-device language model (Apple Intelligence on iPhone, Gemini Nano on Android). We do not send your photos, metrics, prompts, or AI responses to OpenAI, Anthropic, or any other third-party AI service.We don't integrate with any third-party AI service at all.
- Your scan photos never leave your device.They live in the app's private storage. We never see them, never upload them, never back them up.
- We store the minimum we need to log you in (your email from Sign in with Apple or Sign in with Google) and to deliver the product (your onboarding answers, posture scores, and routine completions).
- We do not sell or share your personal information with advertisers, data brokers, or any other third party for marketing.
- You can delete everything at any time from inside the app. We honor it within 30 days.
2. What data we collect
2.1 Account data
When you sign in, we receive your email address and a stable user identifier from your sign-in provider. On iPhone this is Sign in with Apple (your real Apple ID email or a private relay email Apple generates for you). On Android this is Sign in with Google (your Google account email). We store this information in our authentication backend (Supabase) so we can recognize you on your next visit and on future devices.
2.2 Onboarding answers
During onboarding we ask up to ten questions about your goal, daily sitting hours, posture patterns, discomfort frequency, preferred reminder time, age band, and time available to commit. These answers are used to tailor your daily routine. We store them tied to your account and you can delete them at any time.
2.3 Posture scans
- Photos:stored only on your device in the app's private storage. They are never uploaded. Body-pose landmarks are extracted on-device (Apple's Vision framework with
VNDetectHumanBodyPoseRequeston iPhone, Google ML Kit pose detection on Android). Only the resulting numerical metrics ever leave the photo, and they go only as far as the score and metrics described in the next bullet. They are never sent to any AI service. - Score and metrics:the numerical posture score (0 to 100), category-level findings (e.g. "forward head: mild"), and timestamp are stored in our backend tied to your account so we can show you your trend over time and personalize your routine.
2.4 On-device AI processing
The app has three AI-powered surfaces, all of which run entirely on your device using its built-in on-device frameworks. None of them transmit data to a server or use any third-party AI service (we do not integrate with OpenAI, Anthropic, Cohere, Together AI, Replicate, Hugging Face, or any other AI provider). On iPhone the on-device language model is Apple Intelligence (accessed via Apple's FoundationModels framework). On Android it is Gemini Nano (accessed via Google AI Edge / the on-device ML APIs).
- The post-scan explanation. After a scan, the app uses the on-device language model to generate a short paragraph explaining your measurements. Your posture metrics and your stated goal from onboarding are passed to the model on your device. Inference for this feature runs on-device.
- The daily insight on the Home tab. The same on-device model composes a short, plain-English nudge based on your most recent scan, your streak, and your onboarding answers. Same architecture, same on-device guarantee.
- Personalized tips inside routines. Where the app shows a one-line explanation of why a given exercise was selected for you, that line is generated by the same on-device model, with the same data flow (only your local profile and the exercise definition are passed to the model on your device).
On devices that don't support an on-device language model, the app falls back to a fixed template, also fully on-device. The body-pose detection in §2.3 likewise runs only with the on-device vision frameworks described above and is not affected by language model availability.
2.5 Routine completions
Each time you finish a daily routine we record the date, the routine identifier, and how long it took. This is used only to show your streak and progress.
2.6 Subscription status
If you subscribe, we receive (via RevenueCat acting as our subscription management provider) the subscription status (active, trialing, cancelled, or expired) for your account. We never see your card details. Apple (App Store) or Google (Google Play) handles all billing.
2.7 Usage analytics and crash reports
The current app build does not send product analytics or crash reports to a third-party analytics provider. We may add privacy-preserving diagnostics later to improve reliability; if we do, we will update this policy, the App Store privacy labels, and the Google Play Data safety form before enabling them.
2.8 Permissions we ask for
- Camera to capture your posture scan. Used only during the scan flow.
- Notifications to send your daily reminder at the time you chose during onboarding. These are local notifications scheduled on your device; you can disable them at any time in your device settings.
3. Who we share data with
We use a small number of subprocessors to run the service. We never share data with anyone for advertising or for the sale of personal information.
- Supabase: authentication, database, and file storage. Hosts account data, onboarding answers, posture scores, and routine completions.
- RevenueCat: subscription state. Receives your anonymized App Store or Google Play transaction identifier and the Posturato user identifier.
- Apple and Google: sign-in, in-app purchases, and notification permissions on their respective platforms (Sign in with Apple and the App Store on iPhone, Sign in with Google and Google Play on Android). Their own privacy practices apply to those interactions.
- DigitalOcean: hosts this website (App Platform). Standard server access logs are retained briefly.
- Loops: stores email addresses submitted through the website launch-notification form. This is separate from your in-app Posturato account.
We will update this list if it changes. We do not use third-party advertising SDKs, attribution networks, or social media tracking pixels in the app.
4. How long we keep data
- Account data: as long as your account is active, plus up to 30 days after deletion to complete the deletion across our subprocessors.
- Scan metadata, onboarding answers, completions: for the life of the account. Deleted within 30 days when you ask us to.
- Website launch-notification emails: until launch notification is sent or you ask us to remove the address.
5. Your rights and choices
Wherever you live, you can:
- Access or correct your data: open the app and re-enter your onboarding answers, or email us.
- Export your data: email [email protected]and we'll send a JSON copy within 30 days.
- Delete your account: open Settings, then Delete account in the app, or email us. We delete account, onboarding answers, scans, and completions within 30 days.
Residents of California, Colorado, Connecticut, Virginia, Utah, and the EU/UK have additional rights under their local laws. We honor those rights worldwide as a matter of policy. You can exercise them by emailing [email protected].
6. Children
Posturato is rated for teens and older (12+ on the App Store) and is not directed to children under 13. If we learn we have collected information from a child under 13 without parental consent, we will delete it.
7. Changes to this policy
If we make a material change, we will update the effective date above and, where required, notify you in the app or by email before the change takes effect.
8. Contact
Posturato is operated by the developer of Posturato. For privacy inquiries or data deletion requests, please contact us at [email protected]. We respond to legitimate requests within 30 days.