Last updated: June 2026
VOROM stores the data you create — workout logs, exercise catalog edits, body weight, biological sex and birth year/month (used to calculate heart-rate zones and strength benchmarks), training-mode settings, plates, and your account email. Nothing else.
Local: your device's SwiftData store — holds your complete data on this device, regardless of tier. Cloud: Supabase managed PostgreSQL (US East — North Virginia, us-east-1). Cloud Backup is a Pro feature: for Pro accounts with Cloud Backup enabled, we store a full backup of your training data (workouts, exercises, sets, templates, body weight, biological sex and birth year/month, and large files such as HR samples, GPS routes and distance traces in Supabase Storage) so a device change or a second device restores everything. Free accounts operate in On-Device Only mode — your workouts, templates, exercises, HR and GPS data stay on this device and are not synced to the cloud. Account identity (username, email, tier and app settings) syncs for all users so you can sign in on a new device. Live multi-device synchronization (e.g., iPhone ↔ iPad ↔ second iPhone) requires a paid Pro subscription. All data is encrypted in transit (TLS) and at rest.
If you grant Health permission, VOROM reads heart rate, body weight, and (optionally) running power FROM Apple Health for use during workouts and in benchmarks. VOROM does NOT write workout data back to Apple Health unless you explicitly enable export. We do not use HealthKit data for marketing or advertising.
VOROM has no analytics, no ad SDKs, no tracking pixels. We do not sell, rent, or share your data with advertisers or marketers. The app does not request your contacts, calendar, photos, or microphone. We do not use any of your data for marketing or advertising.
VOROM uses the following external service providers to operate. We only share the minimum data each service needs to perform its function. Each provider has its own privacy policy that also applies to data they handle on your behalf.
Your data is processed and stored in the United States (Supabase's us-east-1 / North Virginia region). If you live in the European Economic Area, the United Kingdom, or another jurisdiction with data-protection laws, your data is transferred to the United States for the purposes described in this policy. We rely on Supabase's enterprise-grade infrastructure security and standard contractual safeguards to protect your data during this transfer.
Your account identity (username, email, tier, settings) is retained for as long as your account is active, regardless of tier. Training data: for Pro accounts, cloud copies are retained indefinitely; for Free accounts your training data lives on-device only (any cloud copies uploaded during a previous Pro period are also retained indefinitely and are never auto-deleted on a tier change). We do not delete free-tier data — this lets you upgrade later and immediately see your full history. If you delete your account, all your data is permanently removed after the 24-hour grace period (see Account deletion below). When you delete an individual item (a workout, plan, folder, or exercise) rather than your whole account, we keep a soft-delete marker for up to 90 days so the deletion reliably propagates to all of your signed-in devices, after which the underlying records are permanently purged from our servers. We also keep a short internal change-log of destructive actions (deletions) and renames you make to your training data — recording the action, the affected record, the time, and your account identifier — which is automatically purged after 30 days and is permanently deleted when you delete your account. If your account is inactive for an extended period and we discontinue the service, we will email you before deleting any data.
Settings → Account → Delete My Account soft-deletes every row across 8 tables for your user. A 24-hour grace period lets you recover by signing back in. After 24 hours, the data is permanently removed.
When you share a template via VOROM's Offline Template Share feature:
When a recipient taps "Report this template" in the import preview, the following is sent anonymously to a private admin-only review queue (`template_reports`) on our Supabase backend:
What is NOT attached to a report: your VOROM user account, email, username, IP address, device identifier, or any other personal identifier. Reports are genuinely anonymous from the admin reviewer's perspective.
Reports are reviewed by a human admin who decides whether the reported template violates the Terms of Service. If so, the admin records the template's content hash (a one-way SHA256 digest of the template's name + exercise list) in our `template_bans` registry. Every VOROM client checks this registry before showing the import preview — any template whose content matches a banned hash displays a "Template Removed" screen with the admin's reason and cannot be imported.
The content hash does NOT reveal the template's name or exercises to anyone querying the ban registry — it is a one-way digest. Public read access to the ban registry exists solely so VOROM clients can check it before showing import previews.
Retention. Individual report records are retained for up to 12 months from submission, then automatically purged. The `template_bans` registry (content hashes + admin reasons) is retained indefinitely as a permanent abuse-prevention measure, since the same prohibited content can resurface in re-encoded form years later. Ban entries can be removed if the original block was issued in error.
This reporting + blocking infrastructure exists to comply with App Store Guideline 1.2 (User-Generated Content) requirements for "timely responses" to reports of objectionable content shared between users. It does NOT mean VOROM hosts or distributes user templates — templates still travel only via the user's own messaging apps. See Terms of Service for full content guidelines and prohibited-content policy.
This is distinct from any future server-hosted sharing features (a Discovery tab is planned for a later version), where templates would be hosted by VOROM and visible to other users. Those features will be covered by separate Privacy Policy provisions when launched.
Settings → Account → Export My Data generates a complete JSON + CSV snapshot of all your training data. The export always returns your full unrestricted history regardless of tier. You own your training history and we will never hold it hostage behind a paywall.
Free tier — Cloud Backup is off: as of 2026-05-25, Cloud Backup is a Pro-only feature. Free-tier accounts operate in On-Device Only mode — your workout history lives on this device. Your username, email, and tier still sync to our cloud for sign-in identity, but workouts / templates / exercises / HR / GPS data do not. We strongly recommend exporting periodically and saving the file to iCloud Drive, Files, or email so your training data survives outside the app (in case of phone loss, factory reset, or app deletion).
Pro → Free downgrade: if you previously subscribed to Pro, any data already uploaded during your Pro period is retained indefinitely in our cloud and remains restorable upon re-subscription. We never auto-delete training data on tier change. The only way to permanently remove your cloud data is Settings → Account → Delete My Account (24-hour grace period before permanent deletion).
If you live in the European Economic Area, the United Kingdom, California, or any jurisdiction with similar data-protection laws, you have the right to: access your data, correct inaccurate data, port it to another service, erase it, restrict or object to its processing, and lodge a complaint with your local data-protection authority. VOROM's Export My Data feature gives you a full copy of your data on demand; the Delete My Account feature permanently erases it after a 24-hour grace period. These features satisfy the corresponding access, portability, and erasure rights under GDPR, the UK GDPR, and CCPA. For any other request — correction, restriction, objection, or questions — contact support@vorom.app and we will respond within 30 days.
VOROM is not directed to children under 13 (under 16 in the European Economic Area and the United Kingdom). Sign-up requires Apple / Google / email authentication — those providers enforce their own age policies.
If this policy changes, the app will show a banner on next launch with a summary and link to the new version. Continued use means acceptance.
Questions about this policy or your data? Email support@vorom.app.