← Lunaro

Privacy

Last updated: 2026-05-14

Lunaro is a stage-aware fitness coaching app. This page lays out what we collect, why, where it goes, and how to delete it.

What we collect

  • Account info — when you sign in with Apple, we get your name and email (or Apple's relay address if you choose to hide your real one). We store these to identify your account.
  • Cycle, stage, and body info — the data you enter during onboarding or manual logging: date of birth, life stage, goals, cycle day, last period date, average cycle length, symptoms, body metrics, food logs, PRs, and progress notes. You can edit or delete it from Profile.
  • Coach conversations — text and voice you share with the AI coach, plus the coach's replies. We store these so your coach can remember context across sessions.
  • Voice + camera streams — only when you tap the mic or camera in voice mode. Audio and video frames are sent live to Google Gemini and are not stored on our servers after the session ends.
  • Apple Health data — if you grant permission on iOS, we read only the categories you choose, such as workouts, sleep, HRV, heart rate, body metrics, and cycle tracking. HealthKit reads happen on your device first; authorized records from selected categories can sync to our backend for coaching context. We do not request HealthKit access on launch or sign-in. We do not write data to HealthKit in this version.
  • AI memory and actions — user-visible memories, coaching suggestions, approval requests, and approval history. You can view, edit, archive, or delete AI memories from Profile. Sensitive or external actions require your approval before execution.
  • Push tokens — when you allow notifications, Apple gives us a token so we can send daily training reminders.
  • Billing info — iOS subscriptions go through Apple's App Store. We never see your card. We see what tier you're on and your billing status.
  • Server logs — IP address, user agent, timestamps. Standard for any web service. Used to debug and to block abuse.

Where it lives

Account and coaching data is stored in Supabase (Postgres). Database access is scoped so users cannot read each other's data. Text coach requests are processed by OpenRouter so the coach can respond. Voice and video streams pass through Google Gemini's Live API and are not stored on our servers after the session.

Who we share with

  • Apple — Sign in with Apple and App Store billing.
  • OpenRouter — text coach messages are processed through OpenRouter. The request can include your typed message, selected profile details, cycle or life-stage setup, manual logs, AI memory/chat history, and relevant authorized Health context only when needed to answer you.
  • Google Gemini / Google AI Studio — voice and camera mode are processed by Gemini Live. The request can include microphone audio, camera frames you turn on, selected profile details, cycle or life-stage setup, manual logs, AI memory/chat history, and relevant authorized Health context only when needed to answer you.
  • Vercel — hosts the web and API.
  • Supabase — database and storage.

We do not sell your data. We do not run ad tracking. We do not use Health, fitness, or medical data for advertising, marketing, or use-based data mining. We do not sell or share HealthKit data with data brokers, ad networks, or marketing partners. We use these processors only for app functionality and choose vendors that provide privacy and security commitments for personal data; they are not authorized by Lunaro to use your personal data for ads or tracking.

AI provider permission

Before text chat, voice, or camera mode sends personal data to an AI provider, Lunaro shows an in-app consent screen that lists what may be sent and names OpenRouter and Google Gemini. If you do not agree, the app blocks those AI provider calls. You can still use manual logs, Profile controls, Apple Health consent/revoke, export, and delete.

Apple Health consent

Apple Health is opt-in and read-only. Before any HealthKit-derived data syncs, Lunaro shows its own consent screen, lets you pick categories, then iOS shows Apple's Health permission sheet. If HealthKit has no samples for the categories you selected, Lunaro still saves your permission, consent record, and sync status so the app can show the connection honestly.

Cookies

We use one cookie — your session. It's HTTP-only, secure, and expires when you sign out or after 30 days of inactivity. No third-party tracking cookies.

Your rights

  • See your data — Profile → Export data downloads profile, permissions, consent records, raw sync events, Health-derived data, memories, AI actions, approvals, and sync jobs.
  • Edit your data — Profile lets you update setup, manual logs, and AI memories.
  • Revoke Health access — Profile → Apple Health disconnects Lunaro sync and stops AI use of HealthKit-derived data. iOS Health permissions can also be changed in Settings → Privacy & Security → Health → Lunaro.
  • Delete your account — Profile → Delete Account removes your profile, logs, coaching memory, synced data, permissions, consent records, AI actions, approvals, and sync jobs. Your subscription must be cancelled separately through Apple.

Not medical or emergency use

Lunaro is for general fitness and wellness coaching. It is not a medical device or emergency service. It does not diagnose, treat, prescribe, prevent disease, or replace professional medical care.

Children

Lunaro is not for anyone under 13. If we learn we have data from a child under 13, we delete it.

Changes

If we change anything material here, we'll update the date at the top and notify users in the app before the change takes effect.

Contact

Questions, exports, or deletion requests: support@lunaro.app

PrivacyTermsSupport