Start StrongBack

Legal

Privacy Policy

Effective April 29, 2026

Welcome to Start Strong. We value your privacy and want you to understand how we collect, store, use, and share your personal information. This Privacy Policy explains our data practices, your rights regarding your personal information, and how to contact us with questions or concerns. By using our website at https://www.letsstartstrong.com (the “Site”) and our mobile application (the “App,” together with the Site, the “Services”), you agree to this policy. Please read it carefully.

About Us

Start Strong is operated by its founders, Mira and Monica, twin-sister fitness professionals who created Start Strong to provide structured workouts, nutrition guidance, community, and access to one-on-one consultations. Start Strong is not yet incorporated as a separate legal entity; the Services are operated by the founders directly.

We are committed to handling your personal information in compliance with applicable data protection laws, including the EU and UK General Data Protection Regulations (where applicable), the California Consumer Privacy Act and California Privacy Rights Act (“CCPA/CPRA”), and Apple’s App Store privacy requirements.

Our Site and App

This Privacy Policy applies to your use of the Site and the App. Both may contain links to third-party websites, plug-ins, or services. We do not control these third parties and are not responsible for their privacy practices. We encourage you to review their privacy policies before sharing information with them.

Information We Collect

The personal information we collect depends on how you interact with the Services. Categories include:

  • Identity Data: first name, last name, username, date of birth, gender, profile photograph.
  • Contact Data: email address and, where you choose to provide them, phone number and mailing address.
  • Account & Profile Data: account credentials, preferences, in-app activity (saved workouts, journaled check-ins, community posts and comments), goals, accountability-partner connections, feedback, and survey responses.
  • Usage Data: information about how you use the Services, including features accessed, time spent in-app, screens viewed, and crash diagnostics.
  • Technical Data: IP address, device identifiers, device model, operating system and version, browser type, time-zone setting, and language preferences.
  • Marketing & Communications Data: your preferences for receiving communications from us, including launch updates and product news.
  • Aggregated Data: statistical or demographic data derived from the above. Aggregated Data does not directly identify you. If we ever combine it with personal information so that you can be identified, we treat the combined data as personal information under this policy.

Health, Wellness, and Sensitive Data

Start Strong provides general fitness and nutrition education. Some features involve information that may be considered special category or sensitive personal data under applicable laws (such as data concerning health). We collect this only when you opt in.

What we may collect (only if you choose to provide it or enable the feature)

  • Height, weight, age, and basic fitness goals you enter into your profile.
  • Activity, workout completion, and self-reported wellness check-ins logged in the Journal tab.
  • Optional Type 1 Diabetes (T1D) data, including readings from connected devices (e.g., Dexcom continuous glucose monitor and Omnipod insulin pump) and dietary information used to display rough carbohydrate and insulin-estimate guidance inside the Recipe detail screen.
  • Optional Apple Health data you choose to share with the App (e.g., active minutes, workout history, heart rate).

Why we collect it

  • To personalize the workouts, recipes, and meal plans you see.
  • To display the data you have asked us to display (for example, your own glucose trend or workout history).
  • To allow you to track your own progress and check-ins over time.

How we use it

  • We use health-related data solely to provide features you have enabled.
  • We do not use your health data for advertising, profiling, or training third-party AI models.
  • We do not sell your health data and will never share it with marketers or advertisers.

Insulin and dosing disclaimer

Where the App displays a rough insulin estimate based on a recipe’s carbohydrate content (using a generic 1u : 10g ratio), this is for educational reference only. It is not a dose recommendation and is not a substitute for advice from your endocrinologist or care team. Start Strong is not a medical device.

Legal basis (where GDPR/UK GDPR applies)

We process health-related data only on the basis of your explicit consent under Article 9(2)(a) of the GDPR / UK GDPR. You give this consent by enabling the relevant feature (for example, by toggling on insulin estimates in Nutrition Preferences, or connecting Dexcom or Apple Health). You may withdraw consent at any time by disabling the feature in-app or by emailing us at startstrong@letsstartstrong.com. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal, and acceptance of this Privacy Policy alone does not constitute explicit consent to processing of health data.

Storage and deletion

Health and wellness data is stored on encrypted servers operated by our cloud hosting provider. You may delete this data at any time, independently of your account, from the relevant settings screen in the App. On account deletion, your health data is permanently removed within 30 days.

Children

Start Strong is not directed to children. The App is intended for users 17 years of age or older, consistent with our App Store age rating. We do not knowingly collect personal information from anyone under that age. If you believe a child has provided us with personal information, please contact us so we can delete it.

Legal Bases for Processing

Where applicable data protection law requires a legal basis, we rely on the following:

  • Consent — when you have explicitly given us permission for a specific purpose (for example, marketing emails or processing of health data).
  • Contract — when we need to process your information to provide the Services or a feature you have requested (for example, pre-ordering the App or booking a one-on-one consultation).
  • Legal obligation — when processing is necessary to comply with the law.
  • Legitimate interests — when there is a business reason to use your information that does not override your rights (for example, securing the App against fraud or abuse, or improving our services).
  • Explicit consent for special category data — when processing health-related information, as described above.

How We Use Your Information

We use the information we collect to:

  • Create and manage your account; provide the Site, App, and the consultation booking experience (legal basis: contract; legitimate interests).
  • Personalize content and provide the features you enable (including device integrations, insulin estimates, Apple Health, journal and check-ins) (legal basis: contract; explicit consent for health data).
  • Enable community features such as posts, comments, and accountability partners (legal basis: contract; legitimate interests).
  • Facilitate one-on-one consultations with the founders (legal basis: contract; legitimate interests).
  • Improve the Services, including troubleshooting, analytics, testing, and quality control (legal basis: legitimate interests).
  • Prevent fraud, abuse, and misuse of the platform (legal basis: legitimate interests; legal obligation).
  • Send you transactional, service-related, and (with your consent) marketing communications (legal basis: contract; consent).
  • Comply with legal, tax, and regulatory obligations (legal basis: legal obligation).

