Privacy Policy

CALLUS is a men's health optimization app operated by Berserk Lab ("Berserk Lab," "we," "us," or "our"). This Privacy Policy explains what we collect, how we use it, and the rights you have over your data.

We built CALLUS for a simple reason: men deserve a single place to track training, recovery, nutrition, and biomarkers without leaking their most personal health data to advertisers. That principle drives every decision in this policy.

If any part of this document is unclear, email us at alex@proscalz.com and a human will answer.

We collect the minimum information required to run the app and generate your personalized protocol. Specifically:

• Account data: email address, password hash, and (optionally) your first name.
• Profile data: date of birth (used only to enforce our 18+ age gate and to calibrate protocols), biological sex, height, weight, and training history.
• Goals and commitments: the goals, "fighting for" statements, and journal entries you write inside the app.
• Quiz responses: the answers you submit to our onboarding quiz, including lifestyle, symptom, and habit questions.
• Device and session data: basic technical information (IP address, browser, device type) used for authentication and security.

We do not knowingly collect Social Security numbers, government ID numbers, payment card numbers (V1 is free), or any special categories of data beyond what is listed in this policy.

To generate your protocol, track adherence, and measure progress, we collect health-related information that you provide or authorize us to sync:

• Health metrics: heart rate, heart rate variability (HRV), resting heart rate, sleep stages, sleep duration, workouts, steps, active energy, and body measurements.
• Workout and training logs: exercises, sets, reps, load, duration, and voice-dictated notes you record inside CALLUS.
• Nutrition logs: photos of meals, Claude-parsed descriptions, and macronutrient estimates.
• Biomarkers: lab values you choose to enter (e.g., testosterone, cortisol, CBC panels) so our AI coach can contextualize your protocol.
• User-generated health content: journal entries, coach conversations, symptom descriptions, and any free-text health notes.

You control what you share. Nothing is pulled from your devices or wearables without your explicit authorization, and every category above can be disabled individually in Settings.

The CALLUS iOS companion app can read data from Apple HealthKit with your permission. When you grant access, we may read the following metrics so we can personalize your protocol and compute your recovery and readiness scores:

• Heart Rate Variability (HRV) — the primary input for your daily Recovery score.
• Resting Heart Rate (RHR) — trended alongside HRV to flag overtraining and illness.
• Sleep analysis (stages, in-bed, total duration) — used to compute your Sleep score.
• Steps and daily movement.
• Active energy and total energy burned.
• VO2 Max — displayed in Trends as a long-run cardio-fitness marker.
• Workouts — exercise type, duration, heart-rate zones, pace or power where available.
• Body mass, height, and biological sex — used only to calibrate thresholds (e.g. BMR, strain caps).

Why we read this data: it is the raw material for the Core Four — the personalized protocol, Daily Summary, Morning Directive, and Weekly/30-day progress review. Without it, the app can't honestly tell you whether you're recovered, overreaching, or drifting from your goal.

Where it is stored: inside your private row on our Supabase backend, under a Postgres Row-Level Security policy that allows only you to read or write it. Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). It is never sold, never shared with advertisers, and never shared with any third party for their own marketing.

Apple HealthKit attestations — binding commitments under Apple's HealthKit terms:

• We will NOT use or disclose HealthKit data for advertising or other use-based data-mining purposes other than improving health, medical, and fitness management or for the purpose of health research.
• We will NOT sell HealthKit data to any third party — including advertising platforms, data brokers, or information resellers.
• We will NOT share HealthKit data with a third party for that third party's own marketing or advertising.
• We will NOT disclose HealthKit data to any third party without your authorization, except as required by law.
• We will NOT use HealthKit data for any purpose unrelated to providing health, fitness, and training functionality inside CALLUS for you.

How to revoke access at any time:

• iOS system control: Settings > Privacy & Security > Health > CALLUS — toggle off any category, or "Turn Off All."
• In-app control: inside CALLUS, open /health-connect to see which categories are authorized, disconnect specific ones, or disconnect HealthKit entirely. The toggle takes effect immediately.

Revoking access stops future syncs. Previously synced data stays in your CALLUS account until you delete it (see "Data Deletion" below). To delete all HealthKit-derived data plus your account in one step, email alex@proscalz.com with the subject "Delete My Account" — we will complete the request within 7 days and confirm in writing.

