Privacy Policy
1. Introduction
Welcome to PushClock ("we," "our," or "us"). PushClock is a fitness-alarm application that combines push-up detection with alarm clock functionality, offers optional sleep insights based on Apple Health data, and includes optional community features such as a global leaderboard. We are committed to protecting your personal information and your right to privacy.
This Privacy Policy explains what information we collect, how we use it, what we share with third parties (including advertising, attribution, and backend service partners), and what rights you have in relation to it. Please read it carefully. If you disagree with its terms, please discontinue use of the app.
2. Information We Collect
2.1 Information You Provide Directly
- Account Information: If you choose to use the leaderboard, we authenticate you using Sign in with Apple or Sign in with Google. The provider you choose gives us an opaque user identifier and, at your option, your name and an email address (with Apple, this may be a privacy relay address that hides your real email). We store this authentication record through our backend provider, Supabase. PushClock does not create or store passwords.
- Leaderboard Profile: A display name (1–20 characters, letters, numbers, or underscores) and an optional avatar photo that you select from your device's photo library. Both are displayed publicly to other signed-in users on the leaderboard.
- Alarm Preferences: Alarm times, snooze settings, push-up goals, and other configuration data you set within the app. Alarm preferences are stored on your device and are not uploaded to our servers.
- Fitness Goals: Push-up targets or custom workout goals you configure per alarm.
- Onboarding Questionnaire Responses: During onboarding, the app asks you a series of demographic and behavioral questions — including your age range (the options include a 13–17 bracket), your gender, and self-reported habits such as your typical sleep, mood, and wake-up patterns. Your answers are sent to our analytics provider, Mixpanel, both as events and as user properties tied to a pseudonymous analytics identifier, to help us understand our audience and improve the app. These answers are not published on the leaderboard. See Section 6 and Section 11 for how Mixpanel processes this data.
- Referral Information: PushClock includes a referral program. If you enter or share a referral code, we record that code and link it to a referral record in our backend (Supabase), associated with a pseudonymous analytics identifier, so we can attribute referrals and credit any rewards.
- Moderation Reports: If you report another user, we collect the reason category you select (such as inappropriate name, inappropriate photo, impersonation, or spam/abuse) and an optional free-text note you choose to include.
2.2 Information Collected Automatically
- Camera Data — push-up detection (on-device): For push-up counting and exercise form, PushClock uses your device camera for real-time pose detection that runs entirely on your device. For this feature we do not record, store, transmit, or share any video or images, and no frame ever leaves your device.
- Photos — verification missions (processed off-device): Certain optional alarm-dismissal missions ask you to take a photo — for example, a made bed, the sky, grass/outdoors, a sketch, a specific object, or a custom "Snap This" photo. To check whether the photo satisfies the mission, the single image is transmitted through our backend (Supabase) to an automated AI vision service (Anthropic's Claude API) for analysis. Depending on the mission, the photo may include your face, body, or images of your home, bed, or surroundings. The image is used only to return a pass/fail result and a short reason; it is not stored or retained on PushClock's own systems (including our Supabase backend) and is not added to any profile. Once transmitted to Anthropic's API, the photo is subject to Anthropic's own handling of API inputs. See Section 4 for details.
- Leaderboard Activity: The leaderboard ranks users by their fastest alarm-dismissal response times — how quickly you dismiss an alarm by completing its mission. If you participate in the leaderboard, we sync from your device to our servers only: your best (fastest) dismissal times on an all-time, weekly, and monthly basis, and which mission produced each best time. These values are displayed publicly alongside your display name and avatar. We do not upload your push-up totals, streaks, badges, or alarms to the leaderboard — those remain on your device.
- Usage Data: App open/close events, feature interactions, alarm completion rates, leaderboard views, and session duration — collected to improve app performance.
- Device Information: Device model, operating system version, unique device identifiers, and crash and diagnostic reports. Crash diagnostics are provided through Apple's native App Store Connect crash reporting; we do not integrate a third-party crash-reporting SDK.
