← Back

Privacy Policy

Last updated: May 4, 2026

1. Introduction

Taut is a mobile app for resistance band training coaching. This policy describes how we collect, use, and protect your personal data when you use the Taut iOS app or the taut.fr website.

Data Controller: Alexandre Alcuvilla
Contact: contact@taut.fr

2. Data we collect

Data you provide

• Email address: when you sign up for the newsletter or waitlist
• Workout data: programs followed, exercises completed, resistance levels, session dates
• Personal preferences: training goal (hypertrophy, strength, fat loss…), level, available equipment
• Coach AI questions: if you use the conversational AI assistance feature

Data collected automatically

• Device information: iPhone model, iOS version, anonymized device identifier
• Anonymous usage data: sessions, features used, frequency of use (via Apple App Analytics)
• Payment data: handled exclusively by Apple via the App Store. We never have access to your banking information.

Data we do NOT collect

• Banking or credit card information
• GPS location data
• Contacts or photos from your device
• Apple Health data (unless you explicitly grant access in a future version)

3. Purposes of processing

We use your data to:

• Provide personalized coaching service based on your level and goals
• Save your progress and training history
• Send you the newsletter and product communications (if subscribed)
• Improve the app via anonymous usage data
• Respond to your support requests

4. Legal basis (GDPR)

• Contract performance: to provide the coaching service you subscribed to
• Consent: for the newsletter (revocable at any time via unsubscribe link)
• Legitimate interest: for anonymous app improvement analytics

5. Sharing with subprocessors

Your data may be processed by the following subprocessors, exclusively for the purposes described above:

• Apple Inc. — app distribution, payments, optional iCloud backup
• Beehiiv — newsletter and marketing email management
• Cloudflare — taut.fr website hosting and serverless functions
• OpenAI / Anthropic — conversational AI provider used as a complement to Apple Intelligence (technical questions are transmitted in an anonymized form, without identifying personal data)
• RevenueCat — subscription and receipt management

We never sell your data to third parties.

6. Storage and retention

• Workout data is stored locally on your device and backed up via iCloud if enabled
• Newsletter emails are stored on Beehiiv until you unsubscribe
• Anonymous usage data is retained for up to 26 months (Apple policy)
• If you delete your account or uninstall the app, local data is removed with the application

7. Your rights

You have the following rights regarding your data:

• Right of access: obtain a copy of your data
• Right to rectification: correct inaccurate data
• Right to erasure (right to be forgotten): request deletion of your data
• Right to data portability: receive your data in a reusable format
• Right to object: oppose specific processing
• Right to restriction: limit certain processing

To exercise these rights, contact us at contact@taut.fr. We respond within 30 days maximum.

EU users may file a complaint with their national data protection authority. French users may contact the CNIL.

8. California residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect about you
• Right to delete your personal information
• Right to opt out of the sale of your personal information (we do not sell personal information)
• Right to non-discrimination for exercising these rights

9. Security

We implement reasonable technical and organizational measures to protect your data:

• TLS encryption for all network communications
• No password storage (authentication via Apple Sign-In or iCloud account)
• Data access strictly limited to necessary subprocessors
• Encrypted backups of critical data

10. Minors

Taut is not intended for individuals under 16 years of age (under 13 for US users). We do not knowingly collect data concerning minors. If you are a parent or guardian and discover that your child has provided us with data, please contact us so we can delete it.

11. International transfers

Some of our subprocessors (Apple, OpenAI, Anthropic, Beehiiv) are based outside the European Union. When your data is transferred, we ensure it benefits from an equivalent level of protection (Standard Contractual Clauses or adequacy decisions of the European Commission).

12. Cookies

The taut.fr website uses minimal cookies, only essential for functionality (no advertising tracking cookies). The iOS app does not use cookies.

13. Modifications

This policy may be updated to reflect changes in our practices or legislation. Any substantial modification will be notified to you by email or via an in-app notification at least 30 days before its entry into force.

14. Contact

For any question regarding this privacy policy or your personal data: