Ist Gain wirklich kostenlos zum Starten?

Ja! Du kannst bis zu 3 Athleten komplett kostenlos coachen, ohne Zeitlimit oder Funktionseinschränkungen. Keine Kreditkarte oder Zahlungsdaten nötig — einfach registrieren und loslegen. Alle Funktionen sind in jedem Plan verfügbar.

Welche Plattformen unterstützt Gain?

Die Coach Web-App funktioniert auf jedem modernen Browser (Chrome, Safari, Firefox, Edge). Die Athleten-App ist für iOS und Android verfügbar.

Wie funktioniert die Abrechnung?

Du wirst monatlich basierend auf der Anzahl aktiver Athleten abgerechnet. Die ersten 3 Athleten sind immer kostenlos — keine Zahlungsdaten nötig