- Motion & Fitness Data: Accelerometer and motion-sensor data used to support activity detection and motion-based alarm-dismissal missions (such as shake or step challenges), where applicable.
- Microphone & Voice (on-device): Some optional missions and features use your microphone — speaking a tongue-twister to dismiss an alarm, or recording a custom alarm sound. Speech recognition for tongue-twisters runs on your device, and recorded custom sounds are stored only on your device. We do not transmit your voice recordings or audio to our servers or any third party.
- App-Blocking Selections (Screen Time / Family Controls): If you use the optional app-blocking feature, PushClock uses Apple's Family Controls / Screen Time framework to block apps you choose until you complete your alarm. The apps you select are represented by opaque system tokens that are stored on your device; we do not receive the list of apps you use or block, and this information is not uploaded to our servers.
- Subscription & Purchase Data: When you start a trial or purchase a subscription or lifetime access, we and our partners process related data such as product identifier, price, currency, transaction and subscription status, and trial start — to operate billing, paywalls, and advertising measurement. Payment card details are handled by the app store, not by us.
- Advertising Identifiers (IDFA/GAID): We may collect your device's advertising identifier (Apple IDFA or Google Advertising ID) for attribution and advertising measurement purposes. You can reset or limit use of this identifier through your device's settings (iOS: Settings > Privacy & Security > Tracking; Android: Settings > Google > Ads).
2.3 Health & Sleep Data (Apple Health / Apple Watch)
- Sleep Data: With your permission, PushClock reads sleep data (such as sleep duration and the sleep stages recorded by your Apple Watch) from Apple Health (HealthKit). We use this data solely to show you in-app sleep insights — for example, summaries and trends about your recent sleep displayed within the app.
- On-device only: Your sleep and health data is read and processed entirely on your device. We do not upload, transmit, or store it on our servers, and it is never associated with your leaderboard profile.
- No advertising or sharing: Consistent with Apple's requirements, we never use Apple Health data for advertising, marketing, or data-mining purposes, and we never sell it or share it with any third party.
- Permission and control: PushClock requests Health access before reading any data, and you choose which categories to grant. You can revoke access at any time in the Apple Health app (Sharing → Apps) or in iOS Settings > Privacy & Security > Health. Revoking access disables sleep insights but does not affect alarm or push-up features.
2.4 Information We Do Not Collect
- We do not collect biometric identifiers beyond what is necessary for on-device pose detection.
- We do not upload your Apple Health or sleep data to our servers. Sleep data read from Apple Health is processed only on your device (see Section 2.3).
- We do not record or store video from your camera, and we do not retain the photos you submit for mission verification — they are processed transiently to return a result and then discarded (see Section 4.2).
- We do not collect precise location data.
- We do not collect financial or payment information directly (payments are processed by the relevant app store platform).
- We do not sync your alarm times, goal wake-up time, or individual wake-up timestamps to our servers. Only the leaderboard data listed in Section 2.2 (your best alarm-dismissal times, the mission for each, and your display name and avatar) is uploaded when you participate in the leaderboard. We do not upload your push-up totals, streaks, or badges.
3. How We Use Your Information
We use the information we collect to:
- Operate the app — deliver alarm functionality, track push-up completion, and apply your preferences.
- Show sleep insights — display in-app summaries and trends based on sleep data you allow us to read from Apple Health, processed entirely on your device.
- Power optional features you enable — such as photo-, motion-, or voice-based alarm-dismissal missions and app-blocking, including verifying mission photos and applying the app blocks you configure.
- Process subscriptions — manage trials, paywalls, purchases, and subscription status.
- Operate the leaderboard — authenticate your account, publish your display name, avatar, and best alarm-dismissal times to other signed-in users, and rank users by their fastest dismissal times on a weekly, monthly, and all-time basis.
- Moderate the community — review user reports and take action against accounts that violate our Terms of Service.