Marketing

We may use your contact information to send you launch updates, news about Start Strong, and promotional content (for example, when the App goes live, or when Mira and Monica open new consultation slots).

You can opt out of marketing communications at any time by clicking “unsubscribe” in any marketing email or by contacting us at startstrong@letsstartstrong.com. Opting out of marketing does not affect transactional or service-related messages (such as account, security, or legal notices).

We will never sell or rent your personal information to other organizations for their marketing purposes.

Who We Share Your Information With

We share personal information with the following categories of recipients, only as necessary for the purposes described in this policy:

  • Service providers that help us operate the Services — including cloud hosting, email delivery, analytics, error monitoring, and customer support tools.
  • Third-party platforms you connect to your account, such as Apple Health, Dexcom, or Omnipod — only the data you have explicitly authorized.
  • Booking and scheduling providers used to facilitate one-on-one consultations with the founders.
  • Apple’s App Store for App distribution, in accordance with Apple’s data handling policies.
  • Professional advisors such as auditors, lawyers, and accountants when required.
  • Law enforcement, regulators, and other authorities, where required by applicable law or legal process.
  • A successor entity in the event of a merger, acquisition, or sale of all or part of our business — under appropriate confidentiality obligations.

We require all service providers to protect your personal information in line with this policy and applicable law, and to use it only to provide services to us.

We Do Not Sell Your Personal Information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA.

Data Storage, Retention, and International Transfers

We store personal information on servers operated by our cloud hosting providers, which may be located in the United States, the United Kingdom, the European Economic Area, or other regions. Where personal information is transferred outside your country of residence, we rely on appropriate safeguards — such as adequacy decisions, Standard Contractual Clauses, or other lawful transfer mechanisms.

We retain your personal information for as long as your account is active or as needed to provide the Services. After that, we retain information only as long as necessary to:

  • Resolve disputes, complaints, or claims;
  • Demonstrate that we have treated you fairly;
  • Comply with legal, tax, or regulatory obligations.

Pre-launch contact information (for example, an email you provide because you contacted us, or because you booked a consultation) is retained until the App launches and you have had a reasonable opportunity to register, or until you ask us to delete it — whichever comes first. Analytics data is typically retained for up to 26 months.

Account Deletion

You may delete your Start Strong account at any time, directly from the App’s settings screen (Settings → Account → Delete Account), or by emailing startstrong@letsstartstrong.com from the address associated with your account.

When you delete your account, we permanently remove your profile, health and wellness data, journal entries, and community contributions within 30 days, except where we are required to retain limited information to comply with legal obligations, resolve disputes, or enforce our agreements. Backups containing residual data are overwritten on our normal backup-rotation schedule.

Security

We have implemented reasonable technical and organizational measures designed to protect personal information against unauthorized access, loss, alteration, or disclosure. These include encryption in transit, access controls, and confidentiality obligations on personnel and service providers. However, no method of transmission or storage over the internet is 100% secure, and we cannot guarantee absolute security.

If we become aware of a data security breach affecting your information, we will notify you and, where required, the relevant regulator, in accordance with applicable law.

Your Rights

Depending on where you live, you may have the following rights with respect to your personal information:

  • Access — request a copy of the personal information we hold about you.
  • Rectification — ask us to correct inaccurate or incomplete information.
  • Erasure (“right to be forgotten”) — request deletion of your personal information in certain circumstances.
  • Restriction of processing — request that we limit how we process your information.
  • Data portability — request a copy of your information in a structured, commonly used, machine-readable format.
  • Object to processing — including processing based on legitimate interests and direct marketing.
  • Withdraw consent — where we rely on consent, withdraw it at any time. This is especially relevant for health data.
  • Not be subject to automated decisions — including profiling, that produce legal or similarly significant effects.

To exercise any of these rights, email us at startstrong@letsstartstrong.com. We may need to verify your identity before responding.

California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the right to:

  • Know what categories of personal information we collect, the sources, the purposes, and the categories of third parties we share it with;
  • Request deletion of your personal information;
  • Request correction of inaccurate personal information;
  • Opt out of the sale or sharing of your personal information — Start Strong does not sell or share personal information as those terms are defined under the CCPA/CPRA;
  • Limit the use of sensitive personal information — we use sensitive personal information (including health-related data) only to provide the features you have requested;
  • Be free from retaliation for exercising any of these rights.

To exercise these rights, email startstrong@letsstartstrong.com.

How to Complain

If you have concerns about how we handle your personal information, please contact us first — we will do our best to resolve them. You also have the right to lodge a complaint with a supervisory authority:

  • In the UK: Information Commissioner’s Office (ICO) — ico.org.uk/concerns.
  • In the EU/EEA: the data protection authority of the country where you live or work.
  • In California: the California Attorney General — oag.ca.gov/contact.

Cookies

The Site uses cookies and similar technologies (pixels, local storage, mobile SDK identifiers) to recognize you, remember your preferences, understand how the Site is used, and improve our service. Most browsers allow you to control cookies through their settings. Disabling cookies may affect Site functionality. We do not currently use cookies for advertising on the Site.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Effective” date at the top and, where appropriate, notify you by email or in-App. Your continued use of the Services after the update means you accept the revised policy.

How to Contact Us

For privacy questions, requests, or complaints, email startstrong@letsstartstrong.com.