Home/Privacy Policy

Privacy Policy

Effective May 11, 2026

In short: Cragen is local-first. Your workouts, programs, and body metrics stay on your device unless you choose optional iOS account backup. Raw Apple Health and Health Connect samples are read-only and are not sent to Cragen. Anonymous crash reports help us fix bugs and contain no training or health data.

1. Who we are

Cragen ("Cragen," "we," "our") is a fitness logbook for iOS and Android. This Privacy Policy describes how the Cragen mobile app and cragen.app handle information.

Privacy questions: privacy@cragen.app.

2. The short version

  • Your training data stays on your device by default. Workouts, programs, templates, body metrics, and preferences are stored locally unless you turn on optional iOS account backup.
  • Account backup is optional. If you sign in with Apple and back up your account, Cragen uploads a backup snapshot of your logbook so it can be restored on another iPhone.
  • Emails are purpose-limited. If you email support, email privacy, or use the launch-link mailto, we receive your email address and message only for that request.
  • Health data flows in only. If you grant permission, we read steps, sleep, and body weight from Apple Health or Health Connect. We don't write back. Raw health samples are processed on device; body metrics saved into Cragen may be included in account backup if you enable it.
  • No advertising trackers. Cragen contains no third-party advertising SDKs and does not engage in cross-app or cross-site tracking.
  • Crash reports only. Anonymous crash reports help us fix bugs. They never contain your workouts, health data, or identifiers tied to you.
  • You can leave at any time. Export your workouts as CSV. Delete your optional account backup from Settings → Account, or uninstall the app to remove local data from your device.

3. Information stored on your device by default

The following data is created and stored locally on your device, in the platform's standard storage (SQLite for structured data, SecureStore for preferences and keys). It is not transmitted to Cragen unless you choose optional iOS account backup.

  • Workout logs — exercises, sets, reps, weight, RPE/RIR, notes, rest times, timestamps.
  • Programs, templates, training blocks, and block history.
  • Body weight entries you enter manually, plus your unit and preference settings (e.g. default rest, units, theme).
  • An anonymous per-device identifier generated on first launch. It is not linked to your name, email, phone, or any external account.

4. Optional iOS account backup

On iPhone, you can sign in with Apple from Settings → Account to back up and restore your Cragen logbook. When enabled, Cragen may transmit a backup snapshot containing workouts, programs, templates, custom exercises, preferences, body metrics, and account metadata such as your Apple-linked email and user ID.

Account backup is not required to use the app. Android account backup is not available until an Android sign-in provider is added.

5. Apple HealthKit (iOS)

If you grant Cragen permission via the iOS Health permission sheet, Cragen reads the following data from Apple Health to display trends and context inside the app:

  • Daily step count
  • Sleep sessions
  • Body weight entries

HealthKit data is read-only. Cragen does not write to Apple Health and does not modify your Health data. HealthKit data samples are processed on your device only and are never transmitted to Cragen or any third party. Body weight values you save into your Cragen profile or history become Cragen records and may be included in optional account backup.

You can revoke HealthKit access at any time in iOS Settings → Privacy & Security → Health → Cragen.

6. Health Connect (Android)

On Android, Cragen integrates with Health Connect using the same principles as our HealthKit integration. With your explicit permission, Cragen reads:

  • Steps
  • Sleep
  • Weight

Health Connect samples are read-only, processed on-device, and never transmitted off-device by Cragen. Body weight values you save into Cragen become Cragen records. You can revoke access at any time from Health Connect's settings.

7. Crash reporting (Sentry)

Cragen uses Sentry to receive anonymous crash and error reports so we can fix bugs. Reports include technical context such as:

  • Stack traces and the file/line where the error occurred
  • Device model and operating system version
  • App version and build number
  • A randomly generated install identifier (not tied to you)

Crash reports do not include your workouts, programs, body weight, HealthKit/Health Connect data, name, email, phone number, IP-based location, or any other personally identifying information. Personally identifying scopes (PII fields, request bodies, breadcrumbs containing user input) are stripped before transmission.

8. Emails and launch list

If you email us for support, email us about privacy, or use the launch-link mailto on this site, your email client sends your email address and message to Cragen. We use that information only to reply to your request or send the launch link you asked for. We do not sell it, add it to advertising audiences, or link it to your on-device training history.

You can ask us to delete support, privacy, or launch-list emails by writing to privacy@cragen.app.

9. App Tracking Transparency (iOS)

Cragen does not track you across apps or websites and does not present the App Tracking Transparency prompt. Our iOS privacy manifest (PrivacyInfo.xcprivacy) declares no tracking domains and no collected data types.

10. Data we do NOT collect

To be explicit, Cragen does not collect:

  • Your phone number or postal address
  • Your raw Apple HealthKit or Health Connect samples
  • Your photos, contacts, or location
  • Advertising identifiers (IDFA / GAID)
  • Account credentials of any kind

11. Your controls

  • Export. Export your workout history as CSV from Settings → Export workouts (CSV) at any time.
  • Delete local data. Uninstalling the app removes locally stored Cragen data from that device, including the per-device identifier.
  • Delete account backup. If you use optional iOS account backup, go to Settings → Account → Delete Account to delete your Cragen account and server backup.
  • Health permissions. Revoke HealthKit / Health Connect access at any time in your OS settings. Cragen will detect the change on next launch.
  • Crash reporting. If you do not want Cragen to send anonymous crash reports, contact privacy@cragen.app and we will document the opt-out steps for your version.

12. Children

Cragen is not directed to children under 13 and we do not knowingly collect data from children under 13. The app is rated 4+ on the App Store.

13. Security

Because Cragen is local-first, the main defenses for local data are your device's lock screen, OS-level encryption, and device backup settings. Optional account backup is transmitted over HTTPS and stored on Cragen systems so it can be restored after sign-in. We recommend keeping your device passcode/Face ID/Touch ID enabled and your OS up to date.

14. International users

If you enable optional account backup, your backup data may be processed where Cragen's hosting providers operate. Anonymous crash reports may be processed by Sentry on infrastructure located in the United States and the European Union.

15. Changes to this policy

We may update this policy as the product evolves — for example, when we ship new integrations or change how crash reporting works. Material changes will be reflected here with an updated effective date. Continued use of Cragen after the effective date constitutes acceptance of the revised policy.

16. Contact

Privacy questions or requests: privacy@cragen.app.
General support: support@cragen.app.

PrivacyTermsSupport