HealthKit access is read-only. CALLUS does not write data back into your Apple Health app in V1.

We collect information in four ways:

1. Direct input: the quiz, journal, food logs, workout logs, voice entries, and biomarker entries you type or dictate into the app.
2. Device integrations: data read from Apple HealthKit (iOS app) or other wearables you connect, subject to your explicit consent.
3. Automatic: standard server logs (IP, user agent, timestamps) that every web app produces for authentication and security.
4. Cookies and similar tech: a first-party session cookie from our auth provider (Supabase) and, if you opt in, anonymized product-analytics events via PostHog.

We do not use third-party advertising cookies, cross-site trackers, session-replay sold to data brokers, or fingerprinting.

We use your information to run CALLUS, make it work better for you, and keep it secure. Specifically:

• Generate and update your personalized protocol based on your goals, biomarkers, and training data.
• Power the AI coach conversations — so it can answer your questions with your full context, not a generic response.
• Track adherence, compute progress metrics, and send you weekly/30-day summaries.
• Send adherence reminders, missed-workout nudges, and other in-app notifications you enable.
• Detect fraud, abuse, and security incidents.
• Debug crashes, fix broken flows, and improve the product.
• Respond to your support requests.

What we do NOT do with your data:

• We do NOT use your data for advertising.
• We do NOT sell your data to any third party, ever.
• We do NOT share your data with data brokers, advertisers, or ad networks.
• We do NOT train third-party AI models on your personal data without consent.
• We do NOT use your HealthKit or health data for any purpose other than running the app for you.

We use a small number of vetted service providers ("processors") to actually run CALLUS. Each one is bound by a data-processing agreement that forbids them from using your data for their own purposes. They are processors, not sellers.

• Supabase (supabase.com): our database, authentication, and file storage provider. Stores all app data with encryption at rest. US/EU regions.
• Vercel (vercel.com): our hosting provider. Serves the web app and runs server-side functions. Logs minimal request metadata.
• Anthropic (anthropic.com) via Vercel AI Gateway: processes AI coach messages, protocol generations, and parsed food/workout logs. Per our agreement and Anthropic's data policy, prompts and responses routed through the Gateway are not used to train Anthropic's models.
• Apple HealthKit: a data source on iOS — we read what you authorize. Apple is not a processor; HealthKit data flows from your device to our Supabase backend with your consent.
• PostHog (posthog.com): optional, anonymized product analytics. Off by default for sensitive fields. You can opt out entirely in Settings > Privacy.
• RevenueCat (revenuecat.com): subscription state and entitlement management for the iOS app. Receives Apple's anonymized transaction identifier and your CALLUS user ID so we can grant or revoke Pro features. Never receives health data, journal content, AI conversations, or biomarkers.

Future processors we have NOT yet integrated (V1): ElevenLabs (text-to-speech), Klaviyo (email). We'll update this policy and notify you before they go live.

We will never add a processor that buys or sells personal data as its business model.

If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data under the following GDPR legal bases:

• Contract: to provide the CALLUS service you signed up for.
• Consent: for health data, HealthKit integration, optional analytics, and marketing emails. You can withdraw consent at any time.
• Legitimate interests: for security, fraud prevention, and service improvement, where not overridden by your rights.
• Legal obligation: where we must comply with applicable law.

You are not required to share health data to use the account shell — but note that without health inputs the protocol and coach cannot personalize anything meaningful.

You have the following rights over your data, regardless of where you live:

• Access: request a copy of the personal data we hold about you.
• Correction: fix anything that's inaccurate.
• Deletion: delete your account and all associated data.
• Export (data portability): download your data in a machine-readable format (JSON).
• Restriction: ask us to pause processing in certain circumstances.
• Objection: object to processing based on legitimate interests.
• Withdraw consent: revoke any consent you've given (e.g., HealthKit, analytics) at any time.

To exercise any of these rights, go to Settings > Privacy inside the app, or email alex@proscalz.com. We respond within 30 days (often same-week).

If you're in California, Colorado, Connecticut, Virginia, Utah, or any other state with a comprehensive privacy law, you have these same rights plus any additional ones your state grants. California residents specifically have CCPA/CPRA rights, including the right to know, delete, correct, limit use of sensitive personal information, and opt out of "sale" or "sharing." We do not sell or share your personal information as those terms are defined under the CCPA.

