Privacy Policy
Effective Date: June 23, 2026
Introduction
This Privacy Policy explains what data Lusit collects, how it is used, where it is stored, and your rights. Lusit is a general wellness app, not a medical device.
Contact Information
Email: support@lusit.app
Developer: Julius Brück
Governing Law: Germany / EU (GDPR)
1. Information We Collect
Categories of data we collect:
Account & authentication:
- Email and password (via Supabase Auth; passwords stored hashed)
- Account ID (issued by Supabase Auth)
- Date of birth (to verify the 18+ requirement)
- First name (optional; provided during onboarding, used to personalize the app, e.g. greetings)
- Account creation date
- Last activity timestamp
- Consent timestamp and accepted Privacy Policy version
Personal profile (optional):
- Height (cm) and weight (kg)
- Biological sex
- Computed BMI (from height and weight)
- Self-reported fitness experience level
Activity & wellness data:
- Habit completions (movement, nutrition): date, dose performed (reps, sets, duration, amount, units), and items marked complete
- Plans you create or generate: schedule, sections, and a snapshot of your personalization metrics at generation time
- Plan runs (active and historical): planned and completed counts
- Per-habit statistics (completion counts, recent dates)
- Habit feedback (difficulty, enjoyment, perceived exertion (RPE), discomfort ratings, looser-immediately and tightness-by-area signals, skip reasons, optional free-text notes)
- Weight history (only if you log weight)
- Weight-allocation adjustment records (which categories the algorithm up- or down-weighted, and why)
- Per-habit outcome summaries (recent completion rates, swap/dose-adjust flags)
- Engine-surfaced guidance records: the personalization suggestions, acknowledgments, and notices the app generates for you, each with the rule that produced it and its queue status (e.g. pending, shown, accepted, dismissed)
Engagement & app-usage signals:
- Daily activity flags (local timezone): app-opened, habits completed, habits scheduled, feedback submitted
- Daily, weekly, monthly active flags (DAU/WAU/MAU)
- Current streak and app-open recency
Onboarding preferences:
- Stated wellness goal (e.g. lose weight, get stronger, more energy, eat more vegetables, move better)
- Daily time budget (minutes per day)
- Self-reported eating pattern, sugary-drink frequency, tightness/discomfort areas, equipment access, and other onboarding or personalize-flow answers
Learning & reward data:
- Completed in-app tasks
- Earned reward stars
- Reward counts
- Spaced-repetition recall progress (filled-dot counts, per-question miss counts)
Settings & device data:
- Theme and language preference
- Notification toggle
- Sound and haptic cue preferences
- Timezone and UTC offset (for scheduling and local-day boundaries)
- Push notification token (only if you enable notifications) and its last-update timestamp
Subscription & purchase data (only if you subscribe):
- Subscription tier (Free or Plus) and active status
- Subscription lifecycle events (purchases, renewals, cancellations, expirations), via RevenueCat
- Payments are processed by Apple or Google as seller. We do not receive or store payment card or bank details, only subscription status and tier.
We do not collect: location, IP address (beyond what hosting providers observe for security and routing), advertising or hardware identifiers, payment card or bank details, contacts, photos, or data from third-party fitness or health platforms.
2. How We Use Your Information
We use your data to:
- Provide app functionality (habit tracking, plan generation)
- Personalize movement and nutrition recommendations
- Adjust difficulty, dose, and habit selection from your feedback (preference data, not medical data)
- Display progress, streaks, and statistics
- Send push notifications you have enabled
- Manage your subscription and unlock tier features
- Compute aggregated, anonymized effectiveness statistics
We do not use your data for:
- Medical diagnosis, treatment, or disease prevention
- Sale to third parties
- Behavioral advertising or ad targeting
- Profiling outside in-app personalization
3. Data Storage, Security & Location
Your data is stored on infrastructure in the European Union:
- Database: Supabase-hosted PostgreSQL (EU region)
- API server: Google Cloud Run, region europe-west1 (Belgium)
If you subscribe, your subscription state is also processed by RevenueCat (see Section 7) in the United States, covered by a data processing agreement with standard contractual clauses.
