Privacy Policy
Effective date: July 4, 2026 · Last updated: July 4, 2026
Reebound is a fitness and wellness app operated by LimbRise (“we”, “us”). This policy explains what data Reebound collects, why, where it is stored, and the choices you have. We follow Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).
What we collect
- Account data — your name, email address, and authentication credentials (managed by Firebase Authentication; Google or Apple sign-in when you choose them). Used to create and secure your account.
- Profile data — age, biological sex, weight, height, activity level, and fitness goal, which you provide during onboarding. Used to compute your educational training and nutrition targets.
- Health and fitness data (optional, with your explicit permission) — sleep duration and efficiency, heart rate, resting heart rate, heart-rate variability (HRV), and step count, read from Health Connect (Android) or Apple Health (iOS). Used solely to show you recovery and training insights inside the app. You can skip this entirely, and the app still works.
- Activity data you log — workouts, sets and reps, runs (including GPS route, distance, pace, and splits when you start a GPS-tracked run), meals and foods, and photos or barcode scans you submit for food logging.
- Conversation data — messages you send to Ree, the in-app AI mentor.
How we use it
- To provide the app’s core features: training plans, nutrition targets, recovery insights, and run tracking.
- To generate Ree’s responses: your messages and relevant fitness context are processed by our AI provider (Anthropic) through our backend. AI output is educational only — Reebound does not provide medical advice or diagnosis.
- We do not sell your data. We do not use your data for advertising. We show no ads.
Health Connect / Apple Health commitments
- We request read-only access, only for the data types listed above, and only at the point in the app where they are used.
- Health data is used only to provide the app’s fitness and recovery features. It is never shared with third parties, never used for advertising, and never used to make credit, employment, or insurance decisions.
- If you revoke a health permission, we stop reading that data type immediately.
Where your data lives
Your account, profile, activity, and health data are stored in Google Cloud (Firestore and Cloud Storage) in the northamerica-northeast1 (Montreal, Canada) region. Conversation content sent to our AI provider is processed for the duration of generating a response and is governed by our provider’s data-processing terms.
Sharing
We share data only with the service providers required to run the app: Google Cloud / Firebase (hosting, database, authentication) and Anthropic (AI responses). We never share health data with any third party beyond this processing. We may disclose data if required by law.
Retention and deletion
Your data is retained while your account is active. You may request deletion of your account and all associated data at any time by contacting us at the address below; we will complete deletion within 30 days, as PIPEDA provides.
Security
Data is encrypted in transit (HTTPS/TLS) and at rest. Access to production systems is restricted. Authentication sessions are stored in your device’s secure enclave (Android Keystore / iOS Keychain).
Children
Reebound is not directed at children under 13, and we do not knowingly collect their data.
Changes
If this policy changes materially, we will notify you in the app before the change takes effect.
Contact
LimbRise — Privacy
Support: limbrise.team@gmail.com