Last updated June 11, 2026
ForgeRep helps you track workouts, nutrition, and body measurements. This policy describes what we collect, why we use it, and the choices you have.
Account details (email), profile and onboarding answers (goals, measurements, equipment), workout logs, nutrition entries, body measurements, progress photos (if you upload them), and technical data needed to operate the app (session cookies, sync metadata).
If you subscribe to Pro or Pro+, we store billing status from Stripe (tier, renewal date, cancellation state). We do not store full payment card numbers.
Connecting a device or app is optional. When you choose to connect, you are redirected to that provider to sign in and approve access. We only receive the data needed for the integration you enable.
Withings (coming soon): we will store encrypted OAuth tokens and import weight readings into your ForgeRep Progress log when this integration is enabled.
Fitbit (available when enabled): you sign in with Google and authorize the Google Health API. We store encrypted OAuth tokens and import daily activity summaries (steps, active calories, and active minutes) into your account. We do not receive your Google or Fitbit password. Disconnecting removes our stored tokens; previously imported activity remains until you delete it or delete your account.
Strava (coming soon): we will import cardio workouts from your Strava account when this integration is enabled.
Third-party providers process data under their own privacy policies and terms. ForgeRep is not responsible for how those services handle your data outside the connection you approve.
We use your data to generate training and nutrition plans, display progress, sync across devices, run optional device integrations, process subscriptions, and improve reliability. We do not sell your personal information.
Data is stored in Supabase (PostgreSQL) with row-level security tied to your account. Integration OAuth tokens are encrypted at rest before storage. Workout data is also cached locally on your device for offline use.
Payment processing is handled by Stripe. Subscription webhooks update your account tier; we do not store card details on our servers.
You can export your account data or permanently delete your account from Profile → Privacy & data. Deletion removes your profile, plans, logs, integration tokens, and related records.
You can disconnect any integration from Profile → Integrations without deleting your ForgeRep account.
Questions about privacy? Contact the ForgeRep team through the support channel listed in the app or on the marketing site.