Privacy Policy

Last updated: March 17, 2026

1. Introduction

CalmArms ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

By using CalmArms, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • First and last name
  • Age, height, and weight (for personalized coaching)
  • Password (stored in hashed form by Firebase Authentication)
  • Google profile information (if you sign in with Google)

2.2 Workout Data

When you use the app to grade your form, we collect:

  • Exercise type and variation selected
  • Form grades and scores
  • Rep counts and session duration
  • Form issue detections (e.g., "elbow flare")
  • Timestamps of workout sessions

2.3 Camera Data

CalmArms requires camera access to detect your exercise form. However:

  • All video processing happens entirely on your device
  • Camera frames are analyzed in real time by on-device machine learning
  • No video, images, or camera data is ever uploaded to our servers
  • No video or images are stored on your device after the session ends

2.4 Purchase Information

If you subscribe to CalmArms Pro, payment processing is handled entirely by Apple (App Store) or Google (Play Store) through RevenueCat. We do not collect or store your credit card number, billing address, or other payment details. We receive only a confirmation of your subscription status.

2.5 Error and Crash Reports

We use Sentry for error monitoring. Crash reports may include device type, OS version, and the state of the app at the time of the error. These reports do not include your workout videos or personal information beyond your anonymous user ID.

3. How We Use Your Information

We use the information we collect to:

  • Provide and maintain the Service
  • Personalize your workout experience
  • Track your progress and display statistics
  • Process subscription purchases
  • Diagnose and fix technical issues
  • Improve the accuracy of our form grading algorithms

We do not use your data for advertising, and we do not sell your personal information to third parties.

4. Third-Party Services

CalmArms uses the following third-party services:

  • Firebase (Google) — Authentication, Firestore database, Cloud Functions
  • RevenueCat — Subscription management (processes through Apple/Google stores)
  • Sentry — Error monitoring and crash reporting
  • Google ML Kit — On-device pose detection (runs locally, no data sent to Google)

Each of these services has its own privacy policy. We encourage you to review them.

5. Data Storage and Security

Your account data and workout history are stored in Google Cloud Firestore, which provides encryption at rest and in transit. We implement security rules that ensure users can only access their own data.

While we use commercially reasonable measures to protect your data, no method of electronic storage is 100% secure. We cannot guarantee absolute security.

6. Your Rights and Choices

You have the right to:

  • Access your data — Export all your data from the Data & Privacy screen in the app
  • Delete your account — Permanently delete your account and all associated data from the app
  • Opt out of crash reports — Disable crash report sending in the app settings
  • Revoke camera access — Disable camera permissions in your device settings at any time

7. Children's Privacy

CalmArms is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will promptly delete it.

8. Data Retention

We retain your account data and workout history for as long as your account is active. If you delete your account, all associated data is permanently removed from our systems within 30 days.

Anonymized, aggregated data (e.g., average form scores across all users for a given exercise) may be retained indefinitely for the purpose of improving the Service.

9. International Data Transfers

Your information may be transferred to and processed in the United States, where our cloud infrastructure is hosted. By using the Service, you consent to this transfer.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at:

Email: privacy@calmarms.com