Privacy Policy
Effective Date: March 29, 2026
PEP/TRT Tracker ("we", "our", "the app") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information.
1. Information We Collect
Account Information: When you create an account, we collect your email address for authentication purposes via Firebase Authentication.
Health & Fitness Data: The app stores data you voluntarily enter, including:
- Dose logs (compound names, amounts, dates, injection sites)
- Vial information (compounds, concentrations, volumes)
- Body composition measurements (weight, body fat, body measurements)
- Blood work results
- Exercise logs and personal records
- Post-dose attribute ratings (energy, sleep, mood, etc.)
- Profile information (gender, height, weight)
- Progress photos (stored locally on your device)
2. How We Store Your Data
Your data is stored in two locations:
- Locally on your device using an encrypted SQLite database (Room).
- In the cloud via Google Firebase Firestore, associated with your authenticated user ID. This enables data restoration if you reinstall the app or switch devices.
Progress photos are stored only on your device and are never uploaded to the cloud.
3. How We Use Your Data
Your data is used exclusively to provide the app's functionality:
- Displaying your dose history, body composition trends, and health metrics
- Calculating pharmacokinetic compound levels
- Calculating calorie burn estimates based on your weight
- Syncing your data across devices
- Sending dose reminders you configure
We do not use your data for advertising, analytics profiling, or any purpose beyond app functionality.
4. Data Sharing
We do not sell, rent, or share your personal data with any third parties.
The only third-party services that process your data are:
- Firebase Authentication (Google) — for account sign-in
- Firebase Firestore (Google) — for cloud data storage and sync
- Google Play Billing — for subscription management (no health data is shared with billing)
5. Data Retention
Your data is retained as long as you maintain an active account. You can delete your data at any time by:
- Deleting individual records within the app
- Uninstalling the app (removes local data)
- Contacting us to request full account and cloud data deletion
6. Data Security
We implement appropriate security measures including:
- Firebase Authentication with email verification
- Firestore security rules ensuring users can only access their own data
- HTTPS encryption for all data in transit
- No plain-text storage of credentials
7. Children's Privacy
This app is not intended for use by anyone under the age of 18. We do not knowingly collect data from minors.
8. Your Rights
You have the right to:
- Access all data stored in your account (visible within the app)
- Export your data (JSON/CSV export available in Settings)
- Request deletion of your account and all associated data
- Opt out of cloud sync by using the app offline
9. Permissions
The app requests the following device permissions:
- Internet — for cloud sync and authentication
- Notifications — for dose reminders
- Exact Alarm — for scheduling reminders at precise times
- Camera — for taking progress photos and scanning blood work via OCR
- Boot Completed — to reschedule reminders after device restart
10. Changes to This Policy
We may update this privacy policy from time to time. Updates will be communicated via in-app notices. Continued use of the app after changes constitutes acceptance.
11. Contact
For privacy-related questions or data deletion requests, contact us at:
Email: zap@supportanalytics.net
Last updated: March 29, 2026