Privacy Policy
Your data is yours. Here's exactly what we collect and why.
1. INFORMATION WE COLLECT
Name, email, and profile picture when you sign in
Workouts, exercises, sets, reps, weights, personal records, body measurements, and goals. This is your own gym log, the foundation of your results.
With your permission, the health metrics you choose to share from Apple Health (iOS) or Health Connect (Android), such as heart-rate variability, resting heart rate, sleep, steps, active energy, and body weight. Read-only. See the Health & Wearable Data section below.
The protocols you declare (for example a supplement, peptide, or training change), the windows you set, the metrics and lifts you track, and the results we compute for you
If you choose to upload lab or bloodwork PDFs with Bion+, the values we read from them, used only to show your own trends
Approximate location (with your permission) to provide relevant rewards and localized features
Device type, OS version, app version, and crash reports for stability
Features used, session duration, and navigation patterns
Street, city, postal code, and country, collected when you redeem a delivery prize and stored for future deliveries
Impressions, taps, detail views, purchases, and redemptions, used to improve prize recommendations and provide analytics to participating brands
Subscription status and in-app currency balances, used to manage your Bion+ membership and the in-app economy
2. HOW WE USE YOUR DATA
Enable workout logging, self-experiments, progress tracking, and core app functionality
Compare what you do (your protocol) to what changed in your training and body, against your own normal range
Show what others found on the same protocol, using de-identified data only and never anything that identifies you (see Data Sharing)
Tailor insights and recommendations to your goals
Deliver relevant rewards and offers based on your approximate location
Analyze usage patterns to improve features and fix bugs
Send important updates and respond to support
3. HEALTH & WEARABLE DATA
To measure whether the protocols you run actually change your body and recovery, alongside your training
Bion only reads the metrics you approve. We never write to Apple Health or Health Connect.
Your continuous raw readings stay on your device. Only the specific metric values you log against an experiment are stored in your account to compute your results.
We never sell your health data, never use it for advertising, and never use it to train AI models.
You can turn health access off at any time in your device settings, and you can ask us to delete the values we have stored.
4. DATA SHARING
We don't sell your personal data behind your back. Some optional features let you choose to share data or connect with a partner, for example to earn a reward, and that is always opt-in with you in control.
When we show what others found, it is computed from de-identified data above a minimum group size (at least 30 people), with the number of people shown. It never includes your raw health data or anything that identifies you.
We work with trusted cloud and analytics providers (such as Firebase and Stripe) bound by confidentiality
We may share data when required by law or legal process
We only share information when you explicitly authorize us
When you redeem a prize, the fulfilling brand receives your redemption code, delivery address (for delivery prizes), and any notes you provide. They do NOT receive your training data, health data, or account details.
5. LOCATION DATA
We collect approximate location to provide location-based rewards from quests and season completions
Location access is optional and can be disabled in your device settings at any time
We only use city or region-level location, never precise GPS coordinates
Location data is not stored long-term; it is used only for reward eligibility checks
6. AI FEATURES & DATA
For some features, Bion processes data locally on your device using Apple Foundation Models (iOS) or Google Gemini Nano (Android). This data never leaves your device.
To generate personalized insights and power the chat, we may share your fitness profile, goals, uploaded photos, and text descriptions with the Google Gemini Cloud API.
We require third-party AI providers such as Google to protect your data to the same standard set out in this policy. We do not use your personal data to train cloud AI models.
Your rights
Exercise these rights by contacting privacy@getbion.com
SECURITY
We use industry-standard encryption (TLS/SSL), secure cloud infrastructure, and access controls. No system is 100% secure, but we'll notify you of any data breach as required by law.
DATA RETENTION
We keep your data while your account is active. After deletion, we remove or anonymize it within 90 days unless legally required to retain it.
CHILDREN'S PRIVACY
Bion is not for children under 13. We don't knowingly collect data from minors. If we discover such data, we delete it promptly.
CHANGES
We may update this policy. Material changes will be posted here with an updated date. Continued use means you accept the new terms.