Griply
Home

Legal

Privacy Policy

Last updated: 3 July 2026

Griply (“we”, “us”, “our”) is a grip-strength training app. This policy explains what data we collect, why we collect it, and the choices you have. We built Griply to be private by default: your grip measurements and training history stay on your device.

1. Who we are

Griply is the data controller for the limited personal data described below. We process it in line with the UK GDPR and the Data Protection Act 2018. If you have any questions about this policy or your data, email us at support@getgriply.app.

2. Information you give us (optional)

When you first set up Griply, you can optionally tell us a few things so we can personalise your coaching:

  • a display name;
  • your grip or training goals;
  • your experience level;
  • your notification preferences.

All of this is optional, and you can change or clear it at any time. We do not require your email address, date of birth, phone number, or any government ID to use the app.

3. Information collected automatically

To keep the app working and to improve it, we and our processors collect some technical data automatically:

  • an anonymous install identifier;
  • device and operating-system information (model, OS version);
  • the app version you are running;
  • your language and region settings;
  • in-app usage events (for example, which screens you open);
  • crash and error reports;
  • subscription events (start, renewal, cancellation);
  • your IP address (used transiently by our processors, not stored as a profile);
  • on iOS, your Identifier for Advertisers (IDFA) — only if you grant permission through Apple’s App Tracking Transparency prompt; on Android, the Google Advertising ID (GAID) may be used for attribution.

We do not use this data to build advertising profiles about you.

4. What stays on your device

Your grip measurements, session and training history, streaks, personal records, and favorites are stored locally on your device. This data is not uploaded to our servers, and it is deleted when you uninstall the app.

5. Third-party services we use

We rely on a small set of trusted providers to run Griply. Each only receives the data it needs for its specific job:

  • Apple App Store— processes payments and manages your subscription. We never see your full card details.
  • RevenueCat— manages and validates subscriptions and entitlements.
  • Supabase(EU-hosted) — backend storage for the limited configuration data above.
  • PostHog(EU Cloud) — privacy-friendly product analytics to understand feature usage.
  • Sentry— crash and error reporting so we can fix bugs.
  • Firebase / Google Analytics— aggregate usage analytics.
  • App Sprint— our mobile measurement partner (MMP) for install attribution.

App Sprint (attribution)

As our attribution provider, App Sprint processes device identifiers (the IDFA where you have allowed tracking via App Tracking Transparency, or the Android Advertising ID), your IP address, and install and click events. It uses these to attribute app installs to the marketing campaign that led you to Griply and to detect fraudulent installs. On iOS, no IDFA is shared unless you opt in via the ATT prompt. You can read more in App Sprint’s own privacy policy.

6. How we use your data

We use the data described above to:

  • deliver and maintain the app;
  • manage your subscription;
  • understand how features are used so we can improve them;
  • diagnose crashes and fix bugs;
  • measure which marketing brought new users to Griply;
  • send the notifications you have opted into;
  • respond to your support requests.

Our legal bases are your consent (for optional onboarding details and, on iOS, IDFA-based attribution) and our legitimate interests in running, securing, and improving the app. We do not use your personal data for advertising beyond install attribution, and we never sell your data.

7. Data retention

We keep personal data only as long as we need it:

  • optional onboarding data: deleted within 30 days of your request;
  • analytics and crash data: retained by our processors for between 90 days and 14 months, depending on the provider;
  • purchase and subscription records: kept for 6 years to meet tax and accounting obligations;
  • on-device data: kept until you uninstall the app.

8. Your rights

Under the UK GDPR you have the right to:

  • access the personal data we hold about you;
  • have inaccurate data corrected;
  • have your data erased;
  • restrict or object to our processing;
  • receive your data in a portable format;
  • withdraw consent at any time.

To exercise any of these, email support@getgriply.app. We will respond within 30 days. Because much of our data is tied to an anonymous install identifier, please include yours (found in the app’s settings) so we can locate the right records. You also have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk.

9. International data transfers

Where possible we host data in the EU (Supabase and PostHog). Some processors — such as Sentry, Firebase / Google Analytics, RevenueCat, and App Sprint — may process data outside the UK and EEA. Where they do, transfers are protected by appropriate safeguards such as Standard Contractual Clauses and the providers’ data processing agreements.

10. Children’s privacy

Griply is not intended for children under 13, and we do not knowingly collect data from them. In the UK, users aged 13–15 should have a parent or guardian’s consent before using the app. If you believe a child has provided us with personal data, contact us and we will delete it.

11. Changes to this policy

We may update this policy from time to time. When we do, we will revise the “Last updated” date above and highlight any material changes in the app.

12. Contact

Questions about this policy or your data? Email us at support@getgriply.app.

Griply

Know your grip, to the kilo. The daily grip-strength coach in your pocket.

Product

FeaturesHow it worksFAQ

Company

AboutBlogContact

Legal

PrivacyTerms
© 2026 Griply. All rights reserved.