Privacy Policy

Last updated: May 5, 2026  ·  Effective: May 5, 2026

Welcome to PulseMe. This Privacy Policy explains what personal information we collect, how we use it, and the choices you have regarding your data. By using PulseMe you agree to the practices described here.

1. Who We Are

PulseMe is operated as an independent fitness tracking application. If you have any questions about this policy, please contact us at ocelik.dev@gmail.com.

2. Information We Collect

Account & Identity

• Name, email address, and password (hashed) when you register with email.
• Profile picture, display name, and date of birth if you choose to provide them.
• Authentication tokens from Google when you sign in via Google OAuth.

Health & Fitness Data

• Workout sessions: exercises performed, sets, reps, weight, duration, and timestamps.
• Body metrics: weight, height, body-fat percentage, and other measurements you enter manually.
• Exercise templates and custom programs you create.
• Progress photos if you upload them.

Device & Usage Data

• Device model, operating system version, and app version.
• Crash reports and diagnostic logs to help us fix bugs.
• Feature-usage patterns (e.g., which screens you visit) collected in aggregate.

Data You Do Not Provide Directly

• We do not access your device camera, microphone, location, or contacts unless you explicitly grant permission for a specific feature.

3. How We Use Your Information

• Provide, maintain, and improve the PulseMe app and its features.
• Authenticate your account and keep it secure (OTP verification, session management).
• Display your fitness history, progress charts, and personal records.
• Send transactional notifications such as OTP codes and account alerts.
• Diagnose technical issues and improve app stability.
• Comply with applicable legal obligations.

We do not sell your personal or health data to third parties.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area, we process your personal data on the following bases:

• Contract performance – to provide the services you requested.
• Legitimate interests – to improve product quality and security.
• Consent – where you have opted in, e.g., optional analytics.
• Legal obligation – where required by law.

5. Data Sharing

We share data only as described below:

• Infrastructure providers – cloud hosting and database services process data on our behalf under strict data-processing agreements.
• Authentication providers – Google LLC when you use Sign in with Google.
• Legal requirements – if required by law, court order, or to protect the rights and safety of users.

6. Data Retention

We retain your account and fitness data for as long as your account is active. You may request deletion at any time (see Section 8). Anonymised aggregate statistics may be retained indefinitely after deletion. Backup copies are purged within 90 days.

7. Security

We use industry-standard protections including TLS encryption in transit, hashed passwords (bcrypt), and access controls. No system is 100% secure; please use a strong, unique password and keep it confidential.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your account and all associated data.
• Export your data in a portable format.
• Restrict or object to certain processing activities.
• Withdraw consent where processing is based on consent.

To exercise any of these rights, email ocelik.dev@gmail.com. We will respond within 30 days.

9. Children's Privacy

PulseMe is not directed at children under 13 (or under 16 in the EEA). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

10. Third-Party Links

The app may link to third-party websites or services. We are not responsible for their privacy practices and encourage you to review their policies.

11. International Transfers

Your data may be processed in countries outside your own. Where applicable, we rely on Standard Contractual Clauses or equivalent safeguards to protect transferred data.

12. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via in-app notice or email at least 14 days before the change takes effect. Continued use after the effective date constitutes acceptance.

13. Contact Us

Questions or concerns? Email us at ocelik.dev@gmail.com.