- Improve the product — analyze usage patterns to fix bugs, optimize performance, and develop new features.
- Communicate with you — send service-related notifications, updates, and support responses.
- Ensure security — detect, investigate, and prevent fraudulent or unauthorized activity.
- Advertising measurement & attribution — attribute app installs and in-app events to advertising campaigns, and measure the effectiveness of our advertising on platforms such as Meta (Facebook/Instagram), using our mobile measurement partner AppsFlyer.
- Comply with legal obligations — fulfill applicable legal, regulatory, or contractual requirements.
We do not sell your personal information to third parties for their own marketing purposes.
4. Camera, Pose Detection & Photo Verification
PushClock uses your camera in two distinct ways, which are handled differently:
4.1 Push-up pose detection (on-device)
- On-device processing only: All pose detection and push-up counting is performed locally on your device using on-device machine-learning models.
- No transmission: For pose detection, the camera feed is never transmitted to our servers or any third party.
- No storage: No video, image, or frame is saved to your device or our systems as a result of pose detection.
- Not biometric identification: Pose detection analyzes body position in real time to count repetitions. It is not used to identify or recognize you, and we do not create, store, or share any facial or biometric template or "faceprint."
4.2 Photo-verification missions (processed off-device)
Some optional alarm-dismissal missions ask you to take a photo (for example: a made bed, the sky, grass/outdoors, a sketch, a specific object, or a custom "Snap This" photo). When you complete one of these missions:
- The image is sent off-device for analysis: The single photo is transmitted securely (over TLS) through our backend provider (Supabase) to an automated AI vision service, Anthropic's Claude API, which returns only a pass/fail result and a short reason. Depending on the mission you choose, the photo may include your face, body, or images of your home, bed, or surroundings. Once the photo has been transmitted to Anthropic's API for analysis, it is subject to Anthropic's own handling of API inputs under Anthropic's terms and privacy practices.
- Not stored on our systems: The photo is used solely to evaluate that mission. It is not stored or retained on PushClock's own systems, including our Supabase backend; it is not linked to your profile, and we keep no copy — it is discarded after the check. For how Anthropic handles images sent to its API, see Anthropic's Privacy Policy (linked in Section 11).
- Automated analysis may be imperfect: Because verification is automated, it may occasionally accept or reject a photo incorrectly. The photo is not reviewed by a human unless required to investigate abuse or a technical problem.
Permission and control. The app requests camera permission before these features activate. You may revoke camera access at any time through your device settings, though doing so will disable push-up detection and photo-verification missions.
5. Leaderboard, Public Profile & Community Features
Use of the PushClock leaderboard is optional. You can use the alarm and push-up features without signing in. If you do sign in and set a display name, the following information is publicly visible to every other signed-in user of the app:
- Your display name
- Your avatar photo, if you upload one
- Your best (fastest) alarm-dismissal response times, ranked on an all-time, weekly, and monthly basis
- Which mission produced each of your best times
The leaderboard ranks players by how quickly they dismiss an alarm by completing its mission. Your push-up totals, streaks, badges, and alarms are not published to the leaderboard and remain on your device.
Sign in with Apple or Google. We authenticate leaderboard accounts using Sign in with Apple or Sign in with Google. The provider issues us an opaque user identifier and, at your option, your name and email address (with Apple, this may be Apple's privacy relay address). We handle authentication through our backend provider, Supabase.
Avatar upload and storage. When you choose an avatar, the image is resized on your device to a 512×512 JPEG and uploaded to cloud file storage operated by Supabase. Avatar files are served from publicly accessible URLs; while these URLs are not published or indexed outside the app, they are not access-controlled and anyone who possesses a URL can view the image.
Photo library access. The avatar chooser uses Apple's system photo picker. This lets you share a single selected photo with PushClock without granting access to your entire photo library.
Reporting other users. You can report another user's display name or avatar. Reports are stored on our servers and are associated with your account so that we can review them and prevent abuse of the reporting system. You can block another user to hide their entry from your own leaderboard view; blocks are stored locally on your device and do not remove the user from the leaderboard for anyone else.
