Privacy Policy – Exercise Snacks

Effective Date: 07/2026

1. Controller

Exercise Snacks is operated by:
Enrico Jost
Weinbergstraße 19a
16321 Bernau
Germany
Email: esdev@posteo.com

For purposes of the GDPR, Enrico Jost is the data controller.

2. Overview

Exercise Snacks is an iOS app for short movement breaks ("exercise snacks") throughout the day – with exercise suggestions, movement reminders, progress and streak tracking, a home screen widget, an optional Apple Health integration, and an Apple Watch companion app.

The App:

3. Information Collected

3.1 Information Stored Locally and iCloud Sync

The following data is stored on your device:

This data is not transmitted to the operator. The widget, the Live Activity, and the Apple Watch app access this data only on your device or between your own devices.

If iCloud is enabled on your device, this data is additionally backed up and synced across your devices via Apple CloudKit into your personal, private iCloud. The data resides solely in your own iCloud account; the operator has no access to it and keeps no copies. You can disable syncing for the App at any time in the iOS settings (Apple Account → iCloud). Apple's privacy policy applies additionally.

Legal Basis (GDPR): Article 6(1)(b) – performance of a contract.

3.2 Apple Health (Optional)

The App offers two optional Health features that can be enabled independently:

Both features are disabled by default and require your explicit consent via the iOS permission dialog. All Health data is processed exclusively on your device. It is never transmitted to the operator or any third party, never used for advertising, and never sold. You can revoke the permissions at any time in the Health app or iOS Settings; workouts written by the App can be deleted in Apple Health at any time.

Legal Basis (GDPR): Article 6(1)(a) and Article 9(2)(a) – explicit consent.

3.3 Apple Watch

The optional Apple Watch companion app shows your daily progress, streak, and next exercise, and lets you complete exercise sessions directly from the wrist. For this purpose, progress and exercise data is transferred between your iPhone and your Apple Watch; sessions completed on the watch are reported back to the iPhone (possibly delayed if the iPhone is not reachable).

This transfer happens directly between your devices using Apple's encrypted device-to-device connection (WatchConnectivity). No operator servers are involved.

Legal Basis (GDPR): Article 6(1)(b).

3.4 Reminders (Local Notifications)

Movement reminders are scheduled and triggered as local notifications directly on your device. Notification content (e.g. the name of the next exercise) is generated locally and is not stored externally. The smart reminder suppression (see 3.2) also runs entirely on-device.

3.5 Payments and Subscription Processing

Subscriptions are processed exclusively through Apple Inc. via Apple In-App Purchases. RevenueCat is used for technical subscription management. RevenueCat receives an anonymous buyer identifier from Apple for this purpose.

The App does not collect payment card data.
Legal Basis (GDPR): Article 6(1)(b)

4. International Data Transfers

Data processed by Apple (including iCloud/CloudKit) and RevenueCat may be transferred to the United States. Where required under the GDPR, such transfers rely on:

5. Data Retention

6. Your Rights (GDPR – EU/EEA Users)

If you are located in the European Union or EEA, you have the right to:

Since the operator does not store personal data about you, most of these rights are best exercised directly on your device (deleting app data, iCloud and Health settings).

You also have the right to lodge a complaint with a supervisory authority in your country of residence.

To submit a request, contact: esdev@posteo.com

7. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the right to:

Exercise Snacks does not sell or share personal information.

Requests may be submitted to: esdev@posteo.com

8. Children's Privacy (COPPA)

The App is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided information, please contact us at esdev@posteo.com.

9. Limitation of Liability for Data Loss

All personal data is stored on your device and – if iCloud sync is enabled – in your personal iCloud. The operator keeps no copies. No claim exists for restoration of lost data following a device change, reset, or app removal.

10. Security

We implement reasonable technical and organizational safeguards to protect data, and rely on Apple's platform security for iCloud sync and device-to-device transfers (encryption in transit). However, no system is completely secure.

11. Changes to This Policy

We may update this Privacy Policy periodically. The current version is always available within the App and on our GitHub. The effective date at the top of this document indicates when it was last revised.

12. Hosting of this Privacy Policy

This privacy policy is hosted on third-party infrastructure. Accessing this document may result in technical data (such as your IP address) being processed by the hosting provider in accordance with their own privacy policy (GitHub: github.com/privacy).