Privacy Policy
Who we are
Body Forge is developed and published by the operator of fueltheforge.app ("we", "us", or "our"). The Android app is distributed on Google Play under the package name app.fueltheforge. An iOS build, when available, uses the bundle identifier com.setforge.app.
For privacy questions or requests, contact support@fueltheforge.app.
Introduction
Body Forge ("we", "our", or "the app") is a fitness and nutrition app for Android. This Privacy Policy explains what data the app handles, how it is stored, when it may leave your device, and what choices you have.
Body Forge is local-first: your workouts, food diary, progress photos, profile, and settings are stored on your device unless you explicitly use a feature that sends data to a third party (described below).
Data we store on your device
- Profile and settings (name, goals, macro targets, units, theme, coach preferences).
- Workout history, templates, plans, personal records, and scheduled sessions.
- Food diary entries, custom foods, favourites, meal plans, and shopping lists.
- Body weight, body composition entries, progress photos, supplements, and Forge Score history.
- AI Coach chat history and structured coach memory (stored locally per profile).
- Gym membership QR codes you save in Settings (stored locally).
- A local profile identifier used to scope multi-profile data on your device.
- Optional Google Sign-In session (display name, email, profile photo URL, Google user ID) in secure device storage when you sign in.
We do not operate a cloud backup of your workout or nutrition logs in the current release.
Google Sign-In (optional)
You may optionally sign in with Google in Settings. This uses Google's OAuth service (configured via a Google Cloud / Firebase project for client IDs only).
- We receive your Google user ID, email address, display name, and profile photo URL from Google when you sign in.
- This session is stored locally on your device (secure storage). We do not receive your Google password.
- Sign-in links your Google account to Google Play subscriptions (via RevenueCat) and to ForgeClub access codes (see below).
- You can sign out at any time in Settings, which clears the local session.
Google processes sign-in data under its own Privacy Policy.
Google Play subscriptions and billing
Body Forge Premium is sold through Google Play Billing. We use RevenueCat to verify subscription and purchase status in the app.
- Payment is processed entirely by Google Play. We do not receive your card or bank details.
- RevenueCat receives purchase receipts and entitlement status from Google Play so the app can unlock Premium features.
- If you sign in with Google, RevenueCat may associate purchases with your Google user ID. If you do not sign in, an anonymous RevenueCat customer ID is used; you can still restore purchases on the same Google Play account.
- Manage or cancel subscriptions in Google Play → Payments and subscriptions.
ForgeClub access codes
ForgeClub is an optional way to unlock Premium with a code (for example from a gym or partner). If you redeem a code:
- You must sign in with Google first.
- The app sends your Google user ID and the code to our API at
bodyforge.onrender.comto validate and record the entitlement. - Our server stores entitlement status (active/expired, code type, expiry) linked to your Google user ID. It does not receive your workouts, food diary, or other local app data.
ForgeClub admin tools for generating codes are staff-only and are not linked from this website.
Android Health Connect
On Android, you may optionally connect Health Connect to read steps and, where supported, body metrics from linked apps or devices (for example smart scales).
- Health Connect is an Android platform feature. Body Forge does not use Apple Health on Android.
- Data read from Health Connect is used inside the app for progress charts and coach context. We do not upload your Health Connect records to our servers.
- You can disconnect Health Connect at any time in Settings.
Camera and photos
The camera is used when you choose to scan barcodes for food logging, scan meal photos for ingredient estimates, or capture progress photos.
Barcode scans query public food databases (see Third-party services). Meal and progress photos stay on your device unless you use an AI analysis feature that sends images to OpenAI (see AI processing).
Camera access is requested only when you open a feature that needs it. You may deny permission; those features will not work without it.
Notifications
If you enable notifications, the app may send local reminders (for example workout or rest-timer alerts) using Android notification channels.
Notification content is generated on your device. We do not use notifications to collect personal data.
AI processing (OpenAI)
Some features can use OpenAI when an API key is configured for your build: AI Coach chat, spoken coach replies (text-to-speech), meal photo ingredient analysis, progress photo comparison, and weekly check-in AI summaries.
Production and preview store builds are intended to ship without a client-side OpenAI key. In that case, the AI Coach uses on-device guidance and does not send your messages to OpenAI.
When cloud AI is enabled, text you send in coach chat, images you submit for meal or progress analysis, and related context needed to answer your request may be transmitted to OpenAI for processing. OpenAI processes data under its own terms and privacy policy.