Deleting your leaderboard account. You can permanently delete your leaderboard account at any time from Settings → Delete Leaderboard Account. This removes your display name, avatar photo, best alarm-dismissal times, and authentication record from our servers. Your local app data (alarms, preferences, local push-up history) is not affected. See Section 7 for information about moderation reports you may have submitted.
6. Sharing Your Information
We do not sell your personal information. We may share your information only in the following limited circumstances:
- Service Providers: Trusted third-party vendors who assist us in operating the app, including Supabase (authentication, database, and file storage for the leaderboard feature), Anthropic (automated AI analysis of photo-verification mission images, as described in Section 4.2), Mixpanel (product analytics, including your onboarding questionnaire responses — age range, gender, and self-reported sleep, mood, and wake-up habits — tied to a pseudonymous analytics identifier), Superwall (subscription and paywall management), Google (Sign in with Google authentication), and cloud hosting providers. These vendors are bound by confidentiality obligations and prohibited from using your data for their own purposes.
- Other Leaderboard Users: Any information described in Section 5 as "publicly visible" (display name, avatar, and best alarm-dismissal times) is shown to other signed-in users of PushClock as an inherent part of the leaderboard feature.
- Advertising & Attribution Partners: We share certain pseudonymous data (such as device advertising identifiers, in-app events, and conversion signals) with our mobile measurement partner AppsFlyer and with advertising platforms including Meta (Facebook/Instagram). This data is used to attribute app installs to advertising campaigns and to measure and optimize advertising performance. California residents may opt out of this sharing (see Section 13). AppsFlyer processes data in accordance with its Privacy Policy. Meta processes data in accordance with its privacy policy.
- Linked Pseudonymous Identifiers: To attribute installs and in-app events and to operate our referral program, we may link the pseudonymous identifiers our providers assign — for example, your analytics identifier (Mixpanel) and your attribution identifier (AppsFlyer) — to one another and to a referral record. These identifiers are not your name, but they can be used to recognize the same device or app installation across these services.
- Legal Requirements: When required by law, subpoena, court order, or to protect the rights, property, or safety of PushClock, our users, or the public.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.
- With Your Consent: In any other circumstances with your explicit prior consent.
7. Data Retention
We retain your personal information for as long as your account is active or as needed to provide you services. You may request deletion of your account and associated data at any time (see Section 10). We may retain certain information as required by law or for legitimate business purposes such as fraud prevention, even after account deletion.
Leaderboard data. Your display name, avatar, and best alarm-dismissal times are retained while your leaderboard account is active and are removed from our servers when you delete your leaderboard account from within the app. Moderation reports you submit about other users may be retained separately for a reasonable period to support abuse prevention and repeat-offender detection, even after your own account is deleted.
Automatically collected usage data is retained for a maximum of 24 months before being deleted or anonymized. Crash and diagnostic reports delivered through Apple's App Store Connect are subject to Apple's own retention policies. Attribution data processed through AppsFlyer is subject to AppsFlyer's own retention policies.
8. Data Security
We implement industry-standard technical and organizational security measures to protect your information, including:
- Encryption of data in transit (TLS/HTTPS)
- Encryption of data at rest
- Access controls limiting employee access to personal data
- Regular security reviews and vulnerability assessments
No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
9. Children's Privacy
PushClock is not directed to children under the age of 13 (or under the applicable age of digital consent in your country, which is 16 in parts of the European Economic Area). We do not knowingly collect personal information from children under these ages, and the leaderboard and related community features are not intended for them. If you believe we have inadvertently collected such information, please contact us immediately at andy@pushclock.com and we will take prompt steps to delete it.
