Privacy Policy

Last updated: 2026-06-10

This is the privacy policy for Notch, the Wear OS / Android app and the iOS / watchOS app published by Code to Muscle (a sole proprietorship operated by Edwin Knuth). Plain English, no legalese. If anything here is unclear, email [email protected] and I'll fix the wording.

The short version


What Notch collects, where it goes, and why

1. Workout data (sets, durations, exercise names)

2. Heart rate samples (during timed holds, optional)

3. iCloud sync (Apple devices)

4. Apple Health and Health Connect (optional export)

5. Email address (only if you signed up on the website)

6. Hevy sync (opt-in)

7. Diagnostic telemetry (anonymous traces to SigNoz)


What Notch does NOT do


Permissions Notch requests, and why

Android

PermissionWhy
BODY_SENSORSRead heart rate during a hold timer. Optional.
health.WRITE_EXERCISE / health.WRITE_HEART_RATEWrite logged sessions to Health Connect, only if you grant it.
POST_NOTIFICATIONSShow the optional daily reminder ("you haven't notched any reps yet today").
RECEIVE_BOOT_COMPLETED / SCHEDULE_EXACT_ALARMRe-arm the daily reminder alarm after the device reboots.
FOREGROUND_SERVICE / FOREGROUND_SERVICE_HEALTHKeep the timer and HR session alive while a hold is running.
WAKE_LOCK / VIBRATERun the timer reliably and provide haptic ticks.
INTERNET / ACCESS_NETWORK_STATEHevy API calls (if you enable sync) and anonymous diagnostic traces to SigNoz.

iOS / watchOS

PermissionWhy
Health: heart rate (read)Live heart rate during a hold timer. Optional.
Health: workouts (write)Save logged sets to Apple Health, only if you enable the export.
NotificationsShow the optional daily reminder.

Data retention


Your rights

You can:

GDPR and CCPA: I treat all users the same regardless of jurisdiction. The above rights apply to everyone.


Children

Notch is not aimed at children. The strength training advice in the app and on the website assumes an adult body. I don't knowingly collect data from anyone under 13. If you believe a child's email made it onto the signup list, email me and I'll remove it.


Security


Changes to this policy

If I change anything material, I'll update the "Last updated" date at the top and post a note on notch.codetomuscle.com. If a change expands what data is collected, I'll email everyone on the mailing list before it takes effect.


Contact

For deletion requests, privacy questions, or anything else, that email reaches me directly.