You can turn off the AI Coach in Settings. Meal and progress photo AI features only run when you explicitly start them.
Third-party services
| Service | What is sent | Purpose |
|---|---|---|
| Google Sign-In | OAuth tokens; profile fields from Google when you sign in | Optional account linking for billing and ForgeClub |
| Google Play / RevenueCat | Purchase receipts, entitlement status, optional Google user ID | Premium subscriptions and restore purchases |
Body Forge API (bodyforge.onrender.com) | Search queries, exercise sync requests; ForgeClub code + Google user ID when redeeming | Recipe/food proxy, exercise library, ForgeClub entitlements |
| Open Food Facts | Barcode or search terms | Product and nutrition lookup |
| OpenAI | Chat text and/or images (only when cloud AI enabled) | AI coach, TTS, photo analysis |
Our app includes a google-services.json configuration from Google Cloud / Firebase only to enable Google Sign-In OAuth client IDs. We do not use Firebase Analytics, Firebase Auth, Crashlytics, or Firebase cloud storage for your fitness data.
Paid food API credentials stay on our server, not in the app. We do not use FatSecret or similar third-party nutrition account services.
We do not sell your personal data to third parties.
Device, diagnostics, and analytics
- The app does not include third-party analytics, advertising, or in-app crash-reporting SDKs.
- We do not intentionally collect your advertising ID.
- Network features use HTTPS. Our hosting provider (Render) may temporarily log standard connection metadata (for example IP address and user agent) for security and reliability.
- When you redeem a ForgeClub code, our server may write operational logs that include your Google user ID and event type for fraud prevention and support. Raw access codes are not stored in logs after redemption.
- Google Play may independently collect crash and diagnostic data through Play Vitals on store builds. That collection is governed by Google.
How long we keep data
| Data | Retention |
|---|---|
| On your device (workouts, diary, photos, settings) | Until you reset app data, reset progress, sign out of Google, or uninstall |
| ForgeClub entitlements (server) | While access is active, plus a reasonable period after expiry or revocation for audit and support |
| Google Play / RevenueCat purchases | Per Google and RevenueCat policies |
| OpenAI (if cloud AI used in a dev build) | Per OpenAI policies |
| Server operational logs | Short-term, per our hosting provider's defaults |
To request deletion of ForgeClub entitlement data linked to your Google user ID, email support@fueltheforge.app.
Your rights (UK and EU)
If you are in the United Kingdom or European Economic Area, you have rights under UK GDPR including:
- Access — ask what personal data we hold about you
- Rectification — ask us to correct inaccurate data
- Erasure — ask us to delete data we control (most app data can be deleted on your device in Settings)
- Restriction and objection — in certain circumstances, limit or object to how data is processed
- Data portability — where applicable, receive a copy of data you provided in a portable format
Because most Body Forge data stays on your device, you can access and delete it directly using Settings. For server-held data (for example ForgeClub entitlements), contact support@fueltheforge.app. We aim to respond within one month.
You may lodge a complaint with the UK Information Commissioner's Office at ico.org.uk if you believe your data has been handled unlawfully.
Security
- Network requests from the app use HTTPS encryption in transit.
- Local data is stored in the Android app sandbox. Android backup of app data is disabled for fitness logs in release builds.
- We do not operate a remote cloud backup of your workout or food diary in the current release.
Data deletion
- Settings → Data → "Reset local app data" — deletes locally stored app data (including Google Sign-In session) and returns you to setup. Primary way to remove your data.
- Settings → Data → "Reset Progress" — clears logs and history while keeping profile, settings, and plans.
- Sign out of Google in Settings — clears the local Google session without deleting other app data.
- Uninstalling the app removes all local data from your device.
Because fitness and nutrition data is stored locally, we cannot delete it from your device remotely. ForgeClub entitlement records on our server are tied to your Google user ID; contact us if you need entitlement data removed after uninstalling. Google Play purchase history is retained by Google. If you used cloud AI features, retention by OpenAI is governed by OpenAI's policies.
Children's privacy
Body Forge is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided data in the app, uninstall the app or use Reset local app data in Settings.
Changes to this policy
We may update this Privacy Policy when we add or change features. The "Last updated" date at the top shows the current version. Material changes will be reflected on this page and, where appropriate, in app updates.
Privacy questions: support@fueltheforge.app