Privacy Policy

Effective date: June 12, 2026 · Last updated: June 12, 2026

The short version: SetStreak collects only what it needs to run your account and sync your workouts. We never sell your data and we don't run advertising or third-party analytics trackers. You can edit your data anytime and ask us to delete your account whenever you like. The full detail is below.

1. Who we are
2. Information we collect
3. How we use your information
4. Legal bases for processing
5. How we share information
6. Cookies and local storage
7. Data retention
8. How we protect your data
9. Your rights and choices
10. Children's privacy
11. International data transfers
12. Changes to this policy
13. Contact us

1. Who we are

SetStreak ("SetStreak", "we", "us", or "our") is a workout tracking service operated by Nexint. This Privacy Policy explains what personal information we collect when you use SetStreak at setstreak.com and the associated web application (together, the "Service"), how we use and share it, and the choices and rights you have. By using the Service, you agree to the practices described here.

2. Information we collect

Information you provide

Account information. When you create an account, we collect your email address and a password. Your password is never stored in readable form — it is protected using a strong one-way hashing algorithm (Argon2id) and cannot be recovered by us. You may also optionally provide a display name.
Workout content. The information you enter into the app: your workout plan and any edits to it, exercises, sets, weights, reps, cardio sessions, weekly goals, streaks, personal records, and badges.
Communications. If you email us, we receive your message and contact details so we can respond.

Information we collect automatically

Technical and security data. When you use the Service, our servers record standard information such as your IP address and request timestamps. We use this to operate the Service securely — for example, to apply rate limits that protect against abuse of our sign-in and password endpoints.
Session cookie. After you log in, we set a single essential cookie to keep you signed in (see Cookies and local storage). We do not use advertising or cross-site tracking cookies.
On-device storage. The app stores a copy of your workout data in your browser's local storage so it works smoothly and remains available offline. This stays on your device and is cleared when you log out.

We do not collect payment information (SetStreak is free), and we do not use third-party advertising networks, analytics SDKs, or social media trackers.

3. How we use your information

We use the information above to:

provide and operate the Service — creating your account, storing your workouts, and syncing them across your devices;
calculate features such as your streaks, weekly progress, and personal records;
send you service-related emails, such as email verification and password resets (these are transactional messages, not marketing);
keep the Service secure, prevent abuse, and diagnose and fix problems; and
comply with legal obligations and enforce our Terms of Service.

We do not use your workout data to train advertising profiles, and we do not sell it.

4. Legal bases for processing

For users in the European Economic Area (EEA) and the United Kingdom, we process personal data on the following legal bases: to perform our contract with you (providing the Service you signed up for); our legitimate interests in keeping the Service secure and reliable; your consent where required; and to comply with legal obligations.

We do not sell your personal information. We share it only in these limited situations:

Service providers (subprocessors). We use trusted infrastructure providers to run the Service. Today this is primarily Amazon Web Services (AWS), which provides our cloud hosting and database, and Amazon Simple Email Service (SES), which delivers our account emails. These providers process data on our behalf under their own security and privacy commitments.
Legal and safety reasons. We may disclose information if required by law, regulation, legal process, or governmental request, or where necessary to protect the rights, safety, and security of our users, the public, or SetStreak.
Business transfers. If SetStreak or Nexint is involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction. We will continue to protect it consistent with this policy and notify you of any material change.

6. Cookies and local storage

SetStreak uses a single essential session cookie to keep you logged in. It is set with HttpOnly, Secure, and SameSite=Lax attributes, is not readable by scripts, and is used only for authentication — not for advertising or cross-site tracking. Because it is strictly necessary to provide the Service, it does not require consent under most cookie laws.

We also use your browser's local storage to cache your workout data on your device for offline use and faster loading. You can clear it at any time by logging out or clearing your browser data.

7. Data retention

We keep your account and workout data for as long as your account is active so that the Service works for you. If you ask us to delete your account, we delete your account record and the workout data associated with it. Residual copies may persist for a short period in routine backups before being overwritten, and we may retain limited information where required to comply with legal obligations, resolve disputes, or enforce our agreements.

8. How we protect your data

We use industry-standard safeguards to protect your information, including:

encryption of all traffic in transit using HTTPS/TLS;
one-way hashing of passwords (Argon2id) so they are never stored in readable form;
storing authentication tokens only in hashed form, with automatic expiry;
strict separation of each user's data so one account cannot access another's; and
limiting internal access to what is needed to operate the Service.

No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Please use a strong, unique password and keep your login credentials confidential.

9. Your rights and choices

Depending on where you live, you may have some or all of the following rights:

Access the personal data we hold about you.
Correct your data — you can edit your profile and workout data directly in the app at any time.
Delete your account and associated data.
Export a copy of your workout data.
Object to or restrict certain processing, and withdraw consent where processing is based on consent.

To exercise any of these rights, contact us at privacy@setstreak.com. We will respond within the timeframe required by applicable law. You will not be discriminated against for exercising your rights.

EEA and UK residents

You have the right to lodge a complaint with your local data protection authority if you believe we have not handled your personal data lawfully.

California residents

We do not sell or share your personal information as those terms are defined under the California Consumer Privacy Act (CCPA/CPRA), and we have not done so in the preceding 12 months. California residents may exercise their rights to know, delete, and correct by contacting us at the address above.

10. Children's privacy

SetStreak is not directed to children under 13, and we do not knowingly collect personal information from children under 13 (or the minimum age required in your jurisdiction). If you believe a child has provided us personal information, please contact us and we will delete it.

11. International data transfers

SetStreak is operated from, and stores data on cloud infrastructure located in, the United States. If you access the Service from outside the United States, you understand that your information will be transferred to and processed in the United States, where data protection laws may differ from those in your country.

12. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page, and for material changes we will take reasonable steps to notify you. Your continued use of the Service after an update means you accept the revised policy.

13. Contact us

Questions, requests, or concerns about this policy or your personal data? Reach us at:

SetStreak (a Nexint product)
Email: privacy@setstreak.com