Legal

Privacy Policy

Last updated: April 2026

Kettle ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you use the Kettle application, website, and related services (the "Service"). By using the Service, you agree to the practices described in this policy.

1. Who We Are

Kettle is the data controller for personal data collected through the Service. If you have any questions about this policy or how we handle your data, contact us at privacy@kettle-fitness.com.

2. Data We Collect

Data you provide directly

  • Account information: name, email address, password (hashed).
  • Profile data: height, weight, fitness goals, and other information you choose to provide.
  • Training data: workouts, exercises, sets, reps, weight, and session notes you log through the Service.
  • Communications: messages or feedback you send to us.

Data collected automatically

  • Usage data: features used, screens visited, session duration, and interaction patterns.
  • Device data: device type, operating system, app version, and unique device identifiers.
  • Log data: IP address, timestamps, crash reports, and diagnostic information.

Data from third parties

  • Firebase Authentication (Google): We use Firebase Auth to manage account creation and sign-in. Firebase processes your email address and authentication tokens on our behalf. See Google's Privacy Policy.
  • OpenAI: We use OpenAI's API to power AI coaching features. Your training data and in-app inputs may be sent to OpenAI for processing to generate responses. Under our API agreement, OpenAI does not use this data to train its models. See OpenAI's Privacy Policy.
  • Gemini (Google): We use Google's Gemini API for AI-powered training insights. Your training data and in-app inputs may be sent to Gemini for processing. See Google's Privacy Policy.

3. How We Use Your Data

We use your personal data to:

  • Provide, operate, and improve the Service.
  • Personalise your experience and generate AI-powered training insights.
  • Track your personal records, volume trends, and readiness scores.
  • Send you important service notifications (e.g. account security, subscription updates).
  • Respond to your support requests and communications.
  • Analyse usage trends to improve our product (using anonymised or aggregated data where possible).
  • Comply with legal obligations.

We do not use your data to serve third-party advertising, and we do not sell your personal data to any third party.

4. Legal Basis for Processing (UK/EEA Users)

Where applicable under UK GDPR or the EU GDPR, we process your data on the following legal bases:

  • Contract: processing necessary to deliver the Service you've signed up for.
  • Legitimate interests: improving the Service, ensuring security, and preventing fraud.
  • Consent: where you have given explicit consent to a specific processing activity (you can withdraw consent at any time).
  • Legal obligation: where we are required to process data by law.

5. Data Sharing

We share your data only in the following circumstances:

  • Firebase Authentication (Google): processes authentication data (email, tokens) to manage your account and sign-in securely.
  • OpenAI: processes training data and inputs to generate AI coaching responses. Data is not used to train OpenAI models under our API agreement.
  • Gemini (Google): processes training data and inputs to generate AI-powered insights. Data is governed by Google's API data processing terms.
  • Cloud infrastructure: your data is hosted on cloud servers. Infrastructure providers have no access to your data beyond what is required to operate the service.
  • Legal requirements: if required by law, court order, or to protect the rights and safety of Kettle or others.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

7. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, access controls, and regular security reviews. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: request a copy of the data we hold about you.
  • Correction: request correction of inaccurate or incomplete data.
  • Deletion: request deletion of your data ("right to be forgotten").
  • Portability: receive your data in a structured, machine-readable format.
  • Restriction: request that we restrict processing of your data in certain circumstances.
  • Objection: object to processing based on legitimate interests.
  • Withdraw consent: where processing is based on consent, withdraw it at any time without affecting prior processing.

To exercise any of these rights, contact us at privacy@kettle-fitness.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority (in the UK: the ICO).

9. Children's Privacy

The Service is not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

10. International Transfers

Your data may be processed in countries outside your own, including the United Kingdom and the United States. Where we transfer data internationally, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses) to protect your data in accordance with applicable law.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via the app or email. The "last updated" date at the top of this page reflects the most recent revision. Continued use of the Service after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

For any privacy-related questions, requests, or concerns, please contact us at:
privacy@kettle-fitness.com

You may also review our Terms & Conditions.