CORNERMAN

Privacy Policy

Effective Date: April 2026

Cornerman (“we,” “our,” or “us”) respects your privacy and is committed to protecting it. This Privacy Policy explains what information is collected, how it is used, and your rights when you use the Cornerman website and the Cornerman mobile application available on Google Play (collectively, the “Services”).

1. Information We Collect

a. Data Stored Locally on Your Device

Cornerman stores workout and preference data locally on your device. This data is never transmitted to our servers and includes:

  • Workout settings (rounds, duration, rest periods, difficulty)
  • Workout history (dates and duration)
  • Voice and audio preferences
  • In-app notification preferences and quiet hours settings
  • Early access enrollment status (whether you have seen or acted on the enrollment prompt)

b. Data Automatically Transmitted to Our Servers

When you use the app, the following information is automatically transmitted to and stored on our servers (hosted via Google Firebase) to provide core functionality:

  • Anonymous user identifier (UID): A randomly generated identifier created by Firebase Authentication on first app launch. This is not linked to your name or any account unless you choose to enroll in Early Access. It persists across app sessions but is lost on a full uninstall and reinstall.
  • Push notification token (FCM token): A device token used solely to deliver push notifications to your device. Stored on our servers only for the purpose of notification delivery.
  • App open timestamps: The date and time of your first app open and most recent app open, used to send time-appropriate onboarding messages and re-engagement reminders.
  • Notification preferences: Your enabled notification topics (e.g., workout reminders, motivational messages), scheduled reminder time and frequency, and quiet hours window.

c. Information You Provide Voluntarily — Early Access Enrollment

Cornerman offers an optional Early Access programme for new features. If you choose to enrol through the in-app prompt, we collect:

  • Email address: Used solely to manage your Early Access enrolment, communicate information about enrolled features, and notify you before any free access period ends. We do not use this email for marketing, advertising, or promotional communications unrelated to Early Access.
  • Consent timestamp: The date and time you provided consent, recorded for compliance purposes.
  • Region code: A two-letter code derived from your device language setting, used only for regional eligibility and regulatory compliance purposes.

Early Access enrolment is entirely optional. The app is fully functional without it.

2. How We Use Information

Information collected by Cornerman is used only to:

  • Operate and improve the functionality of the Services
  • Maintain user preferences on the device
  • Deliver push notifications you have opted into, including:
    • Time-based onboarding messages (a brief welcome sequence over your first 30 days)
    • Workout reminders scheduled to your preferred frequency and time
    • Re-engagement messages if you have not opened the app in 3 or more days
    • Important app updates and announcements
  • Manage Early Access enrolment and communicate with enrolled users about enrolled features
  • Manage subscription entitlement via RevenueCat (for users enrolled in paid features)

Cornerman does not use personal information for targeted advertising or behavioural tracking.

3. Push Notifications

If you grant notification permission, Cornerman uses Firebase Cloud Messaging (FCM) to deliver push notifications. Your device’s FCM token is stored on our servers solely for delivery purposes and is not used for any other purpose.

Notifications are pre-scheduled by an automated Cloud Function and delivered according to your preferences. No human reviews individual user notification data.

You can disable notifications at any time through your device’s system settings or through the notification settings within the app. Disabling notifications does not affect any other app functionality.

4. Data Sharing and Third-Party Processors

Cornerman does not sell, trade, or transfer your personal information to third parties for advertising or commercial purposes.

We use the following third-party service providers to operate the Services. These providers act as data processors and are bound by their own privacy policies:

  • Google Firebase (Authentication, Firestore, Cloud Messaging, Cloud Functions, Analytics) — Firebase processes the anonymous UID, FCM token, app open timestamps, notification preferences, and (for enrolled users) email address and consent data. Firebase Analytics receives notification interaction events (notification received / notification opened) tagged with non-personal identifiers.
    Google Privacy Policy
  • RevenueCat — If you enroll in a paid or Early Access feature, RevenueCat manages subscription entitlement using your Firebase UID as an anonymous app user identifier. For enrolled users, your email address may also be associated with your RevenueCat record for cross-device entitlement persistence.
    RevenueCat Privacy Policy
  • ElevenLabs (pre-recorded audio only) — Cornerman uses pre-recorded voice coaching audio files generated by ElevenLabs. These files are bundled within the app and served locally. ElevenLabs does not receive any data from app users at runtime.