We retain your data for as long as your account is active. When you request deletion:

• A 30-day soft-delete period begins during which the account is disabled but recoverable (in case you change your mind or hit the button by accident).
• After 30 days, your account, profile, health data, journal entries, coach conversations, and HealthKit-derived data are permanently removed from our primary database.
• Residual copies in encrypted backups roll off within a further 90 days on the standard backup cycle.
• Anonymized, aggregated usage metrics that cannot be linked back to you may be retained indefinitely for product analytics.

We may retain minimal records longer if required by law (e.g., tax or fraud investigations).

We apply industry-standard safeguards to protect your data:

• Encryption in transit: all traffic is encrypted with TLS 1.2 or higher.
• Encryption at rest: Supabase-managed AES-256 encryption on all database tables, storage buckets, and backups.
• Row-Level Security (RLS): every table that holds user data has Postgres RLS policies enforcing that a user can only read and write their own rows. This is not a frontend check — it's enforced inside the database.
• Auth: passwords are hashed with bcrypt; sessions are HttpOnly, Secure, SameSite cookies.
• Audit logs: sensitive actions (login, password change, deletion request, HealthKit grant) are logged.
• Least privilege: only Alex Pyszczak (founder) and designated engineers with signed confidentiality agreements have production access, and access is scoped by role.
• Vulnerability management: we monitor dependencies, apply security patches promptly, and respond to reported issues at alex@proscalz.com.

No system is 100% secure. If we ever experience a breach that affects your personal data, we will notify you and relevant regulators as required by law, and we will not attempt to minimize or bury it.

CALLUS is a 18+ product only. We do not knowingly collect personal information from anyone under 18. If we learn that we've collected data from a minor, we delete it immediately.

If you believe a minor has created a CALLUS account, contact us at alex@proscalz.com and we will remove the account promptly.

Berserk Lab is based in the United States. When you use CALLUS from outside the US, your data is transferred to and processed in the United States.

For EU/UK/Swiss users, transfers happen under Standard Contractual Clauses (SCCs) or other approved transfer mechanisms through our processors (Supabase, Vercel, Anthropic), each of which offers equivalent safeguards.

You can contact our EU representative by emailing alex@proscalz.com with "EU Representative Request" in the subject line.

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have:

• The right to know what personal information we collect, use, disclose, and (if applicable) sell.
• The right to delete personal information we have collected.
• The right to correct inaccurate personal information.
• The right to limit use and disclosure of sensitive personal information.
• The right to opt out of "sale" or "sharing" of personal information.
• The right to non-discrimination for exercising any of these rights.

We do not sell or share personal information (as defined by the CCPA/CPRA). We do collect sensitive personal information (health data) — but only to provide the service you signed up for. We do not use or disclose it for any secondary purpose.

To exercise your California rights, email alex@proscalz.com or use the in-app Settings > Privacy > Delete My Data flow.

CALLUS uses a minimal set of cookies and local storage items:

• Auth session cookie (first-party, HttpOnly, required): keeps you signed in. Managed by Supabase.
• CSRF token: protects against cross-site request forgery on sensitive forms.
• PostHog analytics cookie (optional, first-party): only set if you opt in to analytics. Anonymized, does not contain email or health data.
• Local storage / IndexedDB: transient UI state and offline queue for logs when your connection drops.

We do not use third-party advertising cookies, Facebook Pixel, Google Ads tags, cross-site trackers, or retargeting pixels inside the authenticated app.

You can clear cookies in your browser at any time; you will be signed out.

We may update this Privacy Policy as CALLUS evolves. When we make a material change — for example, adding a new processor, expanding what data we collect, or changing how long we keep it — we will:

1. Email every registered user at least 14 days before the change takes effect.
2. Show an in-app banner on your next sign-in after the change.
3. Update the "Effective Date" at the top of this page.

Minor clarifications (fixing a typo, reorganizing a section) may be made without notice, but the Effective Date will always reflect the last update.

An archived copy of prior versions is available on request at alex@proscalz.com.

Privacy questions, data requests, or complaints — email us directly:

alex@proscalz.com

Berserk Lab Founder: Alex Pyszczak Operating name: Berserk Lab App: CALLUS (callus.berserklab.com)

If you have a complaint you believe we haven't adequately addressed, EU/UK residents may lodge a complaint with their local data-protection authority. California residents may file a complaint with the California Attorney General's office.