This Privacy Policy explains how Reknit LLC (“we,” “us,” or “our”) collects, uses, stores, and shares information when you use the Reknit mobile application (“App”). By using the App, you agree to the practices described in this policy.
1. Information We Collect
Information you provide directly
- Account information — your email address and password when you create an account
- Display name — the name you choose to go by in the App (optional)
- Injury information — the body part affected and type of issue, as entered during intake
- Pain data — self-reported pain levels (0–10 scale) that you log during sessions
- Exercise activity — session completions, exercise results, effort ratings, and stage progression
- Recovery goals — what you want to achieve from your recovery program
- Training preferences — preferred training time and notification settings
Information collected automatically
- Usage data — aggregate information about how you interact with the App (screens visited, features used), collected via PostHog analytics. This data is not linked to your identity and does not include individual health data.
- Device information — device type and operating system version, used for technical support and crash reporting
2. How We Use Your Information
We use your information to:
- Create and maintain your account
- Build and personalize your exercise plan based on your intake information
- Track your session history and progress within the App
- Generate AI coaching insights and responses based on your session history and reported data
- Send push notifications at your preferred training time (only if you enable notifications)
- Diagnose technical issues and improve App performance
- Comply with legal obligations
3. AI Processing — Anthropic
To generate coaching responses and personalized exercise insights, your session history and self-reported pain data are transmitted to Anthropic’s Claude API. This transmission is necessary for the App’s core coaching functionality.
What is sent to Anthropic: your session history, reported pain levels, exercise completions, and relevant profile context — the minimum necessary to generate a coaching response.
How Anthropic handles this data: Per Anthropic’s usage policy (https://www.anthropic.com/legal/aup), Anthropic does not use API inputs to train its AI models. Your data is processed to generate responses and is not retained by Anthropic beyond that purpose. We encourage you to review Anthropic’s privacy practices at https://www.anthropic.com/legal/privacy-policy.
4. Analytics — PostHog
We use PostHog to understand how users interact with the App and to improve the product. PostHog receives aggregate usage events — for example, “session completed” or “stage advanced.”
We do not send individual health data to PostHog. Pain scores, injury descriptions, and other health information are never included in analytics events. PostHog analytics are not linked to your identity.
You can learn more about PostHog’s privacy practices at https://posthog.com/privacy.
5. Data Storage — Supabase
Your account and health data are stored in Supabase’s cloud database infrastructure, hosted on AWS. Supabase is SOC 2 Type II certified. We implement row-level security policies that ensure your data is only accessible to requests made on behalf of your own account — other users cannot access your data.
You can learn more about Supabase’s security practices at https://supabase.com/security.
6. Data Sharing
We do not sell your personal information. We do not share your personal information with third parties for their marketing purposes.
We share data only as follows:
- Service providers listed above — Supabase (storage), Anthropic (AI processing), and PostHog (analytics) receive data only as necessary to provide their respective services
- Legal compliance — we may disclose information if required to do so by law, court order, or governmental authority, or to protect our rights or the safety of users
7. Health Data
Reknit collects and processes sensitive health information, including injury descriptions and pain scores. We treat this data with heightened care:
- Stored securely in Supabase with row-level security scoped to your user ID
- Transmitted to Anthropic only for the purpose of generating your coaching responses
- Never included in analytics events sent to PostHog
- Never sold or shared with advertisers, employers, insurers, or other third parties
By using the App, you explicitly consent to the collection and processing of this health information as described in this policy.
8. Push Notifications
If you enable push notifications, we may send reminders to complete your training sessions at your preferred time. Push notifications sent to your lock screen contain only generic messages (e.g., “Time for your session today”). Coaching-specific content and health data are only displayed inside the App after you unlock your device.
9. Data Retention
We retain your data for as long as your account is active. If you delete your account, we will delete your personal information and health data within 30 days, except where we are required to retain it to comply with legal obligations.
To request account deletion, contact us at the address below.
10. Security
We implement commercially reasonable technical and organizational measures to protect your information, including:
- Encrypted data transmission (HTTPS/TLS) between the App and our servers
- Row-level security in our database, scoped to your user ID
- No transmission of individual health data to third-party analytics services
- Secure, hashed storage of passwords (handled by Supabase Auth)
No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using industry-standard practices.
11. Children’s Privacy
Reknit is not intended for users under 18 years of age. We do not knowingly collect personal information from anyone under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us and we will delete it promptly.
12. California Residents — CCPA/CPRA
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to know — the categories and specific pieces of personal information we collect about you
- Right to delete — request deletion of your personal information (subject to certain exceptions)
- Right to correct — request correction of inaccurate personal information
- Right to opt out of sale — we do not sell personal information
- Right to non-discrimination — we will not discriminate against you for exercising these rights
To exercise any of these rights, contact us at the address below. We will respond within 45 days.
13. Consumer Health Data — Separate Policy
Reknit maintains a separate Consumer Health Data Privacy Policy that governs how we handle consumer health data (injury information, pain scores, symptom-screening responses, and related data). That policy applies to all users and contains additional rights for Washington State residents under the Washington My Health My Data Act (WMHMDA) and similar rights for residents of Nevada, Connecticut, and other states with consumer-health-data laws.
If you are a Washington State resident, the Consumer Health Data Privacy Policy contains your specific rights to confirm, access, withdraw consent, delete, and appeal with respect to your consumer health data.
The Consumer Health Data Privacy Policy is a separate and distinct document from this Privacy Policy, as required by WMHMDA. In the event of any conflict between this Privacy Policy and the Consumer Health Data Privacy Policy regarding consumer health data, the Consumer Health Data Privacy Policy controls.
14. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. We will notify you of material changes by updating the “Last updated” date at the top of this document. For significant changes, we may also provide in-app notification. Your continued use of the App after changes are posted constitutes your acceptance of the revised policy.
15. Contact
For privacy questions, data requests, or to exercise any of the rights described in this policy:
Email: support@reknit-app.com
We will respond to all requests within 30 days.