Information may also be disclosed if required by applicable law or in response to a valid legal request.

5. Android Advertising ID

The Android version of the app declares the AD_ID (Advertising ID) permission. This permission is included as a transitive dependency of Firebase Analytics, which requires it on Android 13 and above. Cornerman does not use the Advertising ID for advertising, ad targeting, or cross-app tracking. The app contains no advertisements.

6. Children’s Privacy

Cornerman is not directed toward children under the age of 13. We do not knowingly collect personal information from children under 13. The app does not contain content harmful to children and may be used at the discretion of parents or guardians.

7. Data Security

We take reasonable measures to protect information handled by the Services. Workout data and preferences stored on your device remain under your control. Server-side data (Firestore) is protected by Firebase security rules that restrict each user to accessing only their own data.

No method of electronic storage or transmission is 100% secure, but we strive to use commercially reasonable safeguards.

8. Your Rights and Choices

All Users

  • You may enable or disable push notifications at any time via your device settings or in-app notification settings.
  • You may request deletion of any server-side data associated with your anonymous user identifier by contacting us (see Section 11). Because the identifier is anonymous, you will need to provide your FCM token (available in the app’s debug mode) to identify your record.

Early Access Enrolled Users

  • Early Access enrolment is voluntary. You may withdraw from Early Access communications at any time by contacting us.
  • You may request deletion of your email address and associated Early Access data at any time by contacting us at public@cornerman.training.

EU / EEA Users — Your GDPR Rights

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of Access: You may request a copy of the personal data we hold about you.
  • Right to Rectification: You may request correction of inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): You may request deletion of your personal data. We will comply unless retention is required by law.
  • Right to Data Portability: You may request a structured, machine-readable copy of the data you have provided to us.
  • Right to Object: You may object to the processing of your personal data for re-engagement notifications. You can exercise this right by disabling notifications in the app or by contacting us.
  • Right to Withdraw Consent: Where processing is based on consent (Early Access enrolment), you may withdraw consent at any time without affecting the lawfulness of prior processing.

Lawful basis for processing:

  • Consent — Early Access email address and consent timestamp (Article 6(1)(a) GDPR)
  • Legitimate interest — Anonymous UID, FCM token, app open timestamps, and notification preferences, where processing is necessary to deliver the Services you have installed and is not overridden by your interests or rights (Article 6(1)(f) GDPR)

International data transfers: Data is processed on servers operated by Google (Firebase) and RevenueCat, which are based in the United States. These transfers are subject to appropriate safeguards. Google participates in the EU-U.S. Data Privacy Framework and offers Standard Contractual Clauses for data transfers. RevenueCat uses Standard Contractual Clauses for EU data transfers.

To exercise any of these rights, contact us at public@cornerman.training. We will respond within 30 days.

9. Data Retention

  • Anonymous user record (Firestore): Retained for as long as the app is installed or until you request deletion.
  • FCM token: Retained while the app is installed. Tokens expire automatically when the app is uninstalled or notification permission is revoked.
  • Early Access email and consent data: Retained until you request deletion or the Early Access programme concludes, whichever is earlier.
  • Notification queue: Individual notification records are marked as sent and retained for a short period for delivery confirmation, then eligible for deletion.
  • Local device data (workout history, preferences): Retained on your device until the app is uninstalled.

Cornerman retains user data only as long as necessary to provide the Services. Workout history and preferences are stored locally on your device and are removed when you uninstall the app. Server-side data — including your anonymous user identifier, push notification token, and app open timestamps — is retained while the app is installed. If you enrolled in Early Access, your email address and consent record are retained until the Early Access programme concludes or you request deletion.

To request deletion of any data associated with your account, email public@cornerman.training with the subject line “Data Deletion Request.” We will process your request within 30 days and respond with confirmation.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When changes are made, the updated version will be posted on this page with a revised effective date. For material changes, we will make reasonable efforts to notify users (for example, via a push notification or in-app notice).

Continued use of the Services after changes are posted indicates acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy, or wish to exercise your data rights, contact:

Cornerman
Email: public at cornerman.training
Website: https://cornerman.training