Privacy Policy
Falcon Forged Ventures LLC (“FitLock,” “we,” “us”) builds a macOS app that seals your screen until you complete a short exercise. Privacy is a feature, not an afterthought: we run no analytics servers, show no ads, and never sell your information.
1. What this policy covers
This policy describes two separate things, because they handle data very differently:
- The website — the marketing site at fitlock.app. It is a static, informational site with no accounts, no sign-up, and no tracking.
- The app — the FitLock macOS application you download from the Apple App Store. It is local-first: your data lives on your Mac and, only if you choose, syncs through your own Apple iCloud account.
Where a section applies to only one of the two, it says so. This policy does not cover Apple’s services (iCloud, the App Store, Sign in with Apple), which are governed by Apple’s Privacy Policy.
2. The short version
- We do not sell or share your personal information.
- We use no third-party advertising or analytics SDKs, and set no tracking cookies.
- The app works fully offline; cloud sync and Sign in with Apple are optional.
- Your exercise activity and profile stay on your device and in your own iCloud — we can’t read your private iCloud data.
- You can delete everything at any time from within the app.
3. The website
The website collects no personal information directly. There are no accounts, contact forms that store data, or analytics or advertising trackers, and we do not set tracking or advertising cookies.
Our hosting provider, Vercel, automatically processes standard server request logs (such as your IP address, the pages requested, timestamps, and your browser’s user-agent) to deliver the site and protect it from abuse. Vercel acts as our service provider and processes this data on our behalf; see the Vercel Privacy Policy. Fonts are self-hosted, so loading the site makes no third-party requests.
Global Privacy Control (GPC): because we do not sell or share personal information and do no cross-context behavioral advertising, there is nothing for a browser opt-out signal to disable — but we honor GPC regardless.
4. The app
Data you provide and create
- Profile (optional): a display name and body metrics — age, height, and weight — used only to tailor your exercise targets. You can leave these blank.
- Activity & stats: which lockdowns you completed, streaks, reps, and your settings (coach, cadence, enabled exercises).
By default all of this is stored only on your Mac. We operate no servers that receive it and collect no usage telemetry.
iCloud sync (optional)
If you enable sync, your settings, profile, and stats are stored in your private Apple iCloud (via Apple’s CloudKit and iCloud key-value storage) so they follow you across your devices. This data resides in your personal Apple account; FitLock cannot read the contents of your private iCloud database. Apple processes it under Apple’s privacy policy.
Sign in with Apple (optional)
If you sign in, we store an Apple-provided user identifier (and the name and relay email address you choose to share) to associate your synced data with you. You can use Apple’s Hide My Email so we never see your real address. Sign-in is not required to use the app.
FitLock Pro purchases
If you buy FitLock Pro, the purchase is processed entirely by the Apple App Store. We receive your transaction/entitlement status so we can unlock and restore features — we never receive your card number or payment details.
Microphone & camera — detection only
To avoid sealing your screen mid-meeting, the app checks whether your microphone or camera is in use. It reads only the in-use state from macOS — it does not access, record, or transmit any audio or video, ever.
5. Categories of personal information (last 12 months)
Using the categories defined by the California Consumer Privacy Act (CCPA/CPRA), here is what FitLock collects across the website and app:
| Category | Collected | Source | Purpose |
|---|---|---|---|
| Identifiers (name; Sign in with Apple identifier; IP address on the website) | Yes — limited | You; your device or browser | Provide the app and optional account/sync; operate and secure the website |
| Customer records — physical characteristics (age, height, weight) | Yes — in-app, optional | You | Tailor exercise targets to you |
| Commercial information (FitLock Pro purchase / transaction status) | Yes | Apple App Store | Provide and restore your purchase |
| Internet/network activity (website request logs, browser & device info) | Yes — website only | Your browser | Security, abuse prevention, and basic site operations |
| Health & fitness information (your activity log, streaks, body metrics) | Yes — in-app | You / your use of the app | Run lockdowns, set targets, and show your stats |
| Precise geolocation; audio or visual content; biometric data; inferences | No | — | We do not collect these |
Sensitive personal information. Your body metrics, health/fitness activity, and Sign in with Apple identifier may be considered “sensitive” under California law. We use them only to provide the app you asked for — never to infer characteristics about you, and never for advertising. Because we limit our use to these permitted purposes, no separate “Limit the Use of My Sensitive Personal Information” request is required, but you can delete this data at any time.
6. How we use information
- To provide, maintain, and improve the app and website.
- To tailor exercise targets and show you your stats and streaks.
- To sync your data across your devices (only if you enable it).
- To process and restore purchases through Apple.
- To keep the service secure and prevent abuse.
- To comply with legal obligations.
7. How we share information
We do not sell your personal information, and we do not share it for cross-context behavioral advertising — and we have not done so in the preceding 12 months. We disclose information only to service providers who process it on our behalf, for the limited purposes above:
- Apple — iCloud/CloudKit (sync), Sign in with Apple (optional account), and the App Store (purchases).
- Vercel — website hosting and request logs.
- Legal & safety — if required by law, or to protect rights, safety, and the integrity of our service.
8. Your California privacy rights (CCPA/CPRA)
If you are a California resident, you have the right to:
- Know / access the personal information we have collected about you.
- Delete personal information we hold about you.
- Correct inaccurate personal information.
- Opt out of the sale or sharing of personal information — though we do neither.
- Limit the use of sensitive personal information — we already limit it to providing the service.
- Non-discrimination for exercising any of these rights.
Exercising your rights. Most data lives on your device or in your own iCloud, so the fastest way to access, correct, or delete it is directly in the app (edit your profile, or use Reset Stats) and through your Apple ID and iCloud settings. For any request involving information we hold, email us at support@falconforged.com. We will verify your request by the email or Apple identifier associated with your data and respond within the timelines required by law. You may use an authorized agent, with proof of authorization.
“Shine the Light” (Cal. Civ. Code § 1798.83). We do not disclose personal information to third parties for their own direct marketing purposes.
9. Data retention
We keep personal information only as long as needed for the purposes above. Your on-device and iCloud data persists until you delete it (in the app, or by removing the app and its iCloud data). Website server logs are retained for a short period by our host for security and operations. Purchase records are retained by Apple per their policies and as required for tax and accounting.
10. Security
The app stores data within macOS’s protected storage and your account credentials in the system Keychain; cloud sync uses Apple’s encrypted iCloud infrastructure; and the website is served over HTTPS. No method of storage or transmission is perfectly secure, but we design to keep data on your devices and in your control.
11. Children’s privacy
FitLock is not directed to children under 13, and the app asks that profile age be 13 or older. We do not knowingly collect personal information from children under 13. We do not sell or share the personal information of consumers under 16. If you believe a child has provided us information, contact us and we will delete it.
12. Changes to this policy
We may update this policy as the product evolves or the law changes. We will revise the “Last updated” date above and, for material changes, provide more prominent notice. Continued use after an update means you accept the revised policy.
13. Contact us
Questions or privacy requests? Email support@falconforged.com. Falcon Forged Ventures LLC is the business responsible for the personal information described in this policy.