RepTogetherBack to Home

Privacy Policy

Last updated: February 22, 2026

1. Introduction

RepTogether ("we," "our," or "us") is committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our mobile application and related services ("the App").

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access or use the App.

We do not sell your personal information — ever. This applies to all users, regardless of subscription tier.

2. On-Device AI Processing

Your Camera Feed Never Leaves Your Device. RepTogether uses on-device AI technology to analyze your exercise form in real time. This means:

  • No Video Transmission: Your camera feed is processed entirely on your device using local machine learning models. Video and image data never leaves your phone.
  • Local Movement Analysis: All movement tracking, form analysis, and rep counting happens on your device in real-time without sending data to external servers.
  • No Cloud Processing: Unlike many fitness apps, we do not upload your workout videos or images to cloud servers for AI processing — not even for premium users.
  • Immediate Deletion: Camera frames are processed in memory and immediately discarded after analysis. We do not store any video or image data on your device beyond the current session.

3. Information We Collect

We collect personal information only by lawful and fair means, and only to the extent necessary to deliver our services (APP 3).

3.1 Information Processed On-Device Only (All Users)

The following data is processed locally on your device and is never transmitted to our servers under any circumstances:

  • Camera video feed for movement tracking
  • Body position data during exercise
  • Real-time form analysis data
  • Movement patterns during workouts

3.2 Information You Voluntarily Provide

We collect information you actively provide when you create an account or use the App, including:

  • Email address (for waitlist and account registration)
  • Profile information (name, fitness goals, body metrics you choose to enter)
  • Workout preferences and settings
  • Feedback and support requests

3.3 Workout Analytics

Your workout data (exercise logs, rep counts, form scores, progress metrics, and body scan results) is stored securely and used exclusively to provide your personal coaching experience. We do not use your workout data for product research, model training, or any purpose other than delivering your subscription features. Your data is yours.

4. AI and Machine Learning

Our intelligent system is designed with privacy at its core:

  • Pre-trained Models: Our AI models are pre-trained and distributed with the app. They run entirely on your device and do not require sending your data anywhere to function.
  • No Individual Training: Your personal workout sessions, videos, and form data are never used to train or fine-tune AI models.
  • Model Improvements: Any improvements to our AI models are developed using separate, appropriately consented datasets — not your personal workout data.

5. How We Use Your Information

We use your personal information only for the primary purpose for which it was collected, or for a directly related secondary purpose you would reasonably expect (APP 6). Specifically:

  • To provide, maintain, and improve our services
  • To communicate with you about your account, the App, and the beta program
  • To send you marketing communications where you have consented (you can opt out at any time in accordance with the Spam Act 2003 (Cth))
  • To improve our AI models and user experience using anonymised, aggregated data
  • To respond to your enquiries and support requests
  • To process subscription payments and manage your account
  • To comply with applicable legal obligations
  • To detect, prevent, and address fraud, abuse, or security incidents

We will not use your information for purposes materially different from those described above without providing you notice and obtaining your consent where required by law.

6. Data Storage and Overseas Disclosure

Your account and workout data is stored in Australia. We use Australian-based cloud infrastructure for all primary data storage, so your personal information remains onshore by default.

In limited circumstances, some of your personal information may be accessed by or disclosed to overseas service providers (APP 8) — for example, email delivery providers or payment processors who may operate infrastructure internationally. Where this occurs, we take reasonable steps to ensure these recipients handle your information in a manner consistent with the APPs, including through data processing agreements.

Please be aware that overseas recipients may be subject to the laws of their own jurisdiction and may in some circumstances be required to disclose personal information to overseas authorities.

7. Data Security

We take reasonable steps to protect personal information we hold from misuse, interference, loss, and from unauthorised access, modification, or disclosure (APP 11), including:

  • All data transmission is encrypted using TLS/SSL protocols
  • Account credentials are hashed using industry-standard algorithms
  • Regular security reviews and vulnerability assessments
  • Access to personal information is restricted to employees with a business need
  • Premium user data is subject to enhanced access controls

In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches (NDB) scheme.

