LIFTSTACK LLC (“LiftStack”, “we”, “our”, or “us”) respects your privacy and is committed to protecting it. This Privacy Policy describes how we collect, use, and share your personal information when you use our web application and subscription services (collectively, the "Service").
By accessing or using LiftStack, you agree to this Privacy Policy. If you do not agree with our policies and practices, your choice is not to use our Service.
1. Information We Collect
We collect information directly from you, automatically as you navigate the Service, and from our third-party partners.
A. Information You Provide to Us
Account Identity: When you register, we collect your name, email address, profile picture, and Google User ID via our authentication partner (Google OAuth). We do not access your contacts, calendar, or other Google data.
Subscription Data: We collect your billing zip code and subscription status. Note: LiftStack does not store or process your full credit card number. All payment processing is handled directly by Stripe, our payment processor.
User Content & Health Data: We collect the specific data you input into the application to use our features, such as your fitness goals, workout logs, dietary preferences, bookmarks, and ratings.
Communications: The content of any support requests or emails you send to us.
B. Information Collected Automatically
Usage Data: Details of your visits to LiftStack, including search queries (processed by Typesense), pages visited, features used, and time spent on the application.
Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, operating system, and platform. This data is logged by our hosting providers (Vercel and Supabase) for security and performance monitoring.
2. How We Use Your Information
We use the information we collect for the following purposes:
Service Provision: To authenticate your identity, host your data, and provide the fitness tracking and search functionalities you subscribed to.
Transaction Processing: To verify your subscription status and manage billing cycles via Stripe.
Customer Support & Internal Administration: Our authorized staff may access your account information via internal administrative tools (Retool) solely to resolve support tickets, debug technical issues, or manage account access.
Product Improvement: To analyze how users interact with our search and database features to improve the speed and relevance of LiftStack.
Communication: To send you administrative emails (e.g., password resets, subscription confirmations) and, if you have opted in, product updates.
3. Our Third-Party Service Providers
LiftStack relies on a modern technology stack to provide our Service. We may share your data with the following trusted third-party providers, who are authorized to use your information only as necessary to provide these services to us:
Provider | Service Purpose | Data Accessed or Processed |
User Authentication (OAuth) | Identity (Name, Email, Google User ID) | |
Stripe | Payments & Fraud Prevention | Financial Data (Card Details, Billing Address) |
Supabase | Database & Backend Hosting | All User Content, Preferences, & Account Records |
Vercel | Application Hosting | Technical Data (IP Addresses, Request Logs) |
Typesense | Search Functionality | Search Queries & Indexed Content |
Retool | Internal Admin Tooling | User Records (Viewable by authorized staff only) |
We do not sell your personal information to advertisers or third parties.
4. Cookies and Tracking Technologies
What Are Cookies?
Cookies are small text files placed on your device to store data that can be recalled by a web server. We use cookies and similar technologies (such as local storage) to keep you logged in, remember your preferences, and ensure our payment systems are secure.
Our Cookie Usage:
Category | Purpose |
Strictly Necessary & Security | These cookies are required to authenticate your identity, maintain your session, and detect fraudulent payment activity. Without these, you cannot log in or subscribe. Provided by Supabase, Google, and Stripe. |
Functionality | These allow LiftStack to remember choices you make (such as search filters or dashboard layout). |
Performance | These help us route traffic efficiently and ensure the site loads quickly (provided by Vercel). |
Managing Preferences:
You can modify your browser settings to decline cookies. However, please note that blocking cookies from Stripe or Google will prevent you from logging in or purchasing a subscription on LiftStack.
5. Legal Basis for Processing (EEA/UK Users)
If you are located in the European Economic Area (EEA) or the United Kingdom (UK), our legal basis for collecting and using your personal information depends on the specific context:
Performance of a Contract: We process your Account Identity, Financial Data, and User Content to provide the LiftStack subscription service you purchased.
Legitimate Interests: We process Technical Data and Usage Data to secure our platform (Vercel/Stripe) and improve our search algorithms (Typesense).
Consent: We rely on your explicit consent when you connect your Google Account or when you voluntarily input sensitive health data (e.g., diet/fitness goals). You may withdraw this consent at any time by deleting your account.
International Transfers:
LiftStack is based in the United States. Your data is stored on servers located in the U.S. (hosted by Supabase and Vercel). By using our Service, you acknowledge that your information will be transferred to, processed, and stored in the United States.
6. Data Retention
We retain your personal information only as long as your subscription is active or as needed to provide the Service.
Account Deletion: If you request account deletion, we will permanently delete your data from our primary database (Supabase) and search index (Typesense) within 30 days.
Backups: Deleted data may persist in secure, encrypted backups for a short period (typically up to 90 days) before being overwritten.
Financial Records: Stripe may retain transaction history for legal and accounting purposes for up to 7 years.
7. Your Rights
Depending on your location, you may have the following rights regarding your data:
Access: Request a copy of the personal information we hold about you.
Correction: Request that we fix incorrect or incomplete data.
Deletion: Request that we delete your account and associated data ("Right to be Forgotten").
Portability: Request a structured copy of your data (e.g., your workout logs).
To exercise any of these rights, please email us at support@liftstack.com.
8. Children's Privacy (18+ Requirement)
LiftStack is a service intended solely for users who are 18 years of age or older.
We do not knowingly collect, use, or disclose personal information from anyone under the age of 18. You are not permitted to create an account or use our Services if you are under 18.
If you are a parent or guardian and believe a child under your care has created an account, please contact us at support@liftstack.com. Upon verification, we will immediately delete the account and all associated health and fitness records.
9. Security
We implement industry-standard technical and organizational measures to protect your data, including encryption in transit (HTTPS) and at rest (via Supabase). However, no method of transmission over the Internet is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our technology stack or legal requirements. If we make significant changes, we will notify you by email or via a prominent notice within the application.
11. Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us at:
LIFTSTACK LLC
Email: support@liftstack.com