Privacy Policy

Effective date: April 1, 2026 · Last updated: April 1, 2026

Fitness Field Notes ("we," "us," or "our") is a workout tracking web application available at fitnessfieldnotes.com. We respect your privacy and are committed to being transparent about the data we collect and how we use it.

Contents

  1. Information We Collect
  2. How We Use Your Information
  3. Third-Party Services
  4. Data Storage & Security
  5. Cookies & Local Storage
  6. Data Sharing
  7. Your Rights
  8. Data Retention
  9. Children's Privacy
  10. Changes to This Policy
  11. Contact Us

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Display name (optional)
  • Authentication method (email/password or Google sign-in)

If you sign in with Google, we receive your name, email, and profile picture from Google. We do not receive or store your Google password.

Fitness & Workout Data

When you use the app, you may provide:

  • Workout templates (exercise names, sets, reps, rest periods)
  • Workout session logs (weights used, reps completed, duration, notes)
  • Cardio activity data (distance, duration, heart rate, calories)
  • Training programs and progress tracking
  • Personal records and exercise history
  • Favorite workouts

AI Workout Logging

If you use the AI-powered logging feature, you may upload photos or text descriptions of your workout. These are sent to Google's Generative AI service (Gemini) for processing. We do not store the images after processing is complete. See Third-Party Services for details.

Usage Analytics

We collect anonymous usage data through Matomo, a privacy-focused analytics platform. This includes page views, feature usage, and general interaction patterns. We do not use cookies for analytics. See Cookies & Local Storage for details.

Anonymous Usage (No Account)

You can use Fitness Field Notes without creating an account. In this case, your data is stored only in your browser's local storage and is never sent to our servers.

2. How We Use Your Information

We use your information to:

  • Provide and maintain the workout tracking service
  • Sync your workout data across devices (authenticated users)
  • Generate printable PDF workout logs
  • Parse workout data from photos and text via AI
  • Display exercise demonstrations via third-party GIFs
  • Improve the app based on anonymous usage patterns
  • Respond to your feedback and feature requests

We do not use your data to:

  • Sell to advertisers or third parties
  • Build advertising profiles
  • Send marketing emails (unless you explicitly opt in)
  • Make automated decisions that affect you

3. Third-Party Services

We use the following third-party services to operate the app:

Firebase (Google Cloud)

We use Firebase for user authentication and database storage. Your account data and workout data are stored in Firebase Firestore. Firebase is operated by Google and is subject to Google's privacy policy.

Google Generative AI (Gemini)

When you use the AI workout logging feature, your uploaded photos and/or text descriptions are sent to Google's Generative AI API for processing. Google may process this data according to their Generative AI terms. We do not store the raw images after the AI has processed them.

Matomo Analytics

We use Matomo for privacy-friendly analytics. Matomo is self-hosted on our infrastructure and configured with cookies disabled. It collects anonymous page view and feature usage data. No personally identifiable information is sent to Matomo.

Gotenberg (PDF Generation)

When you export a workout as a PDF, your workout data is sent to our self-hosted Gotenberg instance for rendering. This service is hosted on our own infrastructure and does not share data with third parties.

Google Fonts

We load the Public Sans font from Google Fonts. When you visit the app, your browser makes a request to Google's font servers. This is subject to Google's privacy policy.

4. Data Storage & Security

Your data is stored in Firebase Firestore, a cloud database operated by Google. Data is encrypted in transit (TLS) and at rest. All API requests are authenticated using Firebase JWT tokens.

While we take reasonable measures to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

5. Cookies & Local Storage

Cookies

We do not use cookies. Our analytics (Matomo) are explicitly configured with cookies disabled.

Local Storage

We use your browser's local storage to:

  • Store your theme preference (light/dark mode)
  • Save in-progress workout sessions locally as a backup
  • Store workout data for users who have not created an account
  • Cache plate calculator configuration

Local storage data remains on your device and is not transmitted to our servers unless you have an account and explicitly sync your data.

6. Data Sharing

We do not sell, rent, or trade your personal information.

Your data may be shared in these limited circumstances:

  • Public workouts: If you choose to share a workout publicly, the workout name, exercises, and your display name (if provided) become visible to other users.
  • Private share links: If you share a workout via link, anyone with that link can view the workout data.
  • Service providers: As described in Third-Party Services, we share limited data with providers that help us operate the app.
  • Legal requirements: We may disclose data if required by law or to protect our rights.

7. Your Rights

You have the right to:

  • Access your data: Your workout data is visible in the app at all times.
  • Export your data: You can export workouts as PDF, text, or images.
  • Delete your data: You can delete your account and all associated data from the Profile page. This permanently removes your account, workouts, sessions, programs, exercise history, and favorites.
  • Correct your data: You can edit your workouts, sessions, and profile information at any time.
  • Withdraw consent: You can stop using the app at any time. If you delete your account, all data is permanently removed.

For GDPR and CCPA requests, contact us at the email below. We will respond within 30 days.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated data is permanently deleted from our systems. We do not maintain backups of deleted user data.

Anonymous usage analytics are retained in aggregate form and cannot be linked back to individual users.

9. Children's Privacy

Fitness Field Notes is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by posting a notice on the app. The "Last updated" date at the top of this page indicates when the policy was last revised.

11. Contact Us

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at:

  • Email: privacy@fitnessfieldnotes.com
  • Feature requests & bugs: Feedback page