AI does the thinking. You do the work.
Stupid Simple Fitness

Legal

Cookies & Tracking

What we set in your browser, why, and the much longer list of things we don't.

Last updated · April 25, 2026

The short version. A handful of strictly necessary cookies so the Service can log you in and stop bad actors. No advertising trackers. No third-party retargeting pixels. No selling cookie data. If we ever add optional analytics that aren't strictly necessary, we will ask first.

1. What is a cookie

A cookie is a small piece of data a website stores in your browser. The Service uses cookies and a few similar technologies (like local storage) to keep you signed in, protect your account, and remember small UI preferences. We use as few as we can get away with.

2. What we set

Strictly necessary

These are required for the Service to function. You can't opt out of them and still use the Service. There is no global cookie banner because, under most privacy law, strictly necessary cookies don't require one.

  • Session cookie: keeps you logged in. Expires when your session ends or you sign out.
  • CSRF token: protects you from cross-site request forgery attacks.
  • Cookie / consent record: if you make a privacy choice, we remember it so we don't ask again.

Functional

Small UI preferences set by the Service. Examples: collapsed/expanded state of an under-the-hood panel, last-used tab. These are stored locally in your browser. Nothing about you is shared with anyone.

Performance and error monitoring

We use first-party application logs and an error monitoring service to keep the Service running. These do not set advertising cookies. Where the error monitor uses any client-side identifier, it is configured to be a random per-session ID, not anything that identifies you personally.

3. What we don't set

  • No third-party advertising cookies.
  • No retargeting pixels (no Meta pixel, no Google Ads pixel, no TikTok pixel, none of it).
  • No social-network share trackers.
  • No "data enrichment" trackers that match your browser to a real-world identity.
  • No A/B testing tools that fingerprint you across sites.

4. Optional analytics (today: none, here's our policy if it ever changes)

Today we do not run a third-party web analytics tool. If we ever decide that we need one to understand how the Service is actually used, we will:

  • Pick a privacy-respecting option (no cross-site tracking, no ad network integration).
  • Disclose it on this page before turning it on.
  • Where required by law, ask for your consent.
  • Provide an opt-out.

5. Your browser controls

You can clear cookies, block them, or set your browser to ask before storing one. If you block strictly necessary cookies for the Service, the Service will not work. That is not us being precious about it; it is the technical reality of how login and CSRF protection work.

The Service honors the Global Privacy Control (GPC) signal where applicable. We treat a GPC signal as a request to opt out of any non-essential tracking we may add in the future.

6. Do Not Track

"Do Not Track" was never standardized and most sites quietly ignore it. We don't run advertising trackers anyway, so on our end the answer is functionally "we already aren't."

7. Changes

If we add, remove, or change cookies, we will update this page and update the "Last updated" date at the top. If a change is material (for example, adding any optional analytics), we will tell you in-app or by email.

8. Questions

Questions about how we handle cookies and tracking: help@stupidsimplefitness.com. The full picture of what we do with data lives in the Privacy Policy.

Other policies

Terms Privacy Medical AI disclosure Cookies Accessibility