IronRated — Privacy Policy
Effective date: to be filled in on publication Last updated: to be filled in on publication
This document explains what IronRated collects, why, who else sees it, how long we keep it, and how you remove it. Plain English. If something here is unclear, email us at the address in §10 and we'll fix the wording.
1. Who we are
IronRated is an iOS app for community-driven supplement, energy-drink, and gym-food reviews. It's built and operated by Philip Napolitano and Vinny — independent indie developers, not a registered company. Contact details in §10.
When this policy says "we", "us", or "IronRated", it means the two of us. When it says "you", it means the person using the app.
2. What we collect (and only what we collect)
You don't have to give us anything to install the app. You only give us data when you sign up. We collect:
| Category | What it is | Why we collect it |
|---|---|---|
| Email address | Provided when you sign in. With Sign in with Apple this can be Apple's relay email — we accept either. | To identify your account, send password resets, send important account notices. |
| Display name + handle | Public profile fields you choose during sign-up. | Shown on your reviews + the leaderboard. |
| Reviews | Star rating, sub-ratings (taste / effectiveness / value), comments, would-buy-again flag, optional store name, optional flavor. | This is the app's core feature — what you write is what other lifters see. |
| Photos | Up to 3 per review, plus an optional avatar. We strip EXIF metadata on upload — your phone's location, model, and timestamp don't ride along. | So your reviews aren't just text. |
| Votes + follows | Up/down votes on other people's reviews, and who you choose to follow. | Drives the leaderboard ranking and your "friends feed". |
| Device model + iOS version | Only when you tap "Report a Bug" or "Suggest a Feature" in Settings. | So we can reproduce the bug. We don't pull this passively. |
| Crash reports | Generated by Apple's Crash Organizer when the app crashes. | Required for us to fix the crash. |
We do not collect: your location, your contacts, your photo library beyond the ones you upload, your health/fitness data, your device's unique advertising identifier (IDFA), any analytics about how you tap around the app, or anything else not in the table above.
3. Sign in with Apple
We support Sign in with Apple as the primary sign-in. If you use it and pick "Hide my email", Apple gives us a private relay address (...@privaterelay.appleid.com). We treat that exactly like a regular email — it's only used for account-related messages, never marketing.
We also support email-and-password as a fallback. Passwords are hashed by our auth provider (Supabase, see §4) and we never see them in plaintext.
4. Third parties we use
IronRated runs on top of a handful of vendor services. They process data on our behalf and only for the purpose listed.
| Vendor | What they see | Why |
|---|---|---|
| Supabase | Everything — they host our database, file storage, and authentication. | Backend infrastructure. Hosted in the United States. |
| Apple | Apple ID identifiers when you Sign in with Apple. Crash reports if you opt-in to share them in iOS Settings. | Authentication + crash reporting. |
| OpenAI | Just the text of your review (no name, no email, no account ID) when we run moderation on submitted reviews. | We use OpenAI's text-moderation API to flag review content that violates our community rules (hate, harassment, illegal content). |
| Hive Moderation | Just the photo bytes (no metadata) when you upload a review photo or avatar. | We use Hive to flag NSFW imagery before it goes live. |
| Anthropic | Photos + product name when an admin uses the auto-fill feature to add a new product to the catalog. | We use Anthropic's Claude to extract nutrition info from product label photos. |
These vendors are bound by their own privacy policies and by contracts that prohibit them from using your data for their own purposes. They do not get to train models on your reviews, your photos, or your account data.
We never sell your data. We never share it with advertisers. We have no advertising on IronRated.
5. Children
IronRated is intended for users age 13 and older. We don't knowingly collect data from anyone under 13. If you're a parent or guardian and you think your child has signed up, email us and we'll delete the account.
We don't have a separate "kids mode" because community-review apps inherently include user-generated content that we can't pre-filter for younger users. This is why the App Store age rating for IronRated is 17+.
6. How long we keep it
| Data | Retention |
|---|---|
| Account profile (email, handle, display name) | Until you delete your account. |
| Reviews, photos, votes, follows | Until you delete the review/photo/vote/follow, or your account. |
| Soft-deleted content | 30 days, then permanently purged. This grace window exists so you can change your mind. |
| Audit log (admin actions, moderation decisions) | Retained indefinitely for community-trust reasons. Tied only to the admin actor, not to you. |
| Anonymized post-deletion records | Records that refer to you (e.g. a vote you cast on someone else's review) keep your user reference set to NULL after account deletion. Your identity is gone; the vote count it contributed to remains. |
7. Deleting your account
In the app: Settings → Account → Delete Account. The flow soft-deletes your profile and all your reviews/photos/votes/follows immediately — they vanish from every other user's view. After 30 days, our weekly purge job hard-deletes the underlying rows and the photo files. After that, recovery is no longer possible.
You can also email us at the address in §10 and we'll do it manually.
GDPR / CCPA: if you're in the EU, UK, or California and have the right to request a data export or correction, email us at the address in §10. We'll respond within 30 days.
8. Security
- Photos are stripped of EXIF metadata before storage.
- All traffic between your phone and our servers uses TLS (HTTPS).
- Authentication tokens are stored in the iOS Keychain.
- Admin actions are append-only audit-logged.
- Rate limits cap how fast any one account can create reviews, votes, follows, or product submissions — we use these to detect and stop abuse.
We do our best, but no system is perfectly secure. If you spot a security issue, please email the address in §10 before disclosing it publicly.
9. Changes to this policy
If we change anything material, we'll update the Last updated date at the top and surface a notice inside the app before the change takes effect. If you don't agree with the new version, you can delete your account before it kicks in.
10. Contact
For privacy questions, data requests, account deletion help, or security disclosures:
📧 privacy@ironrated.app
(If you're on iOS and want this email pre-filled, Settings → Account → Contact Support opens it for you.)
IronRated is an independent project. We're two people. We don't have a privacy team — Philip handles every email personally.