Privacy Policy

This Privacy Policy describes how The Hypertrophy Lab ("we," "us," or "our") collects, uses, and handles your information when you use our application at thehypertrophylab.com.

What Information We Collect

We collect information you provide directly when you create an account or use the app:

• Account information: Your email address and password (stored as a hashed value — we never store your plain-text password)
• Profile settings: Training experience level, sex, bodyweight, and any injuries or physical limitations you choose to disclose
• Workout logs: The exercises, sets, reps, weights, and RIR ratings you record during sessions
• Feedback and ratings: Per-session and per-exercise feedback you provide after workouts
• AI interactions: Messages sent to the AI coach and the responses generated

We also collect limited technical information automatically when you use the app:

• Session authentication tokens (stored in cookies)
• Basic server access logs (IP address, timestamp, HTTP method, URL path) for security and debugging

How We Use Your Information

We use the information we collect to:

• Operate the app and provide the services you've signed up for
• Generate personalized training blocks and adaptive program adjustments based on your performance data
• Power the AI coach's responses with context from your training history
• Analyze aggregate, anonymized usage patterns to improve the app (individual data is not used for this purpose)
• Send transactional emails related to your account (password resets, security notices) when necessary

What We Don't Do With Your Data

• We do not sell your personal information to third parties
• We do not share your individual training data with advertisers or data brokers
• We do not use your data to train AI models for sale or licensing to other companies
• We do not send marketing emails without your explicit opt-in

Data Sharing

We use a small number of third-party services to operate the app. These services are provided access to your data only as necessary to perform their function:

• OpenAI (via Replit AI Integrations): Your workout history and feedback data is sent to the AI model to generate program adaptations and coaching responses. This is transmitted over encrypted connections.
• Replit: The app is hosted on Replit's infrastructure. Replit has access to application data as part of hosting operations.
• Resend: Used to send transactional emails such as password resets.

Data Storage and Security

Your data is stored in a PostgreSQL database hosted on Replit's infrastructure. We use session-based authentication with encrypted cookies. Passwords are hashed using bcrypt and are never stored in plain text.

While we take reasonable measures to protect your information, no internet-based service is completely secure. We encourage you to use a strong, unique password for your account.

Data Retention and Deletion

We retain your account and workout data for as long as your account is active. If you want your data deleted, you can request account deletion by contacting us at the email address below. We will delete your account and associated data within 30 days of a verified deletion request.

Children's Privacy

The Hypertrophy Lab is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the app after changes constitute acceptance of the updated policy.

Contact Us