This Privacy Policy explains how Gladius Proba ("Gladius", "we", "us") collects, uses, and shares information about you when you use the Gladius mobile application and related services (the "Service"). By using the Service you agree to this policy. If you do not agree, do not use the Service.
1. Information we collect
1.1 Information you give us
- Account details — email address and (optionally) phone number, verified through our authentication provider, Clerk.
- Profile information — display name, fitness interests, and an automatically generated Friend Code.
- Communications — anything you send us when you contact support.
1.2 Information generated by your use of Gladius
- Gameplay data — training sessions, rep counts, Personal Bests, duel results, MMR rating, rank tier, XP, Legion membership and contributions.
- Economy data — your Denarii balance, transaction history (training rewards, duel winnings, daily stipends, etc.).
- Social data — friendships, challenges issued and received, Legion activity.
- Device & technical data — device type, OS version, app version, IP address, crash logs, and basic diagnostic information.
1.3 Camera & pose data
Gladius uses your device's front camera to count exercise repetitions through on-device pose detection (Google ML Kit). Camera frames are processed locally on your device and are not uploaded to our servers or stored. Only the resulting numerical outputs — rep counts and aggregated form-confidence scores — are transmitted and saved as part of your gameplay data.
2. How we use information
- To operate core gameplay: tracking sessions, scoring duels, calculating MMR and rank progression, running the Denarii economy.
- To enable social features: matching friends, delivering challenges, surfacing leaderboards.
- To send transactional and gameplay notifications (challenge invites, duel results, rank-ups, daily stipend availability).
- To monitor stability, fix bugs, and improve the Service.
- To detect, prevent and respond to fraud, abuse, or violations of our Terms.
3. How we share information
We do not sell your personal information. We share it only as follows:
- With other users — your display name, Friend Code, rank, MMR and selected stats are visible to friends, opponents, Legion members and on public leaderboards. Detailed account information is never shown.
- With service providers — Clerk (authentication), Supabase (database & storage), Google ML Kit (on-device pose detection), and push-notification and analytics providers, each acting only on our instructions.
- For legal reasons — when required by law, to enforce our Terms, or to protect the rights, safety and property of Gladius, our users or the public.
- In a corporate transaction — in connection with a merger, acquisition or sale of assets, your information may be transferred subject to this policy.
4. Data retention
We keep your account information and gameplay history for as long as your account is active. If you delete your account, we delete or anonymise your personal data within 30 days, except where we are required to retain it for legal, accounting or fraud-prevention purposes.
5. Your rights & choices
- Access & export — request a copy of the personal data we hold about you.
- Correction — update your display name or other profile fields at any time from the Card tab.
- Deletion — delete your account from Card > Settings, or by emailing us. This permanently removes your gameplay history.
- Notifications — turn off push notifications from your device settings or from in-app preferences.
- Camera — revoke camera permission in your device settings; rep counting will no longer work, but the rest of the app remains usable.
Depending on where you live, you may have additional rights under the GDPR, UK GDPR, CCPA or other laws (including the right to object to processing or to lodge a complaint with a supervisory authority). Contact us to exercise these rights.
6. Security
We use industry-standard measures to protect your data, including TLS encryption in transit, encryption at rest for sensitive fields, and strict access controls to our backend systems. No system is perfectly secure, however, and we cannot guarantee absolute security.
7. Children
Gladius is intended for users aged 13 and older (16 in the EU/UK). We do not knowingly collect personal information from anyone younger. If you believe a child has provided us with information, please contact us and we will delete it.
8. International transfers
Gladius is operated from the United Kingdom and our infrastructure providers are located in the United States and the European Union. By using the Service you consent to your information being transferred to and processed in those jurisdictions.
9. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, for material changes, notify you in-app or by email.
10. Contact
Questions or requests about this policy? Email privacy@gladius.app.