Legal

Crucible Privacy Policy

Last updated: May 8, 2026

Overview

Crucible is a powerlifting training platform developed by Crucible Labs LLC. The platform has two products: the iOS app for athletes (local-first; your training history lives on your device) and the web-based coach dashboard (server-backed; coaches need a remote roster to operate). This policy covers both. The principle across both products is the same: we collect what the product needs to function, nothing more, and we tell you exactly what leaves your device.

If you only use the iOS app, almost everything in this document falls under the “iOS App” sections below. If you are signed in as a coach on the web dashboard, the “Coach Product” sections also apply.

iOS App: Data Stored on Your Device

All training data you create or log on the iOS app (blocks, training days, exercises, logged sets, RPEs, loads, personal records, and progress) is stored locally on your device using Apple's SwiftData framework. This data is not transmitted to any server unless you explicitly use the import or coach-redemption features described below.

iOS App: Spreadsheet Import & AI Normalization

When you import a coach-delivered training spreadsheet (XLSX, CSV, or Google Sheets URL), the app sends the spreadsheet contents to a Crucible-managed backend, which forwards them to Anthropic's API for normalization into Crucible Block Language (CBL). The data sent includes the structural layout (headers, row layout), exercise names, prescribed sets, reps, RPE, load values, and any text the coach included in the spreadsheet (which may contain your name or other coach-authored notes).

Imports that use Crucible's native template format (see Blacksmith) are processed entirely on your device with no network calls. No data is sent to Anthropic or to our backend in that path.

For non-native imports, results are cached server-side under a content hash so that re-importing the same spreadsheet does not re-bill Anthropic. The cache stores the normalized output (CBL text plus stage telemetry) and is keyed only by the spreadsheet hash plus weight unit; it does not associate the spreadsheet with your identity, device, or any account.

iOS App: Import Failure Reports

When a spreadsheet import fails (parsing error, AI normalization failure, or a layout the pipeline cannot handle), the app may submit a failure report to Crucible Labs so we can diagnose and fix the issue. This report includes:

Failure reports are accessed only by Crucible Labs staff for product debugging. They are retained while the underlying issue is being triaged and resolved. We do not link failure reports to any account or identifier beyond the in-app submission. If your spreadsheet contains personal information (names, email addresses), that information is included in the upload because the spreadsheet itself is what we need to debug the import. If you prefer not to share the spreadsheet, the in-app prompt lets you decline submission.

iOS App: Device Verification (App Attest)

On iOS Release builds, the app uses Apple's App Attest framework to verify that requests to our backend originate from an authentic, unmodified copy of Crucible. This is an anti-abuse measure that protects our AI spend cap from automated abuse. App Attest produces a device-bound key pair managed by Apple; we store the resulting key id and attestation counter on our backend. We do not receive your Apple ID, hardware serial number, or device location through this mechanism.

iOS App: In-App Purchases

In-app purchases (Crucible Pro, monthly or annual) are handled entirely by Apple through StoreKit. Crucible does not collect, process, or store any payment information. Apple provides us with an anonymous receipt that confirms entitlement; that is the full extent of the transaction data we see.

Coach Product: Account Creation

Coaches sign in to the web dashboard using Google OAuth via Supabase Auth. We receive your email address, display name (as listed on your Google profile), and a Supabase-issued user identifier. You can edit your display name and add an optional business name from the coach settings page. We do not receive any other Google profile data.

Coach session cookies are first-party (set by our own domain) and are used only to maintain your signed-in session on the dashboard. We do not use cookies for tracking, advertising, or third-party integrations.

Coach Product: Athlete Slots & Program Delivery

Coaches create athlete slots to deliver programs. Each slot has a unique token, a redeem URL, an iOS deep link, an athlete label (a name or note the coach picks), and the program itself stored as plain-text CBL. Slot data lives in our Supabase Postgres database under strict per-coach access control: a coach can only read or modify slots they own.

When an athlete redeems a slot (by tapping the iOS deep link or visiting the redeem URL), the slot is marked as redeemed and the program payload is delivered to the athlete's device. The athlete's device may optionally identify itself with a hashed device token so the coach can see which device picked up the link; this token is a one-way hash and cannot be reversed to identify the device or its owner.

Coaches can revoke or expire slots at any time. Revoked slots are terminal: the redeem URL becomes inactive immediately and cannot be reactivated.

Coach Product: Coach-Pushed Program Updates

After an athlete redeems a slot, a coach can push program updates without re-sending a new link. Pushed updates are stored on the slot row and surface on the athlete's device as a pending update. The athlete chooses to accept or decline each update. Every push is also appended to an immutable audit log (push history) so the coach can see what changed and when. Push history is per-slot and visible only to the slot's owning coach.

Coach Product: Athlete Logged Sets

When an athlete logs sets on the iOS app for a block they received via a coach slot, those logged sets sync to our Supabase database in the background. The coach who owns the slot can read the logged sets through the coach dashboard's analytics surfaces (e.g., RPE deltas, adherence ranking, tonnage sparklines, strength gains, the per-athlete Hall of Fame). Athletes who import a block from any source other than a coach slot do not sync logged sets to our backend; that data stays on the device.

Coach Product: 1RM Tracking

Coaches can record one-rep-max (1RM) entries for each of their athletes (squat, bench, deadlift, plus alias variants the coach configures). 1RM entries are stored per-athlete and visible only to the slot's owning coach. They are surfaced on the athlete detail page and merged into Hall of Fame analytics.

Coach Product: Templates & Settings

Coaches can save reusable program templates (CBL text plus a name) and configure per-coach settings (display name, business name, competition-lift aliases, weight unit preference). These are stored in our Supabase database under per-coach access control.

Waitlist

The home page waitlist form collects an email address, an optional name, an optional message, and an optional spreadsheet sample. This data is stored in our Supabase database for the purpose of contacting you about Crucible launches and product updates. The form is protected by Cloudflare Turnstile, an invisible CAPTCHA service that does not set third-party cookies and does not track users across sites. Submissions are rate-limited per IP address; we store a one-way hash of your IP for that purpose, never the IP itself.

Rate Limiting & Abuse Prevention

To protect the platform and our AI cost budget from abuse, we apply rate limits to most API endpoints. Limit counters live in Upstash Redis (an in-memory key-value store) and are keyed by a one-way SHA-256 hash of the client IP plus, where applicable, a per-coach or per-device identifier. We do not store unhashed IPs for rate-limit purposes. The current month's aggregate Anthropic spend is also tracked in Redis for budget enforcement.

Operational Telemetry

We record operational telemetry for the spreadsheet normalization pipeline and the rate-limit layer (per-stage timing, model used, cost per import, cache hit ratio, rate-limit events). This telemetry contains no spreadsheet contents, no athlete-specific identifiers beyond the hashed device token described above, and no personal information. It is used to monitor cost, debug regressions, and inform product decisions. Telemetry is accessed only by Crucible Labs staff via an internal admin dashboard.

Staff Access

A small set of Crucible Labs staff has elevated access to an internal admin dashboard for product operations. This includes the ability to triage import-failure reports, monitor platform health, view aggregate cost dashboards, and inspect rate-limit events. Staff access does not include the ability to read coach-owned data (athlete slots, logged sets, 1RMs, push history) outside of operational debugging contexts. We do not sell, rent, or share any user data with third parties.

Hosting & Infrastructure

Crucible's web platform and APIs are hosted on Vercel. Coach-product data and waitlist entries are stored in Supabase Postgres in the United States (region: iad1). Rate-limit counters and budget tracking live in Upstash Redis (region: iad1). Import-failure attachments are stored in a private Supabase Storage bucket. Vercel and Supabase may log request metadata (timestamps, IPs, request paths) as part of operational logging; this is standard infrastructure logging and is not used by Crucible for any analytics or tracking purpose.

Analytics & Tracking

Crucible does not use any third-party analytics frameworks, advertising SDKs, or cross-site tracking tools. We do not run Google Analytics, Mixpanel, Segment, Amplitude, Facebook Pixel, or any equivalent service. The only product-side data collection is the operational telemetry described above.

Data Retention & Your Rights

On the iOS app, all training data is yours and stays on your device. You can export your training history as CSV at any time via the in-app export feature; exported files are generated locally and shared via the iOS share sheet. You can delete a block (and its logged sets) at any time from inside the app.

For coach-product data: revoking a slot makes its redeem URL inactive but retains the program payload and push history for audit purposes. To request deletion of your coach account or any data Crucible holds about you, email hello@cruciblelabs.app. We will action requests within a reasonable time and confirm completion.

Waitlist entries are retained until you ask us to remove them or until we close the waitlist program. Import-failure reports are retained while the underlying issue is being triaged. We are working toward automated retention windows for older operational telemetry (pipeline runs, events, push history) but do not currently auto-delete these tables.

Third-Party Services

Children's Privacy

Crucible is not directed at children under 13 and does not knowingly collect data from children. If you believe we have inadvertently collected information from a child, contact us and we will delete it.

Changes to This Policy

If this policy changes materially, the updated version will be posted at this URL with a revised “Last updated” date. Where appropriate, we will notify active coach accounts by email.

Contact

Questions, deletion requests, or anything else: reach out at hello@cruciblelabs.app.