Privacy Policy

This policy describes personal data practices for the WellCell iOS app and the informational website at wellcell.app.

Links inside the app should point to policies on the same host; keep URLs aligned with App Store Connect fields.

For identity verification on privacy requests, email us preferably from the address associated with your WellCell account.

Account and authentication: email, name; optional coach contact fields; identifiers and session artefacts from Sign in with Apple or Google Sign-In where used.

Fitness and wellness: measurements, photos you upload, workouts and nutrition entries, onboarding answers — may be sensitive in some jurisdictions.

Device, logs and reliability: OS/app versions; automated crash/error reporting if enabled (must match your App Privacy disclosures).

Payments: Coach subscriptions are billed through the App Store; card data is not stored on WellCell servers. Apple is responsible for storefront billing data.

Optional marketing operates only with consent where required. If you do not run marketing emails, disclosures stay consistent with that posture.

App Privacy answers in App Store Connect (data collected, linked to identity, tracking, purposes, third parties) must align with real behavior and this policy.

Whenever you ship analytics, crashes, Health features, etc., declare exactly what runs in production.

Depending on jurisdiction, processing usually maps roughly as follows:

• Delivering accounts, subscriptions and features (performance of contract).
• Security and abuse prevention, integrity of the platform (legitimate interests or legal duty, proportionate).
• Product diagnostics and improvements (privacy-preserving aggregates where possible; disclosed if identifiable).
• Legal compliance and claims defense.
• Sensitive wellness data where expressly permitted and justified (including consent where applicable).

If you introduce marketing communications, configure separate consent channels and lawful bases.

We rely on vendors in roles such as:

• Hosted infrastructure, databases and backups.
• Edge delivery/security layers (CDN, mitigation).
• Authentication tooling and transactional email transport.

Apple: distribution, IAP subscriptions — subject to Apple's policies for data they process.

Google: only if Google Sign-In (or adjacent features) are enabled.

Marketing site hosting may generate technical logs linked in the Cookies policy.

Optional third-party content modules may evolve; impacts are surfaced in release notes or supplemental notices.

Retention is proportionate to service delivery, backups, audits and lawful obligations; restoration windows may extend removal slightly.

Account deletion / erasure requests

Email hi@wellcell.app with suggested subject line: “Data deletion request”.

1. Include the WellCell-associated email address and roles (coach / student).
2. List separate accounts distinctly if applicable.
3. We may throttle access while validating complex requests.

Typical acknowledgement mirrors our /contact guidelines (~2–5 business days) unless verification is unusually heavy.

You may pursue access, correction, deletion, restriction, objection, portability and complaints compatible with GDPR / KVKK frameworks.

Regional specifics apply; we cooperate with supervisory authorities.

WellCell targets adult coaches/clients and is not aimed at knowingly collecting information from children under 13 (or higher age where storefront rules dictate). Requirements appear in onboarding and storefront metadata.

Hosting may reside outside Türkiye; we use appropriate safeguards (SCCs, vendor safeguards) where mandated.

We apply layered access controls, encryption in transit, segmentation and monitored incident workflows.

We revise this notice from time to time; the revision date reflects changes. Material shifts may prompt in-product notice.

Questions: hi@wellcell.app.

Related documents:

• Terms of service
• Subscription summary (coaches)
• Cookie policy