πŸ›‘οΈ

Trust Center

Security, privacy, and compliance are at the core of everything we build at The Tracker App.

πŸ”’ 256-bit Encryption πŸ‡ΊπŸ‡Έ US-Based Infra βœ… 99.9% Uptime Target πŸ“± 10DLC/A2P Verified

Overview

Our commitment to protecting your health data

The Tracker App is a text-based fitness and nutrition tracking platform that lets you log workouts, meals, water intake, and body metrics via iMessage, SMS, or Telegram. Our AI-powered system understands natural language, making health tracking as simple as sending a text message.

25+ Security Controls
3 Compliance Frameworks
7 Vetted Subprocessors
24/7 Security Monitoring

Compliance

Frameworks and regulations we adhere to

πŸ‡ͺπŸ‡Ί

GDPR

European data protection regulation

Compliant
🌴

CCPA

California Consumer Privacy Act

Compliant
πŸ“±

10DLC/A2P

Registered SMS business sender

Verified

Security Controls

Active measures protecting your data

Updated May 2026

Infrastructure Security

  • βœ“Data encrypted in transit (TLS 1.3)
  • βœ“Data encrypted at rest (AES-256)
  • βœ“US-region cloud infrastructure
  • βœ“Edge network DDoS mitigation
  • βœ“Automated dependency security updates
  • βœ“Infrastructure as Code (version controlled)
  • βœ“Production database authentication enforced
  • βœ“Encryption key access restricted

Organizational Security

  • βœ“Confidentiality agreements signed by team
  • βœ“Role-based access control (RBAC)
  • βœ“Periodic access reviews
  • βœ“Incident response plan documented
  • βœ“Vendor/subprocessor security reviewed

Product Security

  • βœ“Session timeout enforced
  • βœ“Rate limiting on API endpoints
  • βœ“Input validation and sanitization
  • βœ“SQL injection protection (parameterized queries)
  • βœ“XSS prevention (output encoding)
  • βœ“Secure API authentication
  • βœ“Audit logging enabled

Data & Privacy

  • βœ“User data deletion on request
  • βœ“Data retention policies documented
  • βœ“No third-party data selling
  • βœ“Minimal data collection principle
  • βœ“User consent for data processing
  • βœ“Data export available on request
  • βœ“Privacy policy publicly available

Subprocessors

Third-party services that process data on our behalf

β–²

Vercel

Web hosting & edge network

United States
☁️

Google Cloud Platform

Compute, storage & AI (Gemini)

United States
πŸ“±

Apple iMessage

Message delivery (iMessage)

United States
πŸ’¬

Twilio

SMS message delivery

United States
✈️

Telegram

Message delivery (Telegram bot)

Global
πŸ’³

Stripe

Payment processing

United States
πŸ™

GitHub

Source code version control

United States

Contact

Get in touch with our security team

Security Inquiries

security@thetrackerapp.io

For vulnerability reports and security questions

General Support

support@thetrackerapp.io

For account and service inquiries

Resources

Privacy Policy Terms of Service System Status