Account information: Name, email address, and password when you create an account.
Profile & health data: Age, gender, height, weight, body measurements, fitness goals, activity level, dietary preferences, medical considerations (e.g., GLP-1 medication usage), and progress photos you voluntarily provide during onboarding and check-ins.
Usage data: Workout logs, nutrition logs, chat messages with the coach, and interactions with the Service.
Payment data: Payment processing is handled by our payment providers, not on our servers — Stripe for subscriptions purchased on the web, and Apple (via RevenueCat) for subscriptions purchased through the iOS app. We do not store credit card numbers or bank account details.
Device & error data: Browser type, device information, IP address, and error reports collected through Sentry to diagnose issues.
Apple Health data (iOS): If you use the iOS app and grant permission, we read the following HealthKit metrics on a read-only basis: steps, active energy burned (calories), heart rate, resting heart rate, heart rate variability (HRV), and sleep. We do not write any data to Apple Health. This data is used solely to personalize your fitness plan and inform your weekly check-in analysis. Apple Health access is optional and only requested on the iOS app after you grant permission.
We use your information to:
We do not sell your personal data to third parties.
We use the following third-party services to operate MetaBody:
Supabase
Database hosting, authentication, and file storage. Your account data, profile information, and workout/nutrition logs are stored in Supabase.
Upstash (Redis)
Rate limiting and abuse prevention. We use Upstash Redis to enforce request limits and prevent abuse. It processes short-lived request metadata (such as a hashed identifier or IP-derived key); it does not store your profile, health, or workout data.
Stripe
Payment processing. Stripe handles all credit card information directly. We only receive confirmation of payment status.
Anthropic (Claude AI)
Coaching engine. Your profile data, workout history, and chat messages are sent to Anthropic’s API to generate personalized coaching. In addition, when you use the body-composition scan, the body-scan photos you provide are sent to Anthropic (Claude Vision) to estimate body composition; and when you use the Form Analyzer, a few still frames from the short workout video you record or upload are sent to Anthropic (Claude Vision) to assess your exercise technique. Anthropic does not use this data to train their models.
WorkoutX
Exercise demonstration images. We retrieve exercise demonstration GIFs by their identifier. No personal data is shared with WorkoutX.
Sentry
Error monitoring. Captures technical error data to help us identify and fix bugs.
PostHog
Product analytics. We use PostHog to measure how people use MetaBody (signups, workouts logged, which features get used) so we can improve the product. Events are linked to your user ID only after you sign in; anonymous sessions stay anonymous. We do not use PostHog for advertising.
OneSignal
Push notifications. When you enable notifications, we share your user ID (as a push external ID) and push-subscription details with OneSignal so it can deliver reminders and coaching notifications to your device.
RevenueCat
In-app purchase management (iOS). On the iOS app, we share your user ID (as the app user ID) and purchase/subscription data with RevenueCat to manage and verify your subscription entitlement.
Resend
Email delivery. We share your email address and the content of the message with Resend to send transactional and lifecycle emails (e.g., welcome and account emails).
Vercel
Hosting and web analytics. Vercel hosts the app and provides privacy-friendly, aggregate, cookieless web analytics (Vercel Analytics) and performance metrics (Speed Insights). It measures aggregate traffic and page performance; it does not track individuals across other sites and is not used for advertising.
Model hosting (jsDelivr, Google MediaPipe)
The body-scan feature runs an on-device pose model that your browser downloads from public content-delivery networks (jsDelivr and Google’s MediaPipe storage). Downloading the model exposes your IP address to those hosts, as any web request does. Your photos are analyzed on your device and are not sent to these hosts.
On the iOS app, MetaBody can read certain metrics from Apple Health (HealthKit) if you grant permission. Access is optional, read-only, and only requested after you explicitly grant it. The app does not write any data back to Apple Health.
The metrics we read are: steps, active energy burned (calories), heart rate, resting heart rate, heart rate variability (HRV), and sleep. We use this data solely to personalize your fitness plan and inform your weekly check-in analysis.
HealthKit data is never used for advertising, never sold, never shared with third parties for their own purposes, and never used to train AI models. Health data you sync is stored on our servers only to power your coaching and check-ins, and is deleted when you delete your account.
We retain personal data only for as long as it is needed for the purposes described in this Policy, unless a longer period is required by law. When you delete your account, we begin deleting your personal data according to the schedule below. The following table describes how long we keep each category of data:
Account & profile data
Name, email, password, age, gender, height, weight, goals, and preferences. Retained while your account is active; deleted on account deletion and purged from live systems within 30 days.
Workout & nutrition logs
Logged workouts, nutrition entries, and progress metrics. Retained while your account is active; deleted on account deletion and purged within 30 days.
Chat messages with the coach
Your conversations with the AI coach. Retained while your account is active; deleted on account deletion and purged within 30 days.
Body-scan photos & form-check videos (biometric)
Body-composition scan photos and Form Analyzer workout videos are biometric-adjacent data and are treated with heightened protection. Both require a separate, affirmative consent before capture. Body-scan photos are retained for no longer than 12 months from capture. Form Analyzer videos are not stored at all — a few still frames are sent for analysis and then discarded; only your form-check results (score and coaching notes) are saved, and are kept until you delete them or your account. All of it is deleted immediately upon account deletion and purged within 30 days. This media is never used to train third-party AI models.
Email logs
Records of transactional and lifecycle emails sent to you (delivery status and metadata held by our email provider). Retained for as long as needed for email delivery, troubleshooting, and legal or compliance purposes; deleted on account deletion.
Product-analytics events (PostHog) and error reports (Sentry). We do not send your name or email to our analytics or error tools — events are tied only to a random account identifier. When you delete your account that identifier is removed, so any residual analytics events can no longer be linked to you; aggregated, anonymized analytics may be retained indefinitely to improve the Service.
Billing & payment records
Subscription and payment-status records (card data is held only by Stripe, not by us). Retained as required for tax, accounting, and legal compliance, typically up to 7 years.
If you cancel your subscription without deleting your account, your account data is retained while the account remains open so you can resubscribe. To request deletion, see “Your Rights” below. A parent or guardian may request deletion of a minor’s data at any time.
You have the right to:
To exercise any of these rights, email us at privacy@metabodyapp.com. We will respond within 30 days.
We implement industry-standard security measures including encryption in transit (TLS), encrypted data at rest, and secure authentication through Supabase. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.
We use essential cookies for authentication and session management. We also use PostHog to collect product analytics (feature usage, signup funnel, retention) so we can improve the Service. We do not use third-party advertising cookies or cross-site trackers.
MetaBody is intended for users 13 and older. We do not knowingly collect personal information from children under 13; if we learn we have, we delete it promptly.
Users between 13 and 17 may use MetaBody only with consent from a parent or legal guardian, obtained during onboarding. For these users we collect the profile and health data described above to generate their plans, with additional minor-safety protocols. Body-composition photo analysis and video form analysis process body images (see the biometric section above); for a user under 18 they are available only where a parent or guardian has provided consent. A parent or guardian may review, request deletion of, or withdraw consent for their minor’s data at any time by contacting privacy@metabodyapp.com.
We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use after changes constitutes acceptance.
MetaBody is operated by TP Performance LLC, which is the data controller responsible for your personal data under this Policy.
For privacy-related questions or requests, contact us at privacy@metabodyapp.com, or by mail at:
TP Performance LLC, PO Box 6355, Lake Worth, FL 33466, United States