The Core

Privacy Policy

The Core (“the App”) is operated by GYM Rewards, LLC (“we”, “us”). This policy explains what we collect, how we use it, and the choices you have. By using the App you agree to this policy.

1. Information we collect

• Account information. When you create an account we collect your email address and a securely hashed password, or — if you use Sign in with Apple — the unique identifier Apple provides and the email you choose to share (which may be Apple’s private relay address).
• Business & workspace data. Information you provide so your AI agents can work: your business description and goals, notes and documents you add to memory, tasks, schedules, automations, and the outputs (“deliverables”) your agents produce.
• Connected accounts. If you connect a third‑party service (e.g. email or social platforms), we store the access tokens needed to act on your behalf. We never see your passwords for those services.
• Device sensors (only with your permission). Location (for arrival/speed automations), microphone (for voice commands), and camera (for the optional “stationed” monitor). Speed/scene detection runs on your device; we don’t receive a continuous stream.
• Usage & diagnostics. Basic logs needed to run and secure the service.

2. How we use it

• To provide the App: run your agents, store your workspace, and deliver results.
• To authenticate you and keep your account secure.
• To send transactional email (e.g. confirmation and password‑reset links).
• To improve reliability and prevent abuse.

We do not sell your personal information, and we do not use your business content to train third‑party foundation models.

3. Voice & speech

Spoken commands are transcribed using Apple’s on‑device/Speech framework. The “Hey Jarvi” wake word is processed locally while the App is open. Jarvi’s spoken replies use the system text‑to‑speech voice on your device.

4. Service providers

We share data only with providers that help us operate the App, under contract and only as needed:

• AI model provider — processes your prompts to generate plans and actions.
• Email delivery (Resend) — sends confirmation and reset emails.
• Cloud hosting — runs our backend and database.
• Connected platforms you authorize — receive only the actions you approve (e.g. a post you publish).

5. Data retention & deletion

We keep your data while your account is active. You can delete your account at any time, which permanently removes your workspace data. Contact us if you need help.

6. Your rights

You can access, correct, export, or delete your data. Depending on where you live, you may have additional rights under laws such as the GDPR or CCPA. To exercise them, contact us.

7. Security

We use encryption in transit (HTTPS), hashed passwords, and scoped access tokens. No method is perfectly secure, but we work to protect your information.

8. Children

The App is not directed to children under 13, and we do not knowingly collect their information.

9. Changes

We may update this policy; we’ll revise the “Last updated” date above and, for material changes, notify you in the App.