10. Your Rights and Choices
Depending on your location, you may have the following rights regarding your personal information:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you. |
| Correction | Request correction of inaccurate or incomplete data. |
| Deletion | Request deletion of your personal data ("right to be forgotten"). |
| Portability | Request your data in a structured, machine-readable format. |
| Objection | Object to certain types of processing, including analytics. |
| Withdraw Consent | Withdraw consent at any time where processing is consent-based. |
To exercise any of these rights, contact us at andy@pushclock.com. We will respond within 30 days. We may need to verify your identity before fulfilling your request.
Deleting your leaderboard account in-app. You can delete your leaderboard account and associated server-side data directly from within the app at Settings → Delete Leaderboard Account, without needing to contact us.
Camera, Microphone & Notification Permissions
You can manage camera, microphone, motion, speech-recognition, and notification permissions at any time through your device's operating system settings. Revoking camera access disables push-up detection and photo missions; revoking microphone or speech access disables voice missions and custom-sound recording; revoking notifications disables alarm alerts. You can also turn off app-blocking and revoke Screen Time / Family Controls access in your device settings.
Apple Health Permissions
PushClock reads sleep data from Apple Health only with your permission, and processes it on your device. You can review or revoke this access at any time in the Apple Health app under Sharing → Apps, or in Settings > Privacy & Security > Health. Revoking access disables sleep insights.
Advertising Identifier & Tracking (iOS)
On iOS, PushClock requests permission to track your device's advertising identifier (IDFA) via Apple's App Tracking Transparency (ATT) framework. If you decline, we will not use your IDFA for attribution or advertising measurement purposes. You can change this permission at any time in Settings > Privacy & Security > Tracking.
11. Third-Party Services
PushClock integrates with or depends on the following categories of third-party services:
- App Store Platforms: Apple App Store and/or Google Play Store handle payments and distribution under their own privacy policies.
- Apple (Sign in with Apple): We use Sign in with Apple to authenticate leaderboard accounts. Apple provides us with an opaque user identifier and, at your option, your name and email (which may be a privacy relay address). See Apple's Privacy Policy.
- Apple Health (HealthKit): With your permission, we read sleep data (including Apple Watch sleep recordings) from Apple Health to provide in-app sleep insights. This data is processed on your device and is not transmitted to us or any third party. See Apple's Privacy Policy.
- Supabase (Backend Services): We use Supabase to provide authentication, database, and file storage for the leaderboard feature, and to host the backend functions that process photo-verification missions. Supabase stores your authentication record, your leaderboard profile (display name, avatar URL, best alarm-dismissal times and their missions), avatar image files, referral records (see Section 2.1), and any moderation reports you submit. See Supabase's Privacy Policy.
- Google (Sign in with Google): If you choose to sign in with Google, Google provides us an opaque user identifier and, at your option, your name and email address to authenticate your leaderboard account. See Google's Privacy Policy.
- Anthropic (Photo Verification): When you complete a photo-verification mission, the image — which, depending on the mission, may include your face, body, home, bed, or surroundings — is sent to Anthropic's Claude API to return a pass/fail result. We do not retain the image on our own systems (including our Supabase backend); once transmitted, it is handled by Anthropic as an API input under Anthropic's own terms and privacy practices. See Anthropic's Privacy Policy.
- Mixpanel (Product Analytics): We use Mixpanel to understand how the app is used (for example, screen views, feature usage, mission and alarm activity, and subscription events) so we can fix bugs and improve the product. We also send Mixpanel your onboarding questionnaire responses — including age range (which may indicate you are a 13–17-year-old), gender, and self-reported sleep, mood, and wake-up habits — as events and as user properties tied to a pseudonymous analytics identifier. See Mixpanel's Privacy Policy.
- Superwall (Subscriptions & Paywalls): We use Superwall to present paywalls and manage subscription and trial flows. Superwall processes paywall interactions and transaction/subscription status. See Superwall's Privacy Policy.
- AppsFlyer (Attribution & Analytics): We use AppsFlyer as our mobile measurement partner (MMP) to attribute app installs and in-app events (such as trial starts and subscription conversions) to advertising campaigns. AppsFlyer may collect device identifiers, IP address, install timestamps, and in-app event data. AppsFlyer is contractually bound to use this data only for attribution and analytics. See AppsFlyer's Privacy Policy.
