← Back

Privacy Policy

Last updated: May 25, 2026

1. Introduction

Taut is a mobile app for resistance band training coaching. This policy describes how we collect, use, and protect your personal data when you use the Taut iOS app or the taut.fr website.

Data Controller: Alexandre Alcuvilla
Contact: contact@taut.fr

2. Data we collect

Data you provide

• Email address: only if you sign up for the newsletter or waitlist on the taut.fr website
• Workout data: programs followed, exercises completed, resistance levels, session dates — stored exclusively locally on your device, never transmitted to our servers
• Personal preferences: training goal (hypertrophy, strength, fat loss…), level, available equipment — stored locally

Data collected automatically

• Device information: iPhone model, iOS version, anonymized device identifier
• Anonymous usage data: sessions, features used, frequency of use (via Apple App Analytics)
• Payment data: handled exclusively by Apple via the App Store. We never have access to your banking information.

Data we do NOT collect

• Banking or credit card information
• GPS location data
• Contacts or photos from your device
• Apple Health data (unless you explicitly grant access in a future version)

3. Purposes of processing

We use your data to:

• Provide a coaching service adapted to your level and goals
• Save your progress and training history
• Send you the newsletter and product communications (if subscribed)
• Improve the app via anonymous usage data
• Respond to your support requests

4. Legal basis (GDPR)

• Contract performance: to provide the coaching service you subscribed to
• Consent: for the newsletter (revocable at any time via unsubscribe link)
• Legitimate interest: for anonymous app improvement analytics

5. Sharing with subprocessors

Since the app operates entirely locally, sharing with subprocessors is limited to what is strictly necessary:

• Apple Inc. — app distribution via the App Store, payment and subscription management via In-App Purchase
• RevenueCat — technical management of subscriptions and receipts (anonymous identifiers only, no identifying personal data)
• Cloudflare — taut.fr website hosting and associated serverless functions (concerns only website visitors, not app users)
• Beehiiv — newsletter and marketing email management (concerns only people who voluntarily subscribed to the newsletter, not app users)

We never sell your data to third parties. No workout data or preferences are shared with anyone — these data remain exclusively on your device.

6. Storage and retention

• All workout data and preferences are stored exclusively locally on your device. We have no access to this data, and we cannot retrieve it.
• Newsletter emails (if you subscribed via the taut.fr website) are stored on Beehiiv until you unsubscribe
• Anonymous usage data collected by Apple (App Analytics) is retained for up to 26 months (Apple policy)
• If you uninstall the app, all local data is removed with the application

7. Your rights

You have the following rights regarding your data:

• Right of access: obtain a copy of your data
• Right to rectification: correct inaccurate data
• Right to erasure (right to be forgotten): request deletion of your data
• Right to data portability: receive your data in a reusable format
• Right to object: oppose specific processing
• Right to restriction: limit certain processing

To exercise these rights, contact us at contact@taut.fr. We respond within 30 days maximum.

EU users may file a complaint with their national data protection authority. French users may contact the CNIL.

8. California residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect about you
• Right to delete your personal information
• Right to opt out of the sale of your personal information (we do not sell personal information)
• Right to non-discrimination for exercising these rights

9. Security

We implement reasonable technical and organizational measures to protect your data:

• No authentication or account required to use the app — we therefore store no password or personal identifier
• TLS encryption for all network communications (Apple payments, newsletter signup)
• Data stored locally on your device benefits from iOS hardware and software protections (Secure Enclave, automatic encryption)
• Data access strictly limited to necessary subprocessors (listed in section 5)

10. Minors

Taut is not intended for individuals under 16 years of age (under 13 for US users). We do not knowingly collect data concerning minors. If you are a parent or guardian and discover that your child has provided us with data, please contact us so we can delete it.

11. International transfers

Some of our subprocessors (Apple, RevenueCat, Beehiiv) are based outside the European Union. When your data is transferred, we ensure it benefits from an equivalent level of protection (Standard Contractual Clauses or adequacy decisions of the European Commission). Note that workout data remains entirely on your device and is therefore not subject to any transfer.

12. Cookies

The taut.fr website uses minimal cookies, only essential for functionality (no advertising tracking cookies). The iOS app does not use cookies.

13. Modifications

This policy may be updated to reflect changes in our practices or legislation. Any substantial modification will be notified to you by email or via an in-app notification at least 30 days before its entry into force.

14. Contact

For any question regarding this privacy policy or your personal data: