IsoTimer

Privacy Policy

Effective date: May 21, 2026 · Last updated: May 21, 2026

Short version. IsoTimer is designed to keep your data on your phone. Audio from your microphone, the voice cues it detects, heart-rate data from Bluetooth monitors, and your session history are all processed and stored locally on your device. We do not operate a server that collects, stores, or analyzes any of it.

1Who this policy applies to

This Privacy Policy describes how IsoTimer (the “app”, “we”, “us”) handles information when you use the IsoTimer mobile application on iOS or Android. It applies to everyone who installs or uses the app.

IsoTimer is published by Spicy Ginger Labs LLC (“the publisher”). If you have questions, contact us at spicy.ginger.labs@gmail.com.

2On-device by design

IsoTimer is a voice-controlled fitness app. It tracks isometric holds — deadhangs, planks, wall sits, and similar exercises — and lets you start and stop the timer hands-free with your voice. If you have paired one, it can also read heart-rate data from a Bluetooth heart-rate monitor.

All of that processing happens on your phone:

Microphone audio is captured only while voice control is active. It is analyzed in memory on your device to detect your start and stop cue. Raw audio is never written to disk and never leaves your phone.
Detected pitch and voice features are used in real time to recognize your cue and drive the timer. They are not transmitted off the device.
Heart-rate data from a paired Bluetooth monitor is read directly from the device using the standard Bluetooth Heart Rate profile (0x180D). It is shown to you during a hold and summarized afterwards. It is not transmitted off your phone.
Session history, activities, notes, settings, and your voice calibration profile are stored locally on your phone in a local database (Hive), inside your app’s private storage.

We do not operate a backend server that receives your audio, your voice data, your heart-rate data, or your session history.

3Permissions we request

Microphone

Required for hands-free use. The microphone is used only on the timer screen while voice control is enabled, so the app can hear your start and stop cue. When you leave the timer screen, or turn voice control off, microphone capture stops. You can revoke microphone access at any time in your operating system’s settings; if you do, you can still start and stop holds by touch.

Bluetooth

Optional. Used only if you choose to pair a Bluetooth heart-rate monitor (for example, a Polar or Garmin chest strap, or a Whoop strap in broadcast mode). The app scans for, and connects to, devices that advertise the standard heart-rate profile. It does not use Bluetooth for anything else.

WHOOP is a trademark of WHOOP, Inc.; Polar, Garmin, and other vendor names are trademarks of their respective owners. IsoTimer is not affiliated with, endorsed by, or sponsored by WHOOP, Inc. or any other hardware vendor. The app reads heart-rate data only over the standard Bluetooth Heart Rate profile (0x180D); it does not connect to any vendor’s cloud API, your vendor account, or any vendor server, and it does not receive any data from a vendor’s servers.

Location

On Android 11 and earlier, the operating system’s Bluetooth-scanning API required apps to hold location permission, so IsoTimer requests it on those versions solely to scan for your heart-rate monitor. On Android 12 and later, IsoTimer declares its Bluetooth scan with the “never for location” flag and does not request location permission at all. In every case, IsoTimer does not read, use, store, or transmit your location.

4What we do not collect

We do not collect or upload your voice or any recorded audio.
We do not collect or upload your heart-rate data.
We do not collect or upload your session history.
We do not require an account, email address, phone number, or login.
We do not use third-party analytics SDKs (for example, Google Analytics, Firebase Analytics, Mixpanel, Amplitude) in the shipped app.
We do not use advertising or ad-tracking SDKs. The app shows no ads.
We do not sell, rent, or share personal information with data brokers. We have none to sell.
We do not use your data to train machine-learning models.

5Crash reports and diagnostics

If you have enabled device-level crash reporting or analytics sharing in your iOS or Android settings, the operating system may send anonymized crash and performance information to Apple or Google on our behalf. We do not attach any personal identifiers or session content to these reports. You can turn this off in your device settings (iOS: Settings → Privacy & Security → Analytics & Improvements; Android: Settings → Google → Usage & diagnostics).

6Backup and export

You own your data. IsoTimer gives you two ways to move your data off the app, both initiated by you:

CSV export. From the app’s data settings you can export your session history as a spreadsheet-friendly CSV file.
JSON backup and restore. You can export a single versioned JSON file containing your activities, sessions, notes, heart-rate samples, settings, and voice profile. You can restore a previously exported file on the same or a different device; restoring merges the file into the app by record id and never deletes data already on your device.

Exported files are shared through your operating system’s normal share sheet; where they go from there is up to you.

IsoTimer’s local data also resides in your app’s private storage, which iOS includes in iCloud device backups and Android includes in Google Drive backups if you have those features enabled. Those backups are controlled and encrypted by Apple / Google under their own privacy policies. IsoTimer does not operate a backup service of its own.

7Cloud sync

IsoTimer performs no network uploads. No audio, voice data, heart-rate data, or session history is transmitted from your device by the app. If we ever add an optional cloud-sync feature in a future version, it will be opt-in, described clearly in-app before you enable it, and documented in an updated version of this policy. Until then, no session data leaves your device.

8Children’s privacy

IsoTimer is not directed at children under 13 (or the minimum age defined in your jurisdiction). We do not knowingly collect personal information from children. Because the app does not collect personal information from anyone on a server, there is no children’s data for us to hold or delete.

9Your rights

Depending on where you live, you may have rights under laws such as the EU / UK GDPR, the California Consumer Privacy Act (CCPA / CPRA), or similar state and national privacy laws. These typically include the right to access, correct, delete, or port personal data that a company holds about you.

Because IsoTimer does not collect personal data on a server, we generally hold no personal data about you to access, correct, delete, or port. The data the app stores lives on your own device and is under your direct control:

Access / portability: export your data as CSV or as a full JSON backup from the app’s data settings.
Deletion: delete activities and sessions within the app, or uninstall the app. Uninstalling removes all IsoTimer data from your device.

If you still wish to exercise a privacy right or have a question about our handling of information, email spicy.ginger.labs@gmail.com.

10Security

We rely on the security model of your operating system to protect your data: app-sandboxed private storage, OS-level disk encryption on iOS and Android, and standard OS-mediated access to the microphone and Bluetooth radio. Because the app does not transmit your data to a server, the main risk surface is your device itself. We recommend keeping your device software up to date and using a device passcode or biometric lock.

No method of electronic storage is perfectly secure. We cannot guarantee absolute security.

11Not medical advice

IsoTimer is a fitness and exercise-tracking app. It is not a medical device and does not diagnose, treat, cure, or prevent any disease. Heart-rate readings and timing information displayed by the app are for personal information only and should not be used to make medical decisions. Consult a qualified professional before beginning any new exercise program.

12Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will change the “Last updated” date at the top of this page. If a change materially affects how your information is handled — for example, if we introduce optional cloud sync — we will make that clear in the app before the change takes effect.

13Contact

Questions or concerns about this policy? Email spicy.ginger.labs@gmail.com.