sesh - Privacy Policy Supplement
Effective Date: May 10, 2026 Last Updated: May 10, 2026
This Privacy Policy Supplement is specific to sesh and supplements WagDev LLC's general Privacy Policy and Data Security Standards.
1. Summary
sesh is an offline-only workout tracker. All of your workout data — exercises, sets, reps, weights, durations, routines, and any notes you add — is stored locally on your device and never leaves it. We do not operate a server, we do not run analytics on your workout content, and we do not have a copy of your data anywhere.
Two outbound data flows leave your device, both narrow and disclosed in detail below:
- Google AdMob — serves banner advertisements and collects ad-related diagnostics (§2.3, §4.2). Governed by Section 4.3 of WagDev's general Privacy Policy.
- Sentry — receives crash reports and error stack traces so we can fix bugs (§2.4, §4.3). Governed by Section 4.2 of WagDev's general Privacy Policy. Sentry data is never linked to your workout content — our SDK is configured to scrub user-typed content from any breadcrumbs before transmission.
2. Data Collection
2.1 What You Provide
All of the following is stored exclusively on your device via local SQLite storage:
- Workout names, exercises, sets, reps, weights, durations, and distances
- Custom exercise names you create
- Workout routines you build
- Unit preference (lbs vs kg)
- Settings you configure within the app
We never see, transmit, or store any of this data on our infrastructure.
2.2 What sesh Does Not Collect
- No email address, name, or any account identifier
- No phone number or contact information
- No precise or approximate location (sesh does not request or use location permissions)
- No photos, camera access, microphone access, or health/fitness sensor data
- No contacts, calendar, or any other system data
- No analytics on your workout content or in-app actions
2.3 What AdMob Collects on Google's Behalf
When you use sesh, the embedded Google Mobile Ads SDK collects the following for ad serving and measurement:
- IP address
- Device advertising identifier (IDFA on iOS or Google Advertising ID on Android) — only if you grant permission via the App Tracking Transparency prompt on iOS or have Ad ID enabled on Android
- Approximate location derived from your IP address (country/region only)
- Diagnostic and performance data (ad load latency, crash reports)
- Records of ads served to you and your interactions with them (impressions, clicks)
- A Google-assigned SDK instance ID
The full disclosure of AdMob data practices appears in Section 4.3 ("Advertising in Some Apps") of the WagDev Privacy Policy, which is incorporated here by reference. Your AdMob data is governed by Google's privacy policy.
2.4 What Sentry Collects for Crash and Error Reporting
To diagnose and fix bugs, sesh integrates Sentry — a crash and error reporting service operated by Functional Software, Inc. (d/b/a Sentry). When the app encounters a runtime error or crash, the Sentry SDK transmits:
- Stack trace of the error (mapped back to our source code)
- Device model, operating system version, and app version
- A Sentry-generated session identifier (not linked to your identity, not used for tracking)
- Navigation breadcrumbs (which screens you visited shortly before the error)
- Crash-relevant diagnostic data (e.g., available memory at time of error)
What Sentry does not receive from sesh:
- Your IP address (we set
sendDefaultPii: falsein our SDK config) - Your device advertising identifier (IDFA / GAID)
- Approximate or precise location
- Any of your workout content — exercise names, routine names, set values, notes (our breadcrumb scrubber removes user-input categories before transmission)
- Network request bodies (sesh has effectively no network requests outside of AdMob)
- Performance traces or session replays (both disabled by configuration)
Sentry data is retained per Sentry's data retention policy and governed by Sentry's privacy policy. The full disclosure of how WagDev uses Sentry across apps appears in Section 4.2 ("Service Providers") of the WagDev Privacy Policy.
3. How sesh Uses Your Data
3.1 Local Use Only
Your workout data is used solely to power the app's features on your device:
- Displaying your workout history
- Calculating personal records and progress charts
- Pre-filling exercise data from your last session
- Computing streaks and summary statistics
No remote processing, no machine learning on your content, no human review.
3.2 No Cross-Device Sync
Because sesh does not have a server, your data does not sync between devices. If you install sesh on a second device, you will start fresh on that device. If you delete and reinstall sesh on the same device, your local data will be erased (see Section 5 below).