- Meta (Facebook/Instagram): We run paid advertising campaigns on Meta (Facebook and Instagram). Meta may receive pseudonymous attribution and conversion data through its SDK or server-to-server integrations to facilitate campaign measurement and optimization. This may include device identifiers, in-app event signals, and hashed identifiers. See Meta's Data Policy.
- Apple (Crash & Diagnostic Reporting): App stability and crash diagnostics are provided through Apple's built-in App Store Connect crash reporting. We do not integrate any third-party crash-reporting or diagnostics SDK.
We are not responsible for the privacy practices of third-party services. We encourage you to review their privacy policies.
12. International Data Transfers
If you are located outside the United States, please be aware that your information may be transferred to and processed in the United States or other countries. We ensure that any such transfers comply with applicable data protection laws through appropriate safeguards such as standard contractual clauses.
13. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to:
- Know what personal information is collected, used, shared, or sold.
- Delete personal information we have collected from you.
- Opt out of the sale or sharing of personal information. Note: we do not sell personal information. However, we do share certain pseudonymous data with advertising platforms (Meta) and our attribution partner (AppsFlyer) for cross-context behavioral advertising measurement purposes. You have the right to opt out of this sharing.
- Non-discrimination for exercising your privacy rights.
To opt out of the sharing of your personal information for cross-context behavioral advertising, or to submit any other CCPA/CPRA request, contact us at andy@pushclock.com or through the in-app settings menu. We will process your request within 45 days.
Other U.S. State Privacy Rights & Consumer Health Data
Residents of other U.S. states with comprehensive privacy laws (such as Virginia, Colorado, Connecticut, and others) may have similar rights to access, correct, delete, and obtain a copy of their personal information, and to opt out of targeted advertising. You can exercise these rights using the same contact details above.
Certain states regulate "consumer health data" (for example, Washington's My Health My Data Act and Nevada's health-privacy law). The sleep data you optionally allow PushClock to read from Apple Health is processed on your device for in-app insights and is not sold or shared with third parties. Where these laws apply, we will obtain any required consent before collecting consumer health data and will not share it without the separate authorization those laws require.
14. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal information under the following legal bases:
- Performance of a contract — to provide you with the app's functionality, including the leaderboard when you choose to sign in.
- Legitimate interests — for analytics, security, product improvement, community moderation, and advertising measurement, where these don't override your rights.
- Legal obligation — where processing is required by law.
- Consent — where you have given explicit consent (e.g., optional features, IDFA tracking on iOS).
You have the right to lodge a complaint with your local data protection authority if you believe we have not handled your data in accordance with applicable law.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. For material changes, we will provide a more prominent notice (such as an in-app notification or email). Your continued use of PushClock after changes take effect constitutes your acceptance of the revised policy.
Summary of changes in the July 6, 2026 update. In this update we: (1) corrected the description of leaderboard data — the leaderboard ranks users by their fastest alarm-dismissal response times and syncs only your display name, avatar, best dismissal times, and the mission behind each best time (not push-up totals, streaks, badges, or alarms); (2) disclosed that onboarding questionnaire responses, including age range, gender, and self-reported sleep, mood, and wake-up habits, are sent to our analytics provider (Mixpanel); (3) added a disclosure of our referral program and the identifiers it links; (4) clarified how photo-verification images are handled, including that they may show your face, body, or surroundings, are transmitted to Anthropic's API for analysis, and are not stored on our own systems; (5) clarified that we link pseudonymous identifiers across providers for attribution and referrals; and (6) updated our advertising-partner and crash-diagnostics disclosures.
16. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
PushClock
Email: andy@pushclock.com
We are committed to resolving any complaints about your privacy and our collection or use of your personal information promptly and transparently.
This Privacy Policy was last updated on July 6, 2026.