No method of electronic transmission or storage is 100% secure. While we strive to use commercially reasonable measures to protect your information, we cannot guarantee absolute security.

8. Third-Party Services

We work with select third-party service providers to operate the App. These providers may access your personal information only to the extent necessary to perform their services on our behalf, and are contractually required to handle it in accordance with applicable law and our instructions. Current categories of third-party providers include:

  • Analytics and crash reporting services (anonymised usage data only)
  • Email delivery services (for account-related communications)
  • Cloud infrastructure providers (for account and progress data — never video or image data)
  • Payment processors (for premium subscriptions — we do not store payment card details ourselves)

We do not sell, rent, or trade your personal information to any third party under any circumstances.

9. Data Retention and Destruction

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, including to comply with legal obligations (APP 11.2). When personal information is no longer needed, we take reasonable steps to destroy or de-identify it.

  • Camera data and movement analysis results are never stored beyond the active workout session
  • Account data is retained for the duration of your account and for a reasonable period thereafter to address any disputes or legal obligations
  • Upon account deletion, personal data is permanently destroyed within 30 days, except where we are required by law to retain it for longer

10. Your Rights

Under the Australian Privacy Principles, you have the following rights regarding your personal information:

  • Access (APP 12): Request access to the personal information we hold about you. We will respond within a reasonable period (generally 30 days). We may charge a reasonable fee for providing access in some circumstances.
  • Correction (APP 13): Request correction of personal information that is inaccurate, out-of-date, incomplete, irrelevant, or misleading. We will take reasonable steps to correct it within 30 days.
  • Anonymity and Pseudonymity (APP 2): Where lawful and practicable, you may interact with us without identifying yourself or using a pseudonym.
  • Withdraw Consent: Where processing is based on your consent (e.g., optional product improvement data sharing), you may withdraw consent at any time in your account settings, without affecting anything done prior to withdrawal.
  • Deletion: Request deletion of your personal information, subject to our legal retention obligations.

To exercise any of these rights, please contact us at support@reptogether.com. We will respond to all valid requests within 30 days.

11. Privacy Complaints

If you believe we have interfered with your privacy or breached the APPs, you may lodge a complaint with us. We take privacy complaints seriously and will respond promptly and fairly.

Step 1 — Contact us first: Send your complaint to support@reptogether.com. Please describe the nature of your complaint in as much detail as possible. We will acknowledge receipt within 5 business days and aim to resolve your complaint within 30 days.

Step 2 — OAIC: If you are not satisfied with our response, or if we fail to respond within a reasonable time, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or by calling 1300 363 992.

12. Children's Privacy

Our App is not directed to children under 15 years of age. We do not knowingly collect personal information from children under 15. If you are a parent or guardian and believe we have inadvertently collected information from a child under 15, please contact us immediately at support@reptogether.com and we will promptly destroy such data.

13. Marketing Communications

We may send you marketing communications about RepTogether where you have consented to receive them. All marketing emails comply with the Spam Act 2003 (Cth) and will include a clearly functioning unsubscribe mechanism.

You can opt out of marketing communications at any time by clicking "Unsubscribe" in any marketing email, or by contacting us at support@reptogether.com. Transactional communications (account notifications, receipts, security alerts) are not marketing and will continue regardless of your marketing preferences.

14. Changes to This Policy

We may update this Privacy Policy from time to time as our practices evolve or as required by law. We will notify you of any material changes by posting the updated policy on this page with a revised "Last updated" date. For significant changes that materially affect your rights, we will provide more prominent notice — such as an in-app notification or email — before the changes take effect. Your continued use of the App after the effective date of any changes constitutes your acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

support@reptogether.com

We aim to respond to all privacy-related requests within 30 days of receipt.