AVYRO.AI
Privacy Policy
Last updated: 26 March 2026
1. Who We Are
Avyro.ai ("Avyro", "we", "us") is an AI-powered fitness coaching application developed by Resett AI, based in Trondheim, Norway. This policy explains how we collect, use, store, and protect your personal data when you use our mobile app (iOS and Android) and website (avyro.app).
2. Data We Collect
We collect the following categories of data:
2.1 Account Data
- Email address, display name, and profile photo (if provided)
- Authentication credentials (managed securely via Supabase Auth)
- Training preferences: fitness goal, experience level, training days per week, available equipment
2.2 Health and Fitness Data
We access the following health data only after you explicitly grant permission via Apple Health (iOS) or Google Health Connect (Android):
- Heart rate variability (HRV) — used to calculate daily readiness and recovery
- Resting heart rate (RHR) — used to detect overtraining or illness
- Sleep duration and sleep stages — used to assess recovery quality
- Step count — used to track daily activity level
- Active calories burned — used to estimate training load
We read health data only. We never write to or modify your health records. Health data is used solely for personalising your training programme. Health data is never sold, shared with advertisers, or used for marketing.
2.3 Workout and Training Data
- Exercise logs, sets, reps, weights, and session history
- AI-generated training programmes
- Streak count and completion history
2.4 AI Coach Conversation Data
- Messages exchanged with the AI coach
- AI coach memory (key facts you share, used to personalise future advice)
2.5 Technical and Usage Data
- Device type, OS version, and app version (for crash reporting)
- Anonymous analytics events (screens visited, features used)
- Crash reports and error logs (via Sentry)
3. How We Use Your Data
- Personalise your AI coaching and training programme based on your biometric data and goals
- Calculate your daily readiness score from HRV, sleep, and resting heart rate
- Detect sickness or burnout risk and adjust your programme accordingly
- Maintain your streak and progress history
- Send push notifications (workout reminders, streak alerts) — only with your permission
- Improve app quality through anonymous, aggregated analytics
- Process subscription payments via RevenueCat
4. Health Data — Special Protections
Your health data receives the highest level of protection:
- Health data is only accessed after you explicitly grant permission in your device settings
- We only read health data — we never write to or modify your health records
- Health data is used solely for calculating readiness scores and personalising your training
- Health data is never sold to third parties
- Health data is never used for advertising or marketing
- Health data is never shared with data brokers
- You can revoke health data access at any time through your device settings (Settings > Health > Avyro on iOS, or Settings > Health Connect > Avyro on Android)
- When you revoke access or delete your account, all stored health data is permanently deleted
5. AI Coach Conversations
Your conversations with the AI coach are processed by Anthropic's Claude API. Messages are sent securely via encrypted HTTPS connections through our backend (Supabase Edge Functions) — your API keys are never exposed on the client side. Conversation history is stored to provide continuity across sessions. We do not use your conversations to train AI models.
6. Data Storage and Security
- All data is stored securely on Supabase (hosted on AWS in the EU region) with Row Level Security (RLS) policies ensuring users can only access their own data
- All data is transmitted over HTTPS/TLS encryption
- Authentication is handled via Supabase Auth with support for email/password, Apple Sign In, and Google Sign In
- Biometric authentication (Face ID / Touch ID) is available as an additional security layer
- Health data is encrypted at rest in our database
7. Third-Party Services
We use the following third-party services to operate Avyro:
| Service | Purpose | Data shared |
|---|
| Supabase | Backend, auth, database | Account data, workout data, chat history |
| Anthropic (Claude API) | AI coaching | Chat messages (processed server-side, not stored by Anthropic) |
| RevenueCat | Subscription management | User ID, purchase status |
| Sentry | Crash reporting | Anonymous error logs, device info |
| Expo (EAS) | App builds and updates | No user data |
We do not share your health data with any third-party service.
8. Data Retention
We retain your data for as long as your account is active. Specific retention periods by data type:
| Data type | Retention period |
|---|
| Account data (name, email) | Until account deletion |
| Health data (HRV, sleep, heart rate, steps) | Rolling 90 days — older data is automatically deleted |
| Workout logs and training history | Until account deletion |
| AI coach conversation history | Until account deletion |
| AI coach memory | Until account deletion or manual reset |
| Anonymous analytics | Up to 24 months (aggregated, non-identifiable) |
| Crash reports | 90 days |
9. Data Deletion
You can delete your data at any time using the following methods:
9.1 Delete Your Entire Account
Open the Avyro app > Profile tab > Settings (gear icon) > scroll to bottom > tap "Delete Account". This will permanently delete:
- Your account and profile information
- All health data stored by Avyro
- All workout logs and training history
- All AI coach conversation history and memory
- Your subscription (managed via App Store / Google Play)
Account deletion is processed immediately. All data is permanently removed from our servers within 30 days. Backups containing your data are purged within 90 days.
9.2 Delete Specific Data
- Health data access: Revoke permissions in your device settings. Stored health data will be deleted within 24 hours.
- AI coach memory: Go to Settings > AI Coach > "Reset Memory" to clear all stored preferences and context.
- Chat history: Go to Coach tab > long-press any conversation > "Clear History".
9.3 Request Deletion by Email
You can also request data deletion by emailing privacy@avyro.app. We will process your request within 7 business days and confirm deletion by email.
9.4 Export Your Data
Before deleting your account, you can export all your data via Settings > "Export My Data". This provides a downloadable file containing all data we hold about you (GDPR data portability).
10. Your Rights
Under GDPR and applicable data protection laws, you have the right to:
- Access — view all personal data we hold about you (Settings > Export My Data)
- Rectification — correct inaccurate data (edit your profile in Settings)
- Erasure — request deletion of your data (see Section 9 above)
- Portability — export your data in a machine-readable format
- Restriction — request we limit processing of your data
- Objection — object to data processing based on legitimate interests
- Withdraw consent — revoke health data permissions or notification consent at any time
To exercise any of these rights, contact us at privacy@avyro.app.
11. Children
Avyro is not intended for users under 16 years of age. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us at privacy@avyro.app and we will delete it promptly.
12. Changes to This Policy
We may update this policy from time to time. Significant changes will be communicated through the app or via email. The "Last updated" date at the top reflects the most recent revision. Continued use of Avyro after changes constitutes acceptance of the updated policy.
13. Contact Us
For privacy-related questions, data requests, or concerns:
Email: privacy@avyro.app
Company: Resett AI
Location: Trondheim, Norway