Maplerune LLC Logo

Privacy Policy

Last updated: September 30, 2025

1. Information We Collect

At Maplerune LLC, we are committed to protecting your privacy. This policy covers Wora, our mobile applications, website, and services. We collect information in the following ways:

Information You Provide Directly

  • Account information (name, email, profile photo)
  • Workout data (exercises, sets, reps, weights, duration)
  • Health and fitness goals
  • Body measurements and progress photos (stored locally on device)
  • Food intake and nutrition data
  • Custom workout templates and preferences
  • Support requests and feedback

Information Collected Automatically

  • Device Information: Device type, operating system, app version
  • Usage Analytics: App features used, session duration, crash reports
  • Performance Data: App performance metrics to improve user experience

Health Data

Wora may access health data with your explicit permission, including:

  • HealthKit data (iOS) for workout integration
  • Google Fit data (Android) for activity tracking
  • Heart rate and step count (if available and permitted)

Biometric Data

Wora may collect biometric identifiers and biometric information, including but not limited to:

  • Body measurements (weight, height, body fat percentage, circumference measurements)
  • Progress photos you upload (which may contain biometric information derived from your physical characteristics)
  • Physical performance metrics (strength, endurance, flexibility measurements)

Important: You have the right to refuse collection of biometric information. Progress photos and measurements are stored locally on your device by default. We will not sell, lease, or trade your biometric information. We will permanently destroy biometric information when the initial purpose for collection is satisfied or within 3 years of your last interaction with Wora, whichever occurs first, or as required by applicable law.

2. How We Use Your Information

We use the information we collect to:

  • Provide personalized workout plans and recommendations
  • Generate AI-powered fitness and nutrition guidance
  • Track your progress and show analytics
  • Sync your data across devices
  • Provide customer support and respond to inquiries
  • Improve our app features and user experience
  • Send important app updates and notifications
  • Ensure app security and prevent fraud
  • Comply with legal obligations

AI and Machine Learning

We use aggregated, anonymized data to improve our AI algorithms for:

  • Better workout recommendations
  • More accurate nutrition suggestions
  • Enhanced progress prediction models

3. Information Sharing and Disclosure

We do not sell, rent, or share your personal information with third parties. We may share information only in these limited circumstances:

Service Providers

We work with trusted service providers who help us operate our app:

  • Cloud hosting providers (for data storage and backup)
  • Analytics services (to understand app usage patterns)
  • Crash reporting services (to fix bugs and improve stability)
  • Customer support platforms

All service providers are bound by strict confidentiality agreements and can only use your data to provide services to us.

Legal and Safety Requirements

  • When required by law, court order, or government request
  • To protect the safety and rights of our users
  • To prevent fraud or security threats
  • In connection with a business transfer (merger, acquisition)

Your Consent

We may share information with your explicit consent, such as when you choose to share your achievements on social media.

4. Data Security and Storage

We take data security seriously and implement multiple layers of protection:

Security Measures

  • End-to-end encryption for data transmission
  • Encrypted storage for sensitive information
  • Regular security audits and penetration testing
  • Multi-factor authentication for admin access
  • Automatic security updates and patches
  • Limited employee access on a need-to-know basis

Local Data Storage

Sensitive data like progress photos and detailed measurements are primarily stored locally on your device. This means:

  • You maintain control over your most personal data
  • Data is not transmitted unless you explicitly choose to back it up
  • Photos and measurements stay private to your device

Cloud Backup

We offer optional cloud backup for:

  • Workout history and templates
  • App preferences and settings
  • Progress data (without photos unless opted-in)

5. Data Retention

We retain your data only as long as necessary to provide our services:

Active Accounts

  • Account information: Retained while your account is active
  • Workout history: Retained for the life of your account to show progress and analytics
  • App preferences: Retained while your account is active
  • Health and biometric data: Retained while your account is active or for 3 years from last interaction, whichever is shorter
  • Progress photos: Stored locally on device; cloud backup retained only if you opt-in, deleted within 30 days of account deletion
  • Support communications: Retained for 2 years after resolution

Inactive Accounts

  • Accounts inactive for 2+ years will have personal data archived or deleted
  • You will receive notice before data deletion
  • You can request data deletion at any time
  • De-identified, aggregated analytics may be retained indefinitely for app improvement

