Privacy Policy

Last updated: June 22, 2026 · Effective: June 22, 2026

Push2Unlock is built privacy-first. All exercise detection happens entirely on your device, no video is ever recorded or transmitted, and the app works without any account. This policy explains exactly what the app does and does not do with your information.

1. Who we are

Push2Unlock ("the app", "we", "us", "our") is developed and operated by Xboost. This Privacy Policy applies to the Push2Unlock iOS application and this website. By using the app, you agree to the practices described here.

2. Camera & on-device processing

Push2Unlock uses your iPhone's front camera to count exercise repetitions (push-ups, squats, and sit-ups). This is the core of the app, so it is worth being precise about how it works:

• The camera is active only while you are on the workout screen and a workout is in progress.
• Camera frames are analyzed in real time on your device using Apple's built-in Vision framework to detect body pose and joint angles.
• No video or image is ever recorded, saved, stored, or uploaded — to us or to anyone else. Frames are processed in memory and discarded immediately.
• No internet connection is used or required for rep counting. Detection runs fully offline.
• We never receive, see, or have any access to your camera feed.

You can revoke camera access at any time in Settings → Privacy & Security → Camera. Without camera access, rep counting cannot function, but no other harm results.

3. Information we do and don't collect

We do not collect

• Your name, email, phone number, or any account credentials — there is no account.
• Camera footage, photos, or any biometric template.
• Contacts, location, microphone audio, or browsing history.
• Advertising identifiers. The app contains no ads and no third-party advertising SDKs.

Stored on your device only

The following is created and stored locally on your iPhone to make the app work. It stays on your device (and your private iCloud, if enabled — see Section 7) and is not sent to us:

• Your workout history (exercise type, rep counts, dates, durations).
• Your stats, streaks, and daily quest progress.
• Your app settings, blocking modes, and schedules.
• Your selection of apps to block (stored as opaque system tokens — see Section 4).

4. Screen Time & blocking data

Push2Unlock uses Apple's Family Controls, Managed Settings, and Device Activity frameworks to block and unblock apps. When you choose which apps to block, iOS returns opaque tokens — not app names or identifiers we can read. We cannot see which specific apps you block; only the system can resolve those tokens. This selection is stored locally on your device and shared only between Push2Unlock's own app extensions on your phone. It is never transmitted to us or any third party.

5. Subscriptions & purchases

Push2Unlock offers auto-renewing subscriptions and a one-time lifetime purchase. All payments are processed entirely by Apple through the App Store using your Apple ID. We never receive or store your payment details, credit card numbers, or billing address.

The app verifies your purchase status through Apple's StoreKit so it knows whether your subscription is active. This entitlement status is kept on your device. Apple's handling of your purchase is governed by Apple's Privacy Policy.

6. Third-party services

Push2Unlock relies on the following, and nothing more:

• Apple App Store / StoreKit — for subscriptions and purchases.
• Apple iCloud (optional) — to sync your own data across your devices, if you have iCloud enabled (see Section 7).

We do not integrate any third-party analytics, advertising, tracking, or crash-reporting SDKs that profile you. We do not sell, rent, or share your personal information with anyone.

7. Data storage & iCloud

Your workouts, stats, and settings are stored on your device. If you have iCloud enabled, this data may sync to your private iCloud account so it is available across your devices and can be restored if you reinstall the app. This data lives in your iCloud, encrypted and controlled by your Apple ID — we have no access to it. You can delete it at any time by deleting the app and removing its data from iCloud in your device settings.

8. Your rights & choices

Because we don't collect or hold your personal data on any server, there is nothing on our side to request, export, or delete. You remain in full control:

• Access / portability: all your data is on your device and visible in the app's Stats screen.
• Deletion: deleting the app removes its local data; you can also clear its iCloud data from device settings.
• Permissions: revoke Camera or Screen Time access anytime in iOS Settings.

If you are in the EEA/UK (GDPR) or California (CCPA/CPRA), the same applies — we are not a controller or seller of your personal information because we do not collect it. We do not sell or "share" personal information as those terms are defined under applicable law.

9. Children's privacy

Push2Unlock is not directed to children under 13 (or the minimum age of digital consent in your country). We do not knowingly collect personal information from children. Because the app collects no personal data at all, no such information is gathered regardless of a user's age.

10. Security

Your data is protected by your device's hardware encryption and iOS sandboxing. Sensitive processing (rep detection) happens in-memory and is never persisted. Because we operate no servers that store your personal data, there is no central database to breach.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, for material changes, provide notice within the app. Continued use of Push2Unlock after changes take effect constitutes acceptance of the updated policy.

12. Contact us

Questions about this policy or your privacy? Reach us at victor@xboostapp.io and we'll respond as soon as we can.