Privacy Policy

Last updated: June 22, 2026

Epoch AI ("we", "us", or "our") operates the Epoch mobile application. This Privacy Policy explains how we collect, use, and protect your information when you use our app.

1. Information We Collect

We collect information you provide directly:

We also collect limited data automatically:

2. How We Use Your Information

3. Third-Party Services

We use the following third-party services, each governed by their own privacy policies:

4. Direct Messages & End-to-End Encryption

Direct messages (DMs) between users are end-to-end encrypted using ECDH P-256 key exchange and AES-GCM 256-bit encryption. This means only you and the person you are messaging can read your messages — we cannot decrypt them. Your private encryption key is stored only on your device and is never transmitted to our servers. Group chat messages use the same encryption protocol with a shared group key wrapped per member.

Messages are stored encrypted on our servers solely to enable delivery to other devices. You can delete individual messages or clear a conversation at any time.

5. In-App Support Chat

The app includes a support chat feature that lets you send messages directly to the Epoch support team. Messages sent through support chat are not end-to-end encrypted and may be read by Epoch staff for the purpose of resolving your support request. We do not share these messages with third parties. You can also reach us by email at [email protected].

6. Data Storage & Security

Your data is stored on Supabase infrastructure. All data is encrypted in transit (HTTPS/TLS). Sensitive data such as session tokens are stored in encrypted storage on your device. We implement row-level security so users can only access their own data. Encryption keys for E2E messages never leave your device.

7. User Content & Community

Posts, workout shares, and meal shares you publish to the Community feed are visible to other Epoch users. You can delete your own posts at any time. Profile privacy settings allow you to control what information is visible to others. You may block other users, which prevents them from viewing your profile or contacting you. You may report content or users that violate our Terms of Service; reports are reviewed by our team.

8. Data Retention & Deletion

You can delete your account at any time from the Settings screen in the app. Account deletion permanently removes your profile, fitness data, and user content from our systems within 30 days.

To delete your account: open the Epoch app → Settings → scroll to the bottom → tap "Delete Account" → confirm. All personal data including your profile, workout logs, nutrition logs, progress photos, and community posts will be permanently erased within 30 days. Some anonymised, aggregated data may be retained for service improvement.

9. Children's Privacy

Epoch is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at [email protected].

10. Your Rights

Depending on your location, you may have rights to access, correct, or delete your personal data, or to object to certain processing. To exercise these rights, contact us at [email protected].

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or by email. Continued use of Epoch after changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related questions, contact us at [email protected].


© 2026 Epoch AI · Terms of Service