Security:
- Supabase Auth with hashed credentials; we do not see your raw password
- Encrypted transit (HTTPS/TLS)
- Row-Level Security (RLS) restricts access to your own data
- Personal profile data stored separately from activity data under your account ID
- Short-lived JWT tokens (Supabase Auth) authenticate API requests
We do not use third-party analytics, advertising SDKs, crash reporters, or behavioral trackers, and share no data with advertising or tracking providers.
4. Your Rights (GDPR)
Under the GDPR you have the following rights:
Access (Art. 15): Export all your data as JSON from Settings → Edit Profile → Export Data (account info, settings, personal profile, weight history, plans, plan runs, completions, statistics, feedback, outcomes, engagement history).
Rectification (Art. 16): Update your personal information in-app (height, weight, age, sex, experience level, settings, language). To change your account email or correct anything not editable in-app, contact support@lusit.app.
Erasure (Art. 17): Delete your entire account from Settings → Edit Profile → Delete Account, or delete only your personal-profile and weight-history data from Settings → Edit Profile → Delete Personal Data.
Data Portability (Art. 20): Export Data provides your user-scoped data in machine-readable JSON.
Restriction (Art. 18) and Objection (Art. 21): Contact support@lusit.app; we action requests within 30 days.
Complaint: You may lodge a complaint with your national supervisory authority. In Germany this is your state Data Protection Authority (Landesbeauftragter für den Datenschutz).
5. Data Deletion
Deleting your account permanently and immediately removes (no grace period, no soft-delete, no recovery):
- Authentication account (email and credentials, Supabase Auth)
- User record, settings, and push notification token
- Personal profile (height, weight, age, sex, BMI, experience level)
- All weight entries and weight-adjustment records
- All plans and plan runs, including algorithm input snapshots and allocation logs
- All habit completions, per-habit statistics, feedback, and outcomes
- All engagement signals, engine cooldown state, and engine-surfaced guidance records
- All earned stars, rewards, completed tasks, and recall progress
Deleting only your Personal Data clears: height, weight, age, biological sex, BMI, fitness experience level, and your full weight history. Your account, plans, completions, and feedback remain.
Either action also clears your local app state and cached data from your device.
6. Data Retention
Your data is retained while your account is active.
Deleting your account removes all user-scoped data immediately, as described in Section 5.
Aggregated, anonymized population-level effectiveness statistics (not linkable to individual users) may be retained after deletion to improve recommendations. These contain only per-habit success counts and confidence intervals, no identifiers or demographics.
7. Third-Party Services
Lusit uses the following processors (we are the controller; each is a processor under GDPR):
- Supabase (auth, PostgreSQL database, storage): account management, data storage, server-side processing. Hosted in the EU.
- Google Cloud Run (europe-west1, Belgium): hosts our stateless API server. Request bodies pass through but are not retained beyond standard operational logs.
- Expo Push Notification Service: if you enable notifications, your push token and message text are routed through Expo to APNs (iOS) or FCM (Android). No analytics or behavioral data shared.
- Expo (EAS Update): at launch the app queries u.expo.dev for over-the-air JavaScript updates, sending device metadata (OS version, device model, locale, app version) and no user-identifiable data.
- RevenueCat (subscription management and purchase validation): validates your App Store or Google Play purchase and reports your tier to our server. Receives your account identifier and subscription events, not payment card details. Processes data in the United States under a data processing agreement.
We do not use advertising networks, social media SDKs, analytics platforms, attribution services, crash reporters, or A/B testing services.
8. Children's Privacy
Lusit is not intended for anyone under 18. We enforce an 18+ requirement at sign-up via date of birth; accounts are not created for under-18s. If you believe a child has provided us personal data, contact support@lusit.app and we will delete it.
9. Changes to This Policy
We may update this Privacy Policy. Changes are reflected by updating the effective date above and the version stamp recorded with your account. For material changes we notify you in-app and request renewed acceptance where legally required. Continued use after changes constitutes acceptance where renewed consent is not legally required.
10. Contact Us
Questions, GDPR requests, or privacy concerns: support@lusit.app (response within 30 days).