Trika
Join waitlist

Last updated · 3 July 2026

Privacy Policy

How Trika collects, uses, shares, and protects your personal data — under GDPR, UK GDPR, CCPA/CPRA, and LGPD.

This Agreement also includes the Terms of Service.

Contents
  1. 1. Data Controller
  2. 2. Categories of Data We Collect
  3. 3. How We Collect Your Data
  4. 4. Legal Bases for Processing (GDPR)
  5. 5. Purposes of Processing
  6. 6. AI Processing and Third-Party AI Providers
  7. 7. Automated Decision-Making
  8. 8. Data Sharing and Recipients
  9. 9. International Data Transfers
  10. 10. Data Retention
  11. 11. Your Rights
  12. 12. Security
  13. 13. Children's Privacy
  14. 14. Cookies and Similar Technologies
  15. 15. Marketing Communications
  16. 16. Health and Sensitive Data — Specific Acknowledgment
  17. 17. Changes to this Privacy Policy
  18. 18. Contact

This Privacy Policy explains how Trika collects, uses, shares, and protects your personal data. It applies to your use of the Trika App and Services. We comply with applicable data protection laws including the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA), the Brazilian LGPD, and other applicable laws.

1 Data Controller

The data controller responsible for your personal data is SEIS TECNOLOGIA, S.L., Calle Velázquez 24, 6º Izquierda, 28001 Madrid, España. You can contact our Data Protection Officer (DPO) at hello@seistech.es or by post at the above address.

2 Categories of Data We Collect

2.1 Account and Identity Data.

Email address, name (optional), password (stored as a cryptographic hash), profile photo (optional), authentication identifiers from Apple/Google if you use social login, date of registration, country, language preference.

2.2 Health and Fitness Data (Special Category under GDPR Article 9).

Goals (weight loss, muscle gain, event preparation, etc.), training experience and history, age, sex, height, weight, body measurements, body fat percentage (if logged), injury history and body-map pinpoints, dietary restrictions and allergies, food preferences, training schedule and availability, equipment access, photographic or visual data (only if you upload it).

2.3 Biometric and Sensor Data from Wearables and Third-Party Platforms.

Resting heart rate, heart rate variability (HRV), active heart rate during workouts, sleep duration and quality, steps and activity, calorie estimates, GPS-based pace/distance data (running, cycling), auto-detected workout sessions, and other data made available by Apple Health, Google Health Connect, Garmin Connect, Whoop, Strava, Strong, and similar.

2.4 Usage Data.

Workouts logged, exercises completed, sets, reps, loads, RPE, duration, food entries, meal logs, free-text inputs to the AI, prompts, swap and edit actions, AI suggestions you accepted or rejected, feature usage patterns, session length, navigation, errors.

2.5 Device and Technical Data.

Device model, operating system version, App version, IP address, language, time zone, mobile carrier, device identifiers (IDFA on iOS, AAID on Android, where you have consented), crash logs, performance metrics.

2.6 Payment and Subscription Data.

Subscription status, billing cycle, purchase history. We do not process or store your full payment card details. Payments are processed by Apple App Store or Google Play Store under their respective terms.

2.7 Communications.

Support requests, feedback, in-App messages, survey responses, and any other communication you send us.

3 How We Collect Your Data

We collect data: (a) directly from you when you register, complete onboarding, log workouts and meals, submit prompts, or contact support; (b) automatically when you use the App, including via cookies, SDKs, and analytics tools; (c) from Third-Party Services you authorize (wearables, fitness platforms, social login providers); (d) from app stores (Apple, Google) regarding your subscription status.

4 Legal Bases for Processing (GDPR)

We process your personal data only when we have a lawful basis:

  • Providing the Services, including generating AI training programs and meal plans — Contract performance (Art. 6(1)(b)).
  • Processing health, biometric, and special-category data — Your explicit consent (Art. 9(2)(a)), which you may withdraw at any time.
  • Account management, billing, fraud prevention, security — Contract performance and legitimate interests (Art. 6(1)(b), (f)).
  • Service improvement, analytics, debugging — Legitimate interests (Art. 6(1)(f)).
  • Marketing communications (where applicable) — Your consent (Art. 6(1)(a)), revocable at any time.
  • Legal and regulatory compliance — Legal obligation (Art. 6(1)(c)).

