Privacy Policy
Last updated: 2026-06-10
This is the privacy policy for Notch, the Wear OS / Android app and the iOS / watchOS app published by Code to Muscle (a sole proprietorship operated by Edwin Knuth). Plain English, no legalese. If anything here is unclear, email [email protected] and I'll fix the wording.
The short version
- Your workouts and heart rate samples live on your devices. There is no Notch-operated server for workout data, and no account to create.
- On iPhone and Apple Watch, your history can sync through your own iCloud account. That is Apple's infrastructure, not mine. You can turn it off.
- The only personal data I ever receive on a server tied to you is your email address, and only if you typed it into the signup form on
notch.codetomuscle.com. - Notch (on both Android and Apple platforms) sends anonymous diagnostic traces (device model, OS version, exercise IDs, durations, error types) to a self-hosted SigNoz instance so I can tell when the app is broken. No names, no Hevy keys, no per-sample heart-rate data.
- If you turn on Hevy sync and paste your API key, your set data is sent to
api.hevyapp.comso it can land in your Hevy account. Notch doesn't store a copy of that anywhere else. - No ad networks. No tracking SDKs. No third-party analytics products. No selling or sharing of your data, ever.
What Notch collects, where it goes, and why
1. Workout data (sets, durations, exercise names)
- What: Each timed hold or rep-based set you log (exercise name, duration or rep count, timestamp).
- Where it lives on Android: A local Room database on your watch. The same data is mirrored to your phone via the Wearable Data Layer so the companion app can show history and charts.
- Where it lives on iOS / watchOS: A local SwiftData database on your iPhone and Apple Watch. If you are signed into iCloud, that database is mirrored to your private iCloud database (section 3).
- What leaves your devices: Nothing goes to any Notch-operated server; there isn't one for workout data. The only off-device paths are ones you control: iCloud sync (section 3), Apple Health / Health Connect export (section 4), and Hevy sync (section 6). Anonymous diagnostic traces (section 7) carry exercise IDs and durations, never your history.
- Why: This is the entire point of the app. The data is yours.
2. Heart rate samples (during timed holds, optional)
- What: Heart rate readings sampled while a hold timer is running. On Wear OS this uses the Health Services Client; on Apple Watch it uses a HealthKit workout session, and only after you grant the heart rate permission. If your watch has no HR sensor, or you deny the permission, Notch silently skips this and logs the set without HR.
- Where it lives: The per-set average and max are stored alongside the set in the local database and travel with your workout data (sections 1 and 3). Raw samples are never transmitted off-device by Notch.
- Why: So you can see how a 60-second dead hang affected you over time.
- You can revoke: Android: System Settings, then Permissions, then Body Sensors / Health. Apple Watch: the Health app, then Sharing, then Apps, then Notch.
3. iCloud sync (Apple devices)
- What: On iPhone and Apple Watch, Notch's database (workout history and exercise settings) is mirrored to your private iCloud database via CloudKit whenever you are signed into iCloud. That keeps your history in sync across your devices and lets it survive a reinstall.
- Whose infrastructure: Apple's. The data lands in your own iCloud account, in a private database that only you can access. I cannot read it. There is no Notch-operated server involved.
- Opt out: Sign out of iCloud, or turn Notch off in iOS Settings (your name, then iCloud, then see apps using iCloud). With iCloud off, everything stays purely on-device.
- Android: There is no equivalent. Android data never leaves your watch and phone except through the opt-in paths in sections 4 and 6.
4. Apple Health and Health Connect (optional export)
- Apple Health (iOS / watchOS): With your permission, Notch reads heart rate during an active session (section 2) and, if you enable the Health export, writes each logged set to Apple Health as a workout (duration, estimated energy, and the set's average and max HR). Notch never reads any other Health data. HealthKit data never leaves your device except through Apple's own Health sync, and it is never sold or shared.
- Health Connect (Android): If you grant the Health Connect permissions, Notch writes each logged session (with its HR samples) to Health Connect on your phone. This is write-only: Notch never reads anything back from Health Connect.
- Default: Both are off until you grant permission, and you can revoke access in the Health app or Health Connect settings at any time.
5. Email address (only if you signed up on the website)
- What: The email address you typed into the signup form on
notch.codetomuscle.com. - Where it lives: A Cloudflare Workers KV namespace, stored in Cloudflare's infrastructure.
- Used for: A single launch-announcement email when Notch ships to the Play Store. Possibly one or two follow-ups if you're an active early user. That's it.
- Not used for: Targeted ads. Selling. Sharing with third parties. There is no marketing automation tool wired up.
- You can delete it: Email [email protected] with the subject "delete my email" and I will remove it within seven days. You can also unsubscribe from any email I send you.
6. Hevy sync (opt-in)
- What: When you paste your Hevy API key into the app's Settings (Pro feature), Notch bundles each day's sets into a workout and sends it to
api.hevyapp.com. - API key storage: On Android, the key is stored encrypted on your device using
EncryptedSharedPreferences; the phone propagates it to the watch over the Wearable Data Layer. On iOS, the key is stored in the system Keychain. It never leaves your devices except to authenticate with Hevy. - Where the workout data lives after sync: In your Hevy account. Hevy's privacy policy applies once it's there: https://hevyapp.com/privacy
- What Notch retains: Only the local copy that already lives on your devices. Notch does not keep a separate sync log on a server.
- Default: Off. Notch will never send anything to Hevy unless you explicitly enable it and paste your own API key.
