Your privacy, our priority.

Personal information

We collect information you provide directly:

• Account: name, email, nickname, profile photo and fitness goals. Sign-in uses a short-lived one-time code (OTP) sent to your email — we do not store passwords.
• Activity content: workouts, sets, reps, weights, and (for endurance workouts) GPS coordinates of your route, distance and pace.
• Photos and videos you upload: profile and team avatars, posts in the community feed, set-completion videos, progress images and bug-report screenshots.
• Community content: chat messages between users, captions, comments and likes on feed posts, team membership and team profile.
• Trainer verification (optional): CREF registration number and document image, only for users who choose to verify as trainers.

Automatically collected

• Device: model, OS version, language, time zone.
• Push notification token (only if you enable notifications) so we can deliver in-app notifications to your device.
• Usage: features used, screens viewed, session duration.
• Logs: IP address, error and crash reports collected by our backend.
• Location (only when you grant permission and only during an active endurance workout): GPS coordinates used to calculate route, distance and pace. Remi does not track your location in the background.

• Service: deliver, maintain and improve the app and its features.
• Personalization: tailor your routines, missions and progress views.
• Communication: respond to support requests and send essential service updates.
• Security: detect abuse, protect accounts, and enforce our Terms.
• Analytics: understand aggregate usage to improve the product.
• Legal: comply with applicable laws and lawful requests.

We do not sell, rent or trade your personal information. We share it only when one of the following applies:

• Service providers (cloud hosting, push notification delivery, email delivery for login codes) bound by contracts that require them to protect your data.
• Legal requirements when required by law, court order, or to protect the rights, property or safety of users.
• Business transfers in the event of a merger, acquisition or sale of assets — with the same protections preserved.
• With your consent for anything else.

Visible to other Remi users

Some information is visible to other users by design: your nickname, name, profile photo, level, XP and streak appear on global and team leaderboards. Posts you publish to the community feed (and their captions, media, comments and likes) are visible to other users in the feed. Chat messages are visible to the participants of the conversation. Your team profile is visible to your team members. You can control what you share by adjusting your profile, leaving teams or removing posts at any time.

We apply appropriate technical and organizational safeguards, including:

• Encryption in transit (TLS) and at rest for sensitive fields.
• Access controls and least-privilege authentication.
• Authentication via short-lived one-time codes (OTP) sent to your email — Remi does not store passwords.
• Regular security reviews of dependencies and infrastructure.

No system is 100% secure. If we ever detect a breach affecting your data, we will notify you as required by law.

We keep your information only for as long as we need it. The specific periods we apply:

You can request earlier deletion at any time from the app's account settings or by contacting us at the address below. We may retain limited information when required to comply with legal obligations, resolve disputes, or enforce our agreements.

Depending on where you live (e.g., LGPD in Brazil, GDPR in the EU/UK, or applicable U.S. state laws), you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your account and associated data.
• Export a copy of your data in a portable format.
• Object to or restrict certain processing.
• Withdraw consent for permissions like location, camera or photo access at any time in your device settings.

Our website and app use a minimal set of cookies and similar identifiers:

• Essential — keep you signed in and the app functioning.
• Analytics — aggregate usage measurement, used in anonymized form.
• Preferences — remember settings such as language and theme.

Remi integrates with a limited set of trusted providers to deliver core functionality. Each is contractually required to protect your data:

• Cloud hosting and database infrastructure (Railway).
• Email delivery for one-time login codes.
• Push notification delivery (Apple Push, Google FCM, Expo).

Remi does not currently use third-party analytics or crash-reporting providers in the app. If that changes, we will update this policy and notify you in-app. When you follow a link from Remi to a third-party site, that site's privacy policy applies — not ours.

Remi is not intended for children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

Your information may be processed in countries other than the one you live in. When we transfer data internationally, we use safeguards consistent with applicable law, such as standard contractual clauses.

We may update this policy as Remi evolves. When changes are material, we will notify you in the app or by email and update the "Last updated" date above. Continued use after the effective date means you accept the revised policy.