Account Deletion

When you delete your account:

  • Personal data is deleted within 30 days
  • Biometric data is permanently deleted within 30 days
  • Backup copies in disaster recovery systems are deleted within 90 days
  • De-identified analytics data may be retained
  • Locally stored data remains on your device until you remove the app
  • Data required for legal compliance may be retained longer

6. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

General Privacy Rights

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Request transfer of your information to another service
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Opt-out: Opt-out of marketing communications at any time

GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under GDPR:

  • Right to be forgotten: Request complete erasure of your personal data
  • Right to withdraw consent: Withdraw consent for data processing at any time
  • Right to lodge a complaint: File a complaint with your local data protection authority
  • Right to object to automated decision-making: Request human review of automated decisions
  • Right to data portability: Receive your data in a machine-readable format

Our lawful basis for processing your data includes: consent, contract performance, legal obligations, and legitimate interests.

CCPA/CPRA Rights (California Residents)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Request disclosure of personal information we collect, use, and share
  • Right to Delete: Request deletion of personal information we hold about you
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt-out of the sale or sharing of personal information (Note: We do not sell personal information)
  • Right to Limit: Limit use and disclosure of sensitive personal information
  • Right to Non-Discrimination: Exercise privacy rights without discriminatory treatment

Exercising Your Rights

To exercise any of these rights, please contact us at:

We will respond to verified requests within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

7. Cookies and Tracking

Our website may use cookies and similar technologies to:

  • Remember your preferences and settings
  • Analyze website traffic and usage patterns
  • Improve user experience and website functionality

You can control cookies through your browser settings, though this may affect website functionality.

Do Not Track Signals

Our website currently does not respond to "Do Not Track" (DNT) signals from browsers. We track usage across your visits to our website to improve your experience. You can opt out of tracking by adjusting your browser settings or using privacy-focused browser extensions.

Mobile App Analytics

Wora uses analytics tools to understand app usage. You can opt out of analytics tracking in the app settings. This will not affect your ability to use Wora.

8. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your information during such transfers.

10. Children's Privacy

Wora is designed for users 13 years of age and older. We do not knowingly collect personal information from children under 13. If we discover that we have collected information from a child under 13, we will delete it immediately.

For users aged 13-17, we recommend parental guidance when using fitness and nutrition features.

If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us at privacy@maplerune.com.

11. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Notify affected users via email within 72 hours of discovering the breach
  • Provide details about what information was compromised
  • Explain what steps we are taking to address the breach
  • Offer guidance on steps you can take to protect yourself
  • Notify relevant authorities as required by law

We maintain incident response procedures and security measures to minimize the risk and impact of data breaches.

12. Marketing Communications

We may send you marketing communications about Wora features, updates, and promotions. You have control over these communications:

Opt-Out Rights

  • Click "unsubscribe" in any marketing email
  • Adjust notification preferences in Wora settings
  • Contact us at privacy@maplerune.com to opt out

Types of Communications

  • Transactional: Account updates, security alerts, support responses (cannot opt-out)
  • Product updates: New features, app improvements (can opt-out)
  • Marketing: Promotional offers, tips, content (can opt-out)

Even if you opt out of marketing communications, we will still send you important transactional and security-related messages.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website with a new "Last updated" date
  • Sending an in-app notification in Wora
  • Emailing you about significant changes (for material changes)

Your continued use of our services after changes take effect constitutes acceptance of the updated policy. If you do not agree with the changes, you should discontinue use and delete your account.

14. Third-Party Integrations

Our app may integrate with third-party services with your permission:

Health Apps

  • Apple HealthKit: To sync workout data and health metrics
  • Google Fit: To track activities and sync health data

Social Features

If you choose to share your progress:

  • You control what information is shared
  • Sharing is always optional
  • Third-party platforms have their own privacy policies

15. International Users

Maplerune LLC is based in the United States. If you use our app from outside the US:

  • Your data may be transferred to and stored in the US
  • We comply with applicable international privacy laws
  • You have the same privacy rights regardless of location

16. California "Shine the Light" Law

California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.

17. Contact Information

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Privacy Inquiries: privacy@maplerune.com

App Support: support@maplerune.com

General Contact: contact@maplerune.com

Address: Maplerune LLC, United States