4. Data Sharing
4.1 We Do Not Share Your Workout Data
- We do not share your workout content with advertisers, including AdMob
- We do not share it with any third party — period
- We do not have anyone to share it with, because we do not have a copy
4.2 AdMob Receives Only Ad-Serving Data
AdMob receives only the data categories listed in Section 2.3 above. It does not receive your workout data, custom exercise names, routine names, or any content you create.
4.3 Sentry Receives Only Diagnostic Data
Sentry receives only the data categories listed in Section 2.4 above. Our SDK configuration explicitly disables PII collection, performance traces, and session tracking, and scrubs breadcrumbs that originate from user-typed content. Sentry receives no workout data of any kind.
5. Your Privacy Controls
5.1 On-Device Controls
Because all data is local to your device, you have direct control:
- Delete individual workouts: Tap any workout from History and delete it
- Delete all data: Uninstall the app to permanently remove every workout, routine, and setting from your device
5.2 Advertising Controls
- iOS: Settings → Privacy & Security → Tracking → toggle sesh off to deny ad tracking. You may also revoke consent any time after the initial App Tracking Transparency prompt.
- Android: Settings → Google → Ads → toggle "Delete advertising ID" to reset or disable your Google Advertising ID system-wide.
- EEA/UK/Swiss users: Tap "Update Privacy Choices" in the Google consent dialog any time to change your ad personalization choices.
- US state privacy law users: Use the "Do Not Sell or Share My Personal Information" link in the Google consent dialog where applicable.
5.3 Data Export
sesh does not currently offer a built-in data export. Because the data lives only on your device, you cannot lose it to a server outage — but you also cannot retrieve it if your device is lost. Back up your device using its native backup system (iCloud Backup, Google One Backup) to preserve your sesh data.
6. Data Retention
6.1 As Long As You Have the App
Your workout data is retained on your device for as long as you have sesh installed and your device's storage permits. We do not impose any time-based retention limits because we never receive your data.
6.2 After Uninstall
- Uninstalling sesh removes the app's SQLite database from your device.
- AdMob data already collected and shared with Google remains subject to Google's retention practices, which you can review and manage at adssettings.google.com (signed in to your Google account).
7. Children's Privacy
sesh is not directed to children under 13 and we do not knowingly collect any personal information from children under 13. AdMob is configured with "treat as child-directed" set to No, meaning sesh is not designated as a child-directed app under COPPA. Parents who believe their child under 13 is using sesh should uninstall the app, which removes all local data.
8. Security
8.1 On-Device Security
Your sesh data is stored using Apple's and Google's standard application sandboxing. It is not encrypted by sesh beyond what the operating system provides at rest. We rely on:
- iOS Data Protection (when you have a passcode set)
- Android Application Sandbox + full-disk encryption (on devices that support it)
Because sesh has no network sync, there are no transit-layer security concerns for your workout data.
8.2 AdMob Security
Data sent to AdMob is encrypted in transit using TLS by the Google Mobile Ads SDK.
9. Compliance Notes
9.1 Apple App Privacy Details
The following data types are declared in sesh's App Store privacy nutrition labels:
- Identifiers: Device ID (used for advertising; linked to user; not used for tracking unless user grants ATT permission) — AdMob
- Diagnostics: Crash data, performance data (collected by AdMob and Sentry; not linked to user under either SDK's configured settings)
- Usage Data: Advertising data (collected by AdMob; linked to user only when ATT is granted)
- Approximate Location: Coarse location derived from IP (collected by AdMob; not linked to user)
No data from your workout content is declared because no workout content is collected.
9.2 Google Play Data Safety
The Google Play Data Safety section declares the same AdMob categories above, plus a "Data is encrypted in transit" affirmation for both AdMob and Sentry traffic, and a "Users can request data deletion" affirmation pointing to the uninstall path in Section 5.1. Sentry crash data is declared as Diagnostics → Crash logs, not linked to a user.
10. Changes to This Supplement
If we materially change how sesh collects or uses data, we will bump the version of this document and update the Last Updated date. Continued use of sesh after a change indicates acceptance of the revised supplement.
11. Privacy Contact
For sesh privacy questions:
- Email: privacy@wag.dev
- Response time: Within 3 business days
For urgent privacy concerns:
- Email: support@wag.dev
- Mark subject as "Urgent Privacy Issue"
This Privacy Policy Supplement should be read together with WagDev LLC's general Privacy Policy and Data Security Standards for a complete understanding of our privacy practices.