Privacy Policy

Last updated: 6 June 2026 · Effective: 6 June 2026

Slancor is built for young athletes and is intended to be set up and supervised by a parent, guardian or coach. This policy explains what we collect, why, and the choices you have. We do not sell your data, show ads, or use third-party advertising trackers.

1. Who we are 2. Data we collect 3. How we use data 4. Legal bases 5. Children & parental consent 6. Sharing & processors 7. Where data is stored 8. Retention 9. Security 10. Your rights 11. Changes 12. Contact

1. Who we are

Slancor is a product of Flintal (“Flintal”, “we”, “us”), the data controller responsible for your personal data. Our full legal details are in the Impressum, and you can reach us at privacy@slancor.com.

2. Data we collect

Slancor is on-device first: most of what you log lives on your device and is synced to your private account only so it is available across your devices.

Account

Email address and an encrypted password, to create and secure your account.

Athlete profile

Name or nickname, date of birth or age, biological sex (used for nutrition science), height, weight, sport, and training schedule.

Health, nutrition & training you log

Meals and nutrition, hydration, body weight, training sessions, soreness/pain notes, readiness check-ins, sleep, goals, and competition/tournament dates.

Apple Health (optional, with your permission)

If you enable it, we read activity, workouts, sleep and heart-rate/HRV data to personalise coaching, and we can write logged meals back to Health.
Menstrual-cycle data is processed on your device only and is never uploaded to our servers.

Connected services (optional)

If you connect a wearable such as WHOOP, we receive recovery, strain and sleep metrics via secure authorisation. You can disconnect at any time.

Meal photos & AI analysis

If you photograph or describe a meal, that image/text is sent to our AI processor solely to estimate its nutrition, then returned to you. It is not used to train AI models.

Diagnostics

Crash and error reports to keep the app stable. These are configured to exclude personal identifiers and request contents.

We do not collect precise location, contacts, or advertising identifiers.

3. How we use data

To provide the core service: personalised nutrition, hydration, recovery and training guidance.
To sync your data securely across your devices and back it up to your private account.
To estimate nutrition from meal photos/descriptions and barcodes.
To keep the app reliable and secure (diagnostics, abuse prevention).

We do not use your personal data for advertising, profiling for marketing, or automated decisions with legal effects.

4. Legal bases (GDPR)

Contract — to provide the features you ask for (your account and logs).
Consent — for optional integrations (Apple Health, wearables) and for processing a child’s data, which you can withdraw at any time.
Legitimate interests — to keep the service secure and working, balanced against your rights.

5. Children & parental consent

Slancor is designed for young athletes and may be used by minors. Where required by law (including the EU GDPR for children and the U.S. Children’s Online Privacy Protection Act, “COPPA”), an account for a child must be created and consented to by a parent or legal guardian, who supervises its use. We collect only what is needed to provide the coaching features and apply the same “no ads, no selling data” commitment to all users. A parent or guardian may review, export or delete their child’s data at any time by contacting us or using the in-app delete option.

We never sell your data. We share it only with vetted service providers (“processors”) acting on our instructions:

Supabase — secure account, database and sync (hosted in the EU).
Anthropic — AI analysis of meal photos/descriptions you submit (not used for model training).
Sentry — crash/error diagnostics (EU region; personal identifiers and request bodies excluded).
Apple HealthKit — on your device, under your control and Apple’s terms.
WHOOP and similar wearables — only if you choose to connect them.
Open Food Facts — barcode lookups send only the product code, not your data.

We may also disclose data if required by law, or to protect the rights, safety and security of our users and service.

7. Where data is stored

Your account and synced data are stored in the European Union. Where a provider processes data outside the EU, we rely on appropriate safeguards such as the EU Standard Contractual Clauses.

8. Retention

We keep your data for as long as your account is active. When you delete your account, we delete your synced data from our systems within a reasonable period, except where we must retain limited records to meet legal obligations. Data held only on your device is removed when you delete it or uninstall the app.

9. Security

Encryption in transit (HTTPS/TLS) and at rest.
Per-account access controls (row-level security) so only you can read your data.
Sensitive data (such as menstrual-cycle information) is kept on-device and never synced.
Access tokens are stored in the device Keychain.

No system is perfectly secure, but we work to protect your data and will notify you and the relevant authority of a breach where the law requires.

10. Your rights

Subject to your local law (including the GDPR), you can:

Access a copy of your data, and correct or update it.
Delete your account and data (in-app, or by contacting us).
Export your data, and object to or restrict certain processing.
Withdraw consent for optional features at any time.
Lodge a complaint with your local data protection authority.

To exercise these rights, email privacy@slancor.com.

11. Changes to this policy

We may update this policy as the app evolves. We will post the new version here with an updated date and, for material changes, notify you in the app.

12. Contact

Questions or requests: privacy@slancor.com
Data controller: Flintal, Germany.