Privacy Policy
Last Updated: November 12, 2025
Welcome to Gridmaster ("we," "us," or "our"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application.
1. Information We Collect
We may collect information about you in a variety of ways. The information we may collect includes:
Personal Data
When you register for an account, we collect personal information such as your display name, email address, and timezone. This information is necessary to create and manage your account.
Third-Party Data from WHOOP
If you choose to connect your WHOOP account, we access and store your health and fitness data via the WHOOP API. This includes, but is not limited to, your workout activities (strain, duration, sport), sleep cycles (duration, stages, performance), and recovery metrics (HRV, resting heart rate). This data is used to automatically track your progress on goals within the application.
Third-Party Data from Google (Gmail)
If you connect your Gmail account, we use it for the specific purpose of accessing and processing "WHOOP Export" emails. This allows us to import your WHOOP Journal data, which is not available through the WHOOP API. We only access emails matching this specific criteria and do not access or store any other emails.
Billing Data
When you subscribe to a paid plan, we use Stripe as our third-party payment processor. We do not store your credit card details. We do store your Stripe Customer ID and subscription status (e.g., 'active', 'trialing') to manage your account access.
User-Generated Content
We collect the data you create within the application, such as the names of your grids, the titles and targets of your goals, and any reward images you upload. Uploaded images are stored securely via Supabase Storage.
2. How We Use Your Information
Having accurate information permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you to:
Create and manage your account.
Provide the core functionality of the Gridmaster application, including tracking progress on your goals.
Automatically update your goal progress by syncing data from your connected WHOOP account.
Process payments and manage your subscription through Stripe.
Enable collaboration features within Teams.
Display historical data and analytics within your personal dashboard.
3. Disclosure of Your Information
We do not sell your personal information. We may share information we have collected about you in certain situations:
With Service Providers
We share information with third-party vendors that perform services for us or on our behalf, including Supabase (for database and authentication), Stripe (for payment processing), and Google and WHOOP (for data integration at your request).
With Other Users
If you join a Team or a shared Grid, other members of that Team or Grid will be able to see your progress on shared goals and certain profile information like your display name.
By Law or to Protect Rights
We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend our rights or property, or protect the personal safety of users or the public.
4. Security of Your Information
We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.
5. Your Rights and Choices
You have certain rights regarding your personal data. You can:
Access and Update
You can review and change your profile information at any time by logging into your account settings.
Disconnect Services
You can disconnect your WHOOP or Gmail account at any time from the settings page. Doing so will stop any future data synchronization from that service.
Account Deletion
You may delete your account at any time from the settings page. This action will permanently delete all your personal data, including your account, grids, and synced health data from our systems.