7. Diagnostic telemetry (anonymous traces to SigNoz)
- What: Both the Android apps and the iOS / watchOS apps send anonymous traces to a self-hosted SigNoz instance at
signoz.codetomuscle.comso I can tell when the app is broken in the wild. Each trace carries:service.name(notch-watch or notch-phone),service.version,device.model(e.g. "Pixel Watch 3" or "Apple Watch"),os.nameandos.version, the install source on the Android phone app (Play Store vs sideload), exercise IDs and exercise names from Notch's built-in catalog, durations in seconds, HR averages and maxes as single numbers, and exception types and messages when something throws. - What is NOT included: No user IDs, no email addresses, no Hevy API keys, no per-sample heart-rate data, no advertising IDs, no IP addresses (the SigNoz collector does not record them). Exercise names in traces come from the built-in exercise catalog; there is no free-text exercise naming in Notch, so a trace can never carry text you typed.
- Sampling: Release builds report roughly 10% of routine traces; the Android watch app always reports errors, crashes, and Hevy sync traces. Debug builds I run locally report 100%. The exporter is suppressed on low battery (below 20% on the watches, below 10% on the Android phone app).
- Crashes: Uncaught exceptions are captured as a span and reported. The stack trace and exception message are included. I'll fix what I see.
- Why: It's the only way I know whether the app is reliable for you. Without it I'd be guessing.
- No third-party analytics: SigNoz is a self-hosted open-source observability tool. The instance is mine, on a server I control. No Google Analytics, no Firebase, no Mixpanel, no Amplitude, no Crashlytics.
What Notch does NOT do
- No accounts. You never sign in to anything Notch-operated.
- No third-party analytics (no Google Analytics, no Firebase Analytics, no Mixpanel, no Amplitude, none of it).
- No ad networks. No advertising IDs read.
- No social SDKs.
- No selling, renting, or sharing of your data with anyone, ever. Hevy sync is opt-in and goes only to your own Hevy account; iCloud sync goes only to your own iCloud account; the SigNoz traces go to a server I personally operate.
Permissions Notch requests, and why
Android
| Permission | Why |
|---|---|
BODY_SENSORS | Read heart rate during a hold timer. Optional. |
health.WRITE_EXERCISE / health.WRITE_HEART_RATE | Write logged sessions to Health Connect, only if you grant it. |
POST_NOTIFICATIONS | Show the optional daily reminder ("you haven't notched any reps yet today"). |
RECEIVE_BOOT_COMPLETED / SCHEDULE_EXACT_ALARM | Re-arm the daily reminder alarm after the device reboots. |
FOREGROUND_SERVICE / FOREGROUND_SERVICE_HEALTH | Keep the timer and HR session alive while a hold is running. |
WAKE_LOCK / VIBRATE | Run the timer reliably and provide haptic ticks. |
INTERNET / ACCESS_NETWORK_STATE | Hevy API calls (if you enable sync) and anonymous diagnostic traces to SigNoz. |
iOS / watchOS
| Permission | Why |
|---|---|
| Health: heart rate (read) | Live heart rate during a hold timer. Optional. |
| Health: workouts (write) | Save logged sets to Apple Health, only if you enable the export. |
| Notifications | Show the optional daily reminder. |
Data retention
- On your devices: Forever, until you uninstall Notch. Uninstalling wipes the local database. All sets, heart rate samples, and streak data are gone.
- iCloud: If iCloud sync was on, your history remains in your private iCloud database after an uninstall (that is what makes reinstall recovery work). To remove it, delete Notch's iCloud data in iOS Settings (your name, then iCloud, then Manage Account Storage).
- iOS Keychain: If you set up Hevy sync on iOS, the API key lives in the system Keychain, which Apple preserves across reinstalls. Clear the key in the app's Settings if you want it gone before uninstalling.
- Email signups: Retained until you ask for deletion or until I shut the mailing list down. Either way I will not silently keep it forever; if you haven't engaged with an email in 24 months I will purge your address proactively.
- SigNoz traces: Retained for 15 days at the SigNoz instance, then deleted automatically.
Your rights
You can:
- Access all data Notch holds about you on your devices (it's all visible in the app; there's no hidden field).
- Delete all on-device data by uninstalling the app (and remove the iCloud copy as described under Data retention).
- Delete your email signup by emailing [email protected].
- Opt out of any feature that sends data off-device. Hevy sync is off by default. iCloud sync follows your iCloud sign-in and can be turned off per-app in iOS Settings. Diagnostic traces can't yet be disabled with an in-app toggle; if this matters to you, email me and I'll add one.
GDPR and CCPA: I treat all users the same regardless of jurisdiction. The above rights apply to everyone.
Children
Notch is not aimed at children. The strength training advice in the app and on the website assumes an adult body. I don't knowingly collect data from anyone under 13. If you believe a child's email made it onto the signup list, email me and I'll remove it.
Security
- All Notch network traffic (the website, the signup Worker, Hevy API calls, and diagnostic traces) uses TLS.
- The KV namespace holding email signups is access-controlled to my Cloudflare account.
- The on-device database is protected by the OS sandbox; Android and iOS both isolate app storage per app.
- The Hevy API key is stored in Android's
EncryptedSharedPreferencesor the iOS system Keychain, on-device. - iCloud data is protected by your Apple ID and Apple's CloudKit security.
- I won't pretend to have a SOC 2. I'm a single developer. If you need that level of assurance, this app probably isn't for you yet.
Changes to this policy
If I change anything material, I'll update the "Last updated" date at the top and post a note on notch.codetomuscle.com. If a change expands what data is collected, I'll email everyone on the mailing list before it takes effect.
Contact
- Developer: Edwin Knuth, doing business as Code to Muscle
- Email: [email protected]
- Website: https://notch.codetomuscle.com
For deletion requests, privacy questions, or anything else, that email reaches me directly.