Privacy Policy
ROCX (the "App") respects your privacy and aims to limit collection and processing of information to what is necessary. This Privacy Policy explains how information is handled in the App.
For U.S. consumer health data disclosures, please also see the Consumer Health Data Privacy Policy.
Summary: The App uses information you enter or permit in order to provide app features, improve quality, provide support, and prevent abuse. We do not use advertising identifiers for tracking, and we do not share user data for third-party advertising.
1. Information We Collect and How We Use It
1.1 Information You Enter or Create
The App uses information that you enter, create, or select to provide features such as recording, display, storage, sync, sharing, and support.
- Training records, routines, goals, notes, body metrics, progress notes, and related records
- Content, settings, and display information created or saved in the App
- Progress photos, screenshots, and other image media that you select or capture
- Audio, transcripts, and analysis results when you use voice input
- Data you select for sharing, import, or export
1.2 Device and Apple Service Information
If you grant permission or enable a feature, the App may use Apple-provided services such as HealthKit, iCloud/CloudKit, notifications, speech recognition, photos, camera, and billing. This information is used only as necessary to provide the features you choose to use.
- HealthKit: reading or writing health information that you permit, such as weight, body fat percentage, sleep, heart rate, HRV, and workouts
- iCloud/CloudKit: syncing training records, settings, metadata, and related data depending on your settings
- Photos and Camera: progress photos, screenshot import, and share image creation
- Speech Recognition and Microphone: voice workout logging, transcription, and input assistance
- Billing: App Store purchase status, subscription status, and feature entitlement checks
HealthKit data is not used for advertising, marketing, or third-party advertising purposes.
1.3 Information Processed by External Services
For some features, and based on your actions, the App may send information needed to provide the feature to external services. This may include input content, audio, images, usage information, and technical information about the device or app.
- Running features, sync, backup, analysis, generation, conversion, import, and export
- Quality improvement, troubleshooting, abuse prevention, and understanding feature usage
- Responding to inquiries, billing, and support
The main processing providers may include:
- Cloudflare Workers: API relay, App Attest verification, rate limiting, usage management, and request processing
- OpenAI and similar LLM processing services: analysis after speech transcription, interpretation of training records, insight generation, image and screenshot import assistance, calorie estimation, and similar features
- YouTube-related APIs: exercise video search based on your actions
- In-app analytics systems: event names, feature usage, error states, billing status, and technical device/app information for product improvement, troubleshooting, and abuse prevention
We aim to limit the information sent to external services to what is necessary for each feature. The system is designed so that ordinary operational logs do not store sensitive content such as raw audio, full transcripts, full LLM responses, image contents, or HTTP bodies.
1.4 Information We Do Not Collect or Use
The App does not collect or use:
- Advertising identifiers (IDFA) or tracking identifiers
- Tracking for third-party advertising networks
- User data sharing for third-party advertising purposes
- Sale or sharing of data to data brokers
2. Disclosure to Third Parties
2.1 Service Providers
We may entrust information processing to third-party service providers as necessary for feature delivery, operations, maintenance, security, and legal compliance. These providers handle information according to their own privacy policies and contractual terms.
Service providers may include Apple, Cloudflare, OpenAI, YouTube/Google, and services related to in-app analytics, troubleshooting, and billing management.
2.2 Legal Disclosure
We may disclose the minimum necessary information when required by a court order, a formal request from investigative authorities, or applicable law, regardless of the other provisions of this Privacy Policy.
3. Data Retention
- Information stored on your device is retained until you delete it.
- Information stored in iCloud or similar services is managed according to your settings and the specifications of each service.
- Information and logs processed by external services may be retained for the period necessary for feature delivery, maintenance, security, and legal compliance.
4. Your Rights and Choices
- You can delete optional records in the App at any time.
- You can change or revoke iCloud sync and other permissions in the App settings or iOS settings.
- If you want to request access, correction, deletion, suspension of use, or similar handling of your data, please contact us using the contact information in Section 9.
5. Regional Privacy Rights
Depending on where you live, privacy laws may give you additional rights regarding your personal information. These may include the right to request access, correction, deletion, restriction or suspension of use, portability, withdrawal of consent, objection to certain processing, or information about how your data has been used or disclosed.
Residents of the United States, Canada, the United Kingdom, Australia, Singapore, the Philippines, and Japan may contact us using the information in Section 9 to make a privacy request. We will respond in accordance with applicable law. We do not sell personal information, share personal information with data brokers, or use personal information for third-party targeted advertising.
6. Children's Privacy
The App is not primarily directed to children under 13 years old (or the applicable age threshold under COPPA in the United States or GDPR-related laws in the EU). We do not knowingly collect personal information from children under 13.
7. International Data Transfers
When external services or cloud features are used, data may be processed in countries or regions outside Japan. The data protection laws of those locations may differ from those in Japan.
8. Changes to This Policy
We may revise this Privacy Policy as necessary. If we make material changes, we will provide notice in the App or on the support site at https://rocxapp.com/.
9. Contact
- Operator
- ABEYA, LIMITED LIABILITY COMPANY (Godo Kaisha Abeya)
- [email protected]
- Support URL
- https://rocxapp.com/contact.html
- Address
- 2-20-13 Todoroki, Setagaya-ku, Tokyo, Japan
End