Privacy Policy 

Postra AB 
Last Updated: 2025-11-25 

This Privacy Policy explains how Postra AB ("we", "our", or "us") collects, uses, and protects your personal data when you use our mobile applications or related services (the “Services”). By accessing or using the Services, you consent to the processing of your personal data as described in this Privacy Policy. 

Privacy Policy 

Postra AB 
Last Updated: 2025-11-25 

This Privacy Policy explains how Postra AB ("we", "our", or "us") collects, uses, and protects your personal data when you use our mobile applications or related services (the “Services”). By accessing or using the Services, you consent to the processing of your personal data as described in this Privacy Policy. 

 

1. Personal Data Controller 

Postra AB is the data controller responsible for the processing of your personal data. 

Company Name: Postra AB 
Corporate ID No: 5567855654 
Address: Jungmansgatan 19E, 413 15 Göteborg, Sweden 
Email: info@postra.com 

 

2. Information We Collect 

We collect several types of personal data in order to provide, manage, and improve our Services, including subscription-based features. 

a. Registration Information 

  • Email address 

  • First and last name 

  • Language preferences 

  • Device specifications (e.g., model, operating system) 

b. Usage Data 

  • Training programs and activity logs 

  • Health-related data (e.g., workout stats, posture insights, and fitness-related information) 

  • Device identifiers such as IP address and device type 

Note: Health-related data may qualify as sensitive data under applicable data protection laws. We process such data only with your explicit consent and solely for providing the Services. 

c. Subscription and Transaction Data 

When you purchase a subscription or one-time product, we may collect: 

  • Purchase history 

  • Subscription status (active, trial, cancelled, renewal dates) 

  • Country and currency 

  • Partial payment information (e.g., last 4 digits of card, card type for Stripe transactions) 

We do not store full payment card details. 

d. Third-Party Data 

If you connect the Services to third-party platforms (e.g., Apple HealthKit, Facebook), we may receive: 

  • Profile information (such as username, country, gender, date of birth) 

  • Health-related data synced from third-party services (only with your consent) 

e. Image Data 

If you upload images, they are processed and stored securely and used only to enable the intended functionality (e.g., posture analysis). 
Users may request deletion of their images at any time by contacting info@postra.com.

 

f. Analytics and Tracking Tools 

We use analytics tools to understand usage and improve the Services, including: 

  • PostHog – anonymized usage data (clicks, navigation paths, sessions) 

  • Meta (Facebook) SDK – app events such as installations and interactions 

The Meta SDK may collect device information and app event data, as described in Meta’s Privacy Policy. 

Users may opt out of analytics and marketing tracking by contacting info@postra.com. 

  

3. How We Use Your Personal Data 

We process personal data to: 

a. Provide and Operate the Services 

  • Create and manage user accounts 

  • Provide personalized training and posture insights 

  • Sync with third-party health apps (with consent) 

  • Deliver customer support 

b. Manage Subscriptions and Purchases 

  • Process payments and billing 

  • Handle renewals, cancellations, and failed payments 

  • Send service-related notifications (e.g., renewal reminders, expiration alerts) 

These communications are transactional and do not require marketing consent. 

c. Profiling and Personalization 

We analyze usage data to: 

  • Improve user experience 

  • Recommend relevant workouts and features 

  • Optimize app navigation 

d. Marketing and Promotions (With Consent) 

  • Send personalized offers or promotions 

  • Deliver in-app or email marketing messages 

You may withdraw consent at any time. 

Health and image data are never used for marketing purposes. 

 

4. Legal Basis for Processing 

We process personal data based on: 

  • Performance of a contract: To provide subscription services and purchased features 

  • Consent: For processing health data, connecting third-party apps, and marketing activities 

  • Legitimate interests: To improve the Services and prevent fraud 

  • Legal obligations: To meet accounting, tax, and regulatory requirements 

 

5. Subscription Purchases and Third-Party Platforms 

Purchases may be made via Google Play, Apple App Store, or Stripe. 

Google Play & Apple App Store 

  • Google and Apple act as independent controllers for payment processing 

  • They handle payments, billing, taxes, and refunds 

  • Postra AB receives only limited information (e.g., subscription status) 

Stripe 

  • Stripe processes payments on behalf of Postra AB 

  • Postra AB is the legal seller and data controller for Stripe purchases 

  • Full card data is not stored by Postra AB 

 

6. Cookies and Tracking Technologies 

We use cookies and similar technologies to support functionality and preferences. You may manage cookie preferences through device or browser settings. Some features may not function properly if cookies are disabled. 

 

7. Data Retention 

We retain personal data only as long as necessary for the purposes described in this policy: 

  • Subscription and transaction data: up to 7 years for legal and accounting purposes 

  • Account and profile data: deleted within 12 months of inactivity or account deletion 

  • Health and image data: deleted when consent is withdrawn or the account is deleted 

  

8. Your Rights 

You have the right to: 

  • Access your data 

  • Request correction 

  • Request erasure (subject to legal requirements) 

  • Request data portability 

  • Withdraw consent at any time (e.g., marketing, health data processing) 

We respond to requests within 30 days
Contact: info@postra.com 

Note: Transaction records may be retained even after account deletion where required by law. 

 

9. Data Transfers 

We may transfer data to service providers outside the EEA (e.g., the U.S.). Where such transfers occur, we implement appropriate safeguards such as EU Standard Contractual Clauses. 

All third-party processors are contractually required to protect your data. 

 

10. Security 

We use industry-standard security measures including encryption, firewalls, and secure access controls. However, no system is completely secure, and we cannot guarantee absolute protection. Users are encouraged to use strong passwords and log out after use. 

11. Children’s Privacy 

The Services are not intended for users under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us at info@postra.com and we will delete such data. 

 

12. Changes to This Privacy Policy 

We may update this Privacy Policy from time to time. Significant changes will be communicated through the Services or via email. 

 

13. Contact Information 

For questions about this Privacy Policy or your personal data: 

Email: support@postra.com 
Website: www.postra.com