By accepting this Agreement and completing onboarding, you provide explicit consent to the processing of your health, biometric, dietary, and injury-related data for the purpose of generating personalized training programs, meal plans, and AI insights, and for the related operation of the Services. You may withdraw this consent at any time by deleting your account; withdrawal does not affect the lawfulness of processing carried out before withdrawal.

5 Purposes of Processing

We use your personal data to: (a) create and manage your account; (b) generate personalized training programs, meal plans, AI insights, and recommendations; (c) calibrate programs to your goals, biometric data, and progress over time; (d) provide exercise demonstrations and instructional content; (e) sync data with connected wearables and platforms; (f) process subscriptions and payments via app stores; (g) send service-related notifications (workout reminders, milestones, recovery suggestions); (h) provide customer support; (i) detect, prevent, and address fraud, abuse, and security incidents; (j) analyze and improve the Services; (k) comply with legal obligations; (l) enforce this Agreement; (m) communicate with you about updates, features, and (with your consent) marketing.

6 AI Processing and Third-Party AI Providers

The Services rely on artificial intelligence to generate personalized programs and insights. To do so, we transmit your relevant context (which may include goals, training history, biometric inputs, dietary preferences, injury profile, and free-text prompts) to third-party AI providers such as Anthropic, OpenAI, and Google. These providers act as our data processors under contractual agreements that restrict their use of your data to providing the AI services to us. Where possible, we minimize the data sent and use pseudonymized identifiers.

We do not authorize these providers to use your personal data to train their general foundation models. This is contractually enforced through enterprise / no-training agreements with these providers, where available.

You acknowledge that AI processing inherently involves some level of probabilistic output. AI-generated content may contain inaccuracies. You are responsible for using your judgment when acting on AI outputs.

7 Automated Decision-Making

The AI in Trika produces personalized training and nutrition recommendations. These are decision-support outputs, not decisions with legal or similarly significant effects on you within the meaning of GDPR Article 22. You always retain full control: you can accept, edit, reject, or ignore any AI suggestion. If you wish to discuss any AI output, contact us at hello@seistech.es.

8 Data Sharing and Recipients

We share your personal data only as follows:

  • Service providers and processors acting on our behalf under written data processing agreements, including: cloud hosting (e.g., AWS, Google Cloud, or equivalent), AI providers (Anthropic, OpenAI, Google), analytics (e.g., privacy-preserving analytics SDKs), crash reporting, email delivery, customer support tools.
  • App stores (Apple, Google) for subscription processing.
  • Third-Party Services you authorize, only as needed to provide the integration.
  • Authorities and legal recipients where required by law, regulation, legal process, or governmental request, or to protect our rights, property, or safety, or that of our users or others.
  • In the event of a corporate transaction (merger, acquisition, financing, sale of assets, or insolvency), your data may be transferred to a successor or acquirer, subject to confidentiality safeguards and continued application of this Privacy Policy or a successor policy.

We do not sell your personal data. We do not share your personal data with advertisers for cross-context behavioral advertising. For CCPA/CPRA purposes, we do not “sell” or “share” personal information as those terms are defined under California law.

9 International Data Transfers

Your personal data may be processed in countries outside your country of residence, including the United States and other jurisdictions where our service providers operate. When we transfer personal data from the EEA, UK, or Switzerland to a country not deemed adequate by the European Commission or UK authorities, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, and supplementary technical and organizational measures. You may request a copy of these safeguards at hello@seistech.es.

10 Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy:

  • Active accounts: for as long as your account remains active.
  • Account deletion: upon deletion, data is marked for purge with a 30-day grace period in which you can recover the account. After the grace period, your personal data is permanently deleted from active systems and removed from backups in line with our backup rotation schedule.
  • Anonymized and aggregated data: may be retained indefinitely, as it cannot be reasonably re-identified.
  • Legal and accounting records: retained for the periods required by law (typically 6–10 years for invoicing and tax records).
  • Logs and security data: retained for limited periods (typically 30–180 days) for security and integrity purposes.

