Privacy Policy
Last updated: 18 May 2026
1. Who We Are
Maki Vici is operated by Review My Emails Ltd. We are the data controller for the personal data collected through this app. You can reach us at hello@makivici.com.
2. What Data We Collect
| Data | Why |
|---|---|
| Email address | Account login, password reset |
| Name | Display on leaderboards and profile |
| Age, gender, weight, height | Personalise water and nutrition goals |
| Exercise logs (push-up reps, duration) | Track progress, calculate XP |
| Water, protein, sleep logs | Habit tracking and Sortes earning |
| Wearable data (steps, calories) | Garmin sync via Validic (opt-in only) |
| IP address | Authentication security, abuse prevention |
We do not collect camera footage. The push-up camera runs entirely in your browser using on-device AI. No video is uploaded or stored.
3. Legal Basis (GDPR)
- Contract: We process your exercise and habit data to provide the service you signed up for.
- Consent: Wearable data sync is opt-in. You can disconnect at any time.
- Legitimate interest: We use aggregated, anonymised data to improve the app.
4. Where Your Data Is Stored
Your data is stored on servers in the United States (Vercel, Neon Postgres). Wearable data passes through Validic (US-based, HIPAA compliant). All connections use HTTPS encryption.
5. Data Retention
We keep your data for as long as your account is active. If you delete your account, we remove all personal data within 30 days. Anonymised, aggregated statistics (e.g. total push-ups across all users) may be retained indefinitely.
6. Sharing
We do not sell your data. We share data only with:
- Validic: If you connect a wearable device (Garmin).
- Vercel: Hosting and serverless functions.
- Neon: Database hosting.
We do not use your data for advertising or share it with ad networks.
7. Your Rights
Under GDPR, you have the right to:
- Access your data (request a copy)
- Correct inaccurate data
- Delete your account and all associated data
- Export your data in a machine-readable format
- Withdraw consent for wearable data sync
- Object to processing based on legitimate interest
To exercise any of these rights, email hello@makivici.com. We will respond within 30 days.
8. Cookies
We use a single session cookie for authentication. We do not use tracking cookies, analytics cookies, or third-party cookies. No cookie banner is needed because our sole cookie is strictly necessary for the service to function.
9. Children
Maki Vici is intended for users aged 13 and older. We do not knowingly collect data from children under 13. If you believe a child has created an account, contact us and we will delete it.
10. Changes
We may update this policy. Significant changes will be communicated in the app. The “last updated” date at the top reflects the most recent revision.