Privacy Policy
Effective and last updated: July 13, 2026
1. Scope and operator
This policy applies to the Reploom iOS app and these static Reploom information pages. “Reploom,” “we,” and “us” refer to Daeseon Yoo, the independent app developer who operates Reploom.
2. Data kept on your device
Reploom stores app data in its private app container, including:
- workout sessions, sets, weights, repetitions, RIR, cardio logs, and timestamps;
- food entries, estimated calories and protein;
- daily goals, program choices, settings, streak and Combat Power history;
- body-composition values you enter;
- a small Health-derived snapshot: seven-day workout count, latest VO₂ max, body mass, body-fat percentage, and last-sync time; and
Reploom does not require a name, email address, phone number, password, Apple sign-in, or other account credential. The app creates one local profile and stores it on the device.
3. Apple Health and HealthKit
Apple Health access is optional. If you connect it, the release build requests these types for on-device progress and a health snapshot:
| Operation | Health data types | Purpose |
|---|---|---|
| Read | Workouts, VO₂ max, body mass, body fat percentage | On-device fitness progress and Combat Power inputs |
| Write | Workouts, body mass, body fat percentage | Save only activity or body measurements you actually log |
Reploom does not send HealthKit records to its Cloudflare Worker, AI provider, leaderboard, advertising services, or data brokers. It never writes Combat Power or fabricated values to Apple Health. Reploom does not implement CloudKit or an iCloud health-sync service. The release build excludes the app-managed fitness and health SQLite database directory, including its database, WAL, and SHM files, from iCloud device backup.
Reploom's in-app Disconnect Apple Health action clears the cached snapshot from Reploom and recomputes Combat Power. Revoking permissions only in iOS or the Health app stops future authorized access but does not itself erase the snapshot already stored by Reploom; use the in-app disconnect action or delete the app for that local deletion.
4. Optional AI processing
Reploom's core manual workout logging works without sending HealthKit data to an AI provider. Remote AI is off by default. If you confirm you are 18 or older and enable it in Settings after reading the disclosure, then deliberately use an AI-assisted tool, Reploom sends the selected input through a Cloudflare Worker to Groq for that request:
| Action you choose | Data sent | Processor | Result |
|---|---|---|---|
| Parse a typed workout | Your text, unit system, and exercise catalog names/IDs | Groq | Structured exercise sets |
| Transcribe a voice log | The audio clip and language hint; if local matching cannot resolve the transcript, the transcript, unit system, and exercise catalog names/IDs | Groq speech-to-text, then Groq workout parsing only when needed | Transcript and, when needed, structured exercise sets |
| Estimate a typed meal | Your meal description | Groq | Estimated food items, calories, and protein |
| Estimate a meal photo | The image you select | Groq vision | Estimated food items, calories, and protein |
Reploom deletes its temporary voice recording after transcription finishes, fails, times out, or is cancelled. It also deletes app-cache copies of a selected meal photo and the resized upload image after the request. If the app is force-quit before that cleanup, Reploom sweeps the dedicated ExpoAudio, ImagePicker, and ImageManipulator cache directories on the next launch.
The v1 sportswear character is built into the app. It does not use your photo and does not send an avatar image to an AI provider. The Worker code forwards the selected logging input and returns the result; it does not write AI request bodies or results to D1, KV, R2, or another Reploom application store. Groq says inference customer data is not retained by default, but inputs and outputs may be logged for platform reliability or suspected-abuse investigation for up to 30 days, or longer if legally required. Groq separately retains usage metadata that it says does not contain customer inputs or outputs. Reploom's Worker release-candidate configuration disables Cloudflare Worker observability/application logs. This becomes an operational statement only after that exact Worker version is deployed and verified. Cloudflare still processes ordinary request and security metadata while routing and protecting the request under its own service policies.
AI results can be wrong. Meal nutrition is an estimate and workout parsing must be reviewed. These tools are not medical advice.
5. Legacy leaderboard data
Public leaderboards are not available in Reploom v1, and v1 does not create or update a leaderboard row. An earlier TestFlight build allowed an opt-in leaderboard and may have stored the following in Cloudflare D1: a public handle, random app-generated device ID, Combat Power, weekly gain, grade label, optional crew code, and update time. Raw HealthKit records and workout details were not included.
If that random device ID is still saved on your phone, v1 Settings provides a legacy-data
deletion action. It sends the ID to /rank/delete, deletes the matching D1 row,
and clears the local leaderboard values after the server confirms deletion.
6. Service providers and disclosures
- Cloudflare
- Hosts these static pages, routes optional AI requests, may process operational/security metadata, and retains legacy TestFlight leaderboard rows in D1 until deletion.
- Groq
- Processes selected workout text and parsing context, voice audio and sometimes its transcript, meal text, and meal photos.
- Apple HealthKit
- Provides on-device health access controlled by your Apple Health permissions.
Reploom does not sell or rent personal data, use it for targeted advertising, share HealthKit data for marketing, or include third-party advertising or analytics SDKs. We may disclose information if legally required or to protect the service, but the current accountless app holds no real-name account record to disclose.
7. Retention
- Local app data and Remote AI consent: remain until you change the setting, remove data using an available in-app control, or delete the app.
- AI request and result content: Reploom's Worker application does not persist it. Groq says inference content is not retained by default, but may be logged for reliability or suspected abuse for up to 30 days, or longer when legally required.
- Temporary voice and selected-photo cache files: deleted after each request or cancellation and swept from their dedicated cache directories on the next launch after an interrupted cleanup.
- Network and operational metadata: Cloudflare and Groq process request metadata to operate and protect their services. Reploom's release-candidate configuration disables application-level Worker observability logs, but that becomes an operational statement only after the exact version is deployed and verified. Reploom does not claim that Groq Zero Data Retention is enabled.
- Legacy leaderboard entry: remains in D1 until the v1 Settings deletion action removes the row matching the locally held random device ID. V1 does not submit new ranking data.
- Apple Health records: remain under Apple Health's controls. Removing Reploom does not delete records already written to Apple Health.
- Support and privacy messages: processed in Gmail and kept only as long as needed to resolve the request, protect the service, or satisfy a legal obligation. Messages are manually deleted when no longer needed and may be deleted earlier on request unless security or law requires retention.
8. Your choices and deletion
- Use Reploom's Disconnect Apple Health action to clear its local snapshot; separately revoke individual permissions in iOS Settings or the Health app to stop future access.
- Leave Remote AI off, or turn it off later, and use manual workout logging instead.
- If you used an earlier TestFlight leaderboard, delete its legacy row in Settings before deleting the app.
- Delete the app to remove its local app container.
Reploom has no account to delete. See the Data Deletion Guide for exact scope and deletion order.
9. Children
Reploom is not directed to children under 13. Remote AI is available only after the user confirms they are 18 or older. The v1 app does not offer remote photo-avatar generation. If you believe a child has provided data through an optional logging feature, use the contact channel once it is verified.
10. Security
Local data is protected by the iOS app sandbox and your device security. AI traffic uses HTTPS through a server-side proxy so provider API keys are not shipped in the app. No storage or transmission method is completely secure. Avoid putting names, diagnoses, or other unnecessary sensitive information in free-text logs, handles, or crew codes.
11. This website
These pages are hosted on Cloudflare Pages. Cloudflare necessarily receives normal web request information such as IP address, requested URL, browser headers, and time to deliver and protect the site, under its own policy. Reploom sets no first-party cookies and loads no analytics, advertising, tracking scripts, or external web fonts.
12. Changes and contact
Material changes will be posted here with a revised date before they take effect. For privacy, deletion, or support questions, email showep12@gmail.com.