Privacy Policy
Sam Gym — Last updated February 2026
Sam Gym is committed to being a Public Benefit Corporation. We will never sell or disclose any of your personal data to third parties. Your data is kept encrypted on our servers and you maintain full control over it at all times.
What Data We Collect
- Account information — email address and password (hashed)
- Fitness data — workouts, meals, weight logs, and body metrics you enter
- WHOOP data — recovery, strain, sleep, heart rate, and workout data synced from your WHOOP account (with your explicit authorization)
- Apple Health data — heart rate, activity, and sleep data synced from Apple Health (with your explicit permission, coming soon)
How We Use Your Data
- To provide personalized workout recommendations and calorie tracking
- To display your health metrics and progress
- To generate weight predictions based on your activity and nutrition
We do not use your data for advertising, analytics resale, or any purpose other than providing the Sam Gym service to you.
Data Security
All data is encrypted in transit (TLS/SSL) and stored securely on our servers. WHOOP API credentials you provide are stored encrypted and are only used to sync your data on your behalf.
Your Rights
- Export — You can export all of your data at any time
- Delete — You can permanently delete all of your data from our systems at any time
- Revoke — You can disconnect WHOOP or Apple Health integration at any time, which stops all data syncing
Third-Party Services
When you connect WHOOP, your data flows directly between WHOOP's API and Sam Gym. We do not share your data with any other third party.
AI-Powered Meal Analysis
Sam Gym uses OpenAI's GPT-4o, a third-party AI service, to analyze food photos and text descriptions for nutritional information. When you use this feature:
- What is sent: Only the food image or text description you provide — nothing else
- What is NOT sent: Your name, email, account information, location, health data, or any personal identifiers
- Data retention: Images and descriptions are sent to OpenAI's API for real-time processing. Sam Gym does not store your food images beyond the nutritional data logged to your meal record. OpenAI's data retention is governed by their API data usage policy
- Your control: You are asked for explicit permission before any data is sent to OpenAI. You can revoke this permission at any time in Settings. Without permission, AI analysis is disabled but you can still log meals manually
Contact
Questions about your privacy? Email us at privacy@samgym.org