11 Your Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal data:

  • Access — Obtain a copy of the personal data we hold about you.
  • Rectification — Correct inaccurate or incomplete data.
  • Erasure (“right to be forgotten”) — Request deletion of your data.
  • Restriction of processing — Limit how we use your data.
  • Portability — Receive your data in a structured, machine-readable format (the App provides an in-app export function in CSV and JSON formats covering workout history, nutrition logs, body metrics, profile, and progress data).
  • Objection — Object to processing based on legitimate interests, including profiling.
  • Withdrawal of consent — Withdraw consent at any time without affecting prior processing.
  • Right not to be subject to automated decision-making — As described in Section 7.
  • Complaint — Lodge a complaint with your local supervisory authority. EEA users can find their authority at https://edpb.europa.eu. UK users can contact the ICO at https://ico.org.uk.

California residents (CCPA/CPRA) additionally have the rights to know, delete, correct, and limit the use of sensitive personal information. Brazilian residents (LGPD) have analogous rights under Articles 18–22 of the LGPD.

To exercise your rights, contact hello@seistech.es or use the in-App settings. We will respond within the timeframes required by law (typically 30 days, extendable where lawfully permitted). We may request identity verification before fulfilling certain requests.

12 Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Measures include: encryption in transit (TLS) and at rest, hashed and salted passwords, access controls and least-privilege principles, network and infrastructure security, monitoring and logging, secure software development practices, employee confidentiality obligations, and incident response procedures.

No system is perfectly secure. We cannot guarantee absolute security, and you use the Services at your own risk. If you become aware of any security issue, please contact hello@seistech.es. In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by law.

13 Children's Privacy

The Services are not intended for children under sixteen (16). We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us at hello@seistech.es and we will promptly delete it.

14 Cookies and Similar Technologies

The App uses limited local storage, SDKs, and identifiers necessary for its functioning (authentication, session management, crash reporting, performance analytics). Where non-essential identifiers are used (e.g., advertising identifiers, third-party analytics), we will request your consent as required by applicable law (including the ePrivacy framework in the EEA). You can manage tracking preferences through your device settings (iOS App Tracking Transparency, Android Privacy Sandbox) and through the App's privacy settings.

15 Marketing Communications

If you opt in to marketing communications, we may send you updates, product announcements, and tips. You can unsubscribe at any time by clicking the unsubscribe link in any marketing email or by adjusting your preferences in the App.

16 Health and Sensitive Data — Specific Acknowledgment

Explicit consent — health & sensitive data

By using the Services, you understand and explicitly consent that:

  • (a) The Services require the processing of health-related and biometric data, which is “special category” data under GDPR Article 9 and “sensitive personal information” under CCPA/CPRA and similar laws.
  • (b) This data is essential to generating personalized training and nutrition outputs; without it, the Services cannot function as intended.
  • (c) This data will be transmitted to third-party AI providers as data processors solely for generating outputs back to you.
  • (d) Despite our safeguards, transmitting health and biometric data over the internet carries inherent risk.
  • (e) You may withdraw this consent at any time by deleting your account, ceasing use of the Services, or contacting hello@seistech.es; this will not affect processing already carried out.

17 Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified through the App or by email at least 30 days before they take effect. The “Last Updated” date at the top reflects the most recent revision.

18 Contact

For any privacy-related question, request, or complaint, please contact: hello@seistech.es.

Acknowledgment

By tapping “I Agree”, creating an account, or using the Trika Services, you acknowledge that you have read, understood, and agreed to be bound by these Terms of Service and Privacy Policy, including the health and safety disclaimer in Section 8 of the Terms, and you explicitly consent to the processing of your health, biometric, and other special category data as described in Part II.

Trika
Privacy Terms
Built by SEIS Tech