Privacy Policy
1. Introduction
Welcome to PushClock ("we," "our," or "us"). PushClock is a fitness-alarm application that combines push-up detection with alarm clock functionality, and includes optional community features such as a global leaderboard. We are committed to protecting your personal information and your right to privacy.
This Privacy Policy explains what information we collect, how we use it, what we share with third parties (including advertising, attribution, and backend service partners), and what rights you have in relation to it. Please read it carefully. If you disagree with its terms, please discontinue use of the app.
2. Information We Collect
2.1 Information You Provide Directly
- Account Information: If you choose to use the leaderboard, we authenticate you using Sign in with Apple. Apple provides us with an opaque user identifier and, at your option, your name and an email address (which may be a privacy relay address that hides your real email). We store this authentication record through our backend provider, Supabase. PushClock does not use passwords.
- Leaderboard Profile: A display name (1–20 characters, letters, numbers, or underscores) and an optional avatar photo that you select from your device's photo library. Both are displayed publicly to other signed-in users on the leaderboard.
- Alarm Preferences: Alarm times, snooze settings, push-up goals, and other configuration data you set within the app. Alarm preferences are stored on your device and are not uploaded to our servers.
- Fitness Goals: Push-up targets or custom workout goals you configure per alarm.
- Moderation Reports: If you report another user, we collect the reason category you select (such as inappropriate name, inappropriate photo, impersonation, or spam/abuse) and an optional free-text note you choose to include.
2.2 Information Collected Automatically
- Camera Data: PushClock uses your device camera solely for real-time pose detection and push-up counting. We do not record, store, transmit, or share any video or images captured by your camera. All camera processing occurs entirely on-device.
- Leaderboard Activity: If you participate in the leaderboard, we sync aggregate push-up metrics from your device to our servers: your lifetime total push-ups, weekly push-ups, monthly push-ups, and current daily streak. These values are displayed publicly alongside your display name and avatar.
- Usage Data: App open/close events, feature interactions, alarm completion rates, leaderboard views, and session duration — collected to improve app performance.
- Device Information: Device model, operating system version, unique device identifiers, and crash logs.
- Motion & Fitness Data: Accelerometer or sensor data used to support activity detection, where applicable.
- Advertising Identifiers (IDFA/GAID): We may collect your device's advertising identifier (Apple IDFA or Google Advertising ID) for attribution and advertising measurement purposes. You can reset or limit use of this identifier through your device's settings (iOS: Settings > Privacy & Security > Tracking; Android: Settings > Google > Ads).
2.3 Information We Do Not Collect
- We do not collect biometric identifiers beyond what is necessary for on-device pose detection.
- We do not store video footage or images from your camera.
- We do not collect precise location data.
- We do not collect financial or payment information directly (payments are processed by the relevant app store platform).
- We do not sync your alarm times, goal wake-up time, or individual wake-up timestamps to our servers. Only the aggregate leaderboard metrics listed in Section 2.2 are uploaded when you participate in the leaderboard.
3. How We Use Your Information
We use the information we collect to:
- Operate the app — deliver alarm functionality, track push-up completion, and apply your preferences.
- Operate the leaderboard — authenticate your account, publish your display name, avatar, and aggregate push-up metrics to other signed-in users, and rank users by weekly, monthly, and all-time totals.
- Moderate the community — review user reports and take action against accounts that violate our Terms of Service.
- Improve the product — analyze usage patterns to fix bugs, optimize performance, and develop new features.
- Communicate with you — send service-related notifications, updates, and support responses.
- Ensure security — detect, investigate, and prevent fraudulent or unauthorized activity.
- Advertising measurement & attribution — attribute app installs and in-app events to advertising campaigns, and measure the effectiveness of our advertising on platforms such as Meta (Facebook/Instagram) and TikTok, using our mobile measurement partner AppsFlyer.
- Comply with legal obligations — fulfill applicable legal, regulatory, or contractual requirements.
We do not sell your personal information to third parties for their own marketing purposes.
4. Camera and Pose Detection
PushClock requires access to your device camera to perform real-time pose detection and count push-up repetitions. Please understand:
- On-device processing only: All pose detection and push-up counting is performed locally on your device using on-device machine learning models.
- No transmission: Camera feed data is never transmitted to our servers or any third party.
- No storage: No video, image, or frame is saved to your device or our systems as a result of pose detection.
- Permission is required: The app will request camera permission before this feature activates. You may revoke camera access at any time through your device settings, though this will disable push-up detection functionality.
5. Leaderboard, Public Profile & Community Features
Use of the PushClock leaderboard is optional. You can use the alarm and push-up features without signing in. If you do sign in and set a display name, the following information is publicly visible to every other signed-in user of the app:
- Your display name
- Your avatar photo, if you upload one
- Your lifetime, weekly, and monthly push-up totals
- Your current daily streak
Sign in with Apple. We authenticate leaderboard accounts using Sign in with Apple. Apple issues us an opaque user identifier and, at your option, your name and email address (which may be Apple's privacy relay address). We handle authentication through our backend provider, Supabase.
Avatar upload and storage. When you choose an avatar, the image is resized on your device to a 512×512 JPEG and uploaded to cloud file storage operated by Supabase. Avatar files are served from publicly accessible URLs; while these URLs are not published or indexed outside the app, they are not access-controlled and anyone who possesses a URL can view the image.
Photo library access. The avatar chooser uses Apple's system photo picker. This lets you share a single selected photo with PushClock without granting access to your entire photo library.
Reporting other users. You can report another user's display name or avatar. Reports are stored on our servers and are associated with your account so that we can review them and prevent abuse of the reporting system. You can block another user to hide their entry from your own leaderboard view; blocks are stored locally on your device and do not remove the user from the leaderboard for anyone else.
Deleting your leaderboard account. You can permanently delete your leaderboard account at any time from Settings → Delete Leaderboard Account. This removes your display name, avatar photo, aggregate push-up stats, and authentication record from our servers. Your local app data (alarms, preferences, local push-up history) is not affected. See Section 7 for information about moderation reports you may have submitted.
6. Sharing Your Information
We do not sell your personal information. We may share your information only in the following limited circumstances:
- Service Providers: Trusted third-party vendors who assist us in operating the app, including Supabase (authentication, database, and file storage for the leaderboard feature), cloud hosting providers, analytics, and crash reporting. These vendors are bound by confidentiality obligations and prohibited from using your data for their own purposes.
- Other Leaderboard Users: Any information described in Section 5 as "publicly visible" (display name, avatar, aggregate push-up totals, streak) is shown to other signed-in users of PushClock as an inherent part of the leaderboard feature.
- Advertising & Attribution Partners: We share certain pseudonymous data (such as device advertising identifiers, in-app events, and conversion signals) with our mobile measurement partner AppsFlyer and with advertising platforms including Meta (Facebook/Instagram) and TikTok. This data is used to attribute app installs to advertising campaigns and to measure and optimize advertising performance. California residents may opt out of this sharing (see Section 13). AppsFlyer processes data in accordance with its Privacy Policy. Meta and TikTok process data in accordance with their respective privacy policies.
- Legal Requirements: When required by law, subpoena, court order, or to protect the rights, property, or safety of PushClock, our users, or the public.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.
- With Your Consent: In any other circumstances with your explicit prior consent.
7. Data Retention
We retain your personal information for as long as your account is active or as needed to provide you services. You may request deletion of your account and associated data at any time (see Section 10). We may retain certain information as required by law or for legitimate business purposes such as fraud prevention, even after account deletion.
Leaderboard data. Your display name, avatar, and aggregate push-up stats are retained while your leaderboard account is active and are removed from our servers when you delete your leaderboard account from within the app. Moderation reports you submit about other users may be retained separately for a reasonable period to support abuse prevention and repeat-offender detection, even after your own account is deleted.
Automatically collected usage and crash data is retained for a maximum of 24 months before being deleted or anonymized. Attribution data processed through AppsFlyer is subject to AppsFlyer's own retention policies.
8. Data Security
We implement industry-standard technical and organizational security measures to protect your information, including:
- Encryption of data in transit (TLS/HTTPS)
- Encryption of data at rest
- Access controls limiting employee access to personal data
- Regular security reviews and vulnerability assessments
No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
9. Children's Privacy
PushClock is not directed to children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children under these ages, and the leaderboard and related community features are not intended for children. If you believe we have inadvertently collected such information, please contact us immediately at andy.okamoto@icloud.com and we will take prompt steps to delete it.
10. Your Rights and Choices
Depending on your location, you may have the following rights regarding your personal information:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you. |
| Correction | Request correction of inaccurate or incomplete data. |
| Deletion | Request deletion of your personal data ("right to be forgotten"). |
| Portability | Request your data in a structured, machine-readable format. |
| Objection | Object to certain types of processing, including analytics. |
| Withdraw Consent | Withdraw consent at any time where processing is consent-based. |
To exercise any of these rights, contact us at andy.okamoto@icloud.com. We will respond within 30 days. We may need to verify your identity before fulfilling your request.
Deleting your leaderboard account in-app. You can delete your leaderboard account and associated server-side data directly from within the app at Settings → Delete Leaderboard Account, without needing to contact us.
Camera & Notification Permissions
You can manage camera and notification permissions at any time through your device's operating system settings. Revoking camera access disables push-up detection; revoking notifications disables alarm alerts.
Advertising Identifier & Tracking (iOS)
On iOS, PushClock requests permission to track your device's advertising identifier (IDFA) via Apple's App Tracking Transparency (ATT) framework. If you decline, we will not use your IDFA for attribution or advertising measurement purposes. You can change this permission at any time in Settings > Privacy & Security > Tracking.
11. Third-Party Services
PushClock integrates with or depends on the following categories of third-party services:
- App Store Platforms: Apple App Store and/or Google Play Store handle payments and distribution under their own privacy policies.
- Apple (Sign in with Apple): We use Sign in with Apple to authenticate leaderboard accounts. Apple provides us with an opaque user identifier and, at your option, your name and email (which may be a privacy relay address). See Apple's Privacy Policy.
- Supabase (Backend Services): We use Supabase to provide authentication, database, and file storage for the leaderboard feature. Supabase stores your authentication record, your leaderboard profile (display name, avatar URL, aggregate stats), avatar image files, and any moderation reports you submit. See Supabase's Privacy Policy.
- AppsFlyer (Attribution & Analytics): We use AppsFlyer as our mobile measurement partner (MMP) to attribute app installs and in-app events (such as trial starts and subscription conversions) to advertising campaigns. AppsFlyer may collect device identifiers, IP address, install timestamps, and in-app event data. AppsFlyer is contractually bound to use this data only for attribution and analytics. See AppsFlyer's Privacy Policy.
- Meta (Facebook/Instagram) & TikTok: We run paid advertising campaigns on Meta (Facebook and Instagram) and TikTok. These platforms may receive pseudonymous attribution and conversion data through their respective SDKs or server-to-server integrations to facilitate campaign measurement and optimization. This may include device identifiers, in-app event signals, and hashed identifiers. See Meta's Data Policy and TikTok's Privacy Policy.
- Analytics & Crash Reporting: We may use analytics tools (e.g., crash reporting SDKs) that collect anonymized usage data. These providers are contractually prohibited from using your data for independent purposes.
We are not responsible for the privacy practices of third-party services. We encourage you to review their privacy policies.
12. International Data Transfers
If you are located outside the United States, please be aware that your information may be transferred to and processed in the United States or other countries. We ensure that any such transfers comply with applicable data protection laws through appropriate safeguards such as standard contractual clauses.
13. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to:
- Know what personal information is collected, used, shared, or sold.
- Delete personal information we have collected from you.
- Opt out of the sale or sharing of personal information. Note: we do not sell personal information. However, we do share certain pseudonymous data with advertising platforms (Meta and TikTok) and our attribution partner (AppsFlyer) for cross-context behavioral advertising measurement purposes. You have the right to opt out of this sharing.
- Non-discrimination for exercising your privacy rights.
To opt out of the sharing of your personal information for cross-context behavioral advertising, or to submit any other CCPA/CPRA request, contact us at andy.okamoto@icloud.com or through the in-app settings menu. We will process your request within 45 days.
14. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal information under the following legal bases:
- Performance of a contract — to provide you with the app's functionality, including the leaderboard when you choose to sign in.
- Legitimate interests — for analytics, security, product improvement, community moderation, and advertising measurement, where these don't override your rights.
- Legal obligation — where processing is required by law.
- Consent — where you have given explicit consent (e.g., optional features, IDFA tracking on iOS).
You have the right to lodge a complaint with your local data protection authority if you believe we have not handled your data in accordance with applicable law.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. For material changes, we will provide a more prominent notice (such as an in-app notification or email). Your continued use of PushClock after changes take effect constitutes your acceptance of the revised policy.
16. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
PushClock
Email: andy.okamoto@icloud.com
We are committed to resolving any complaints about your privacy and our collection or use of your personal information promptly and transparently.
This Privacy Policy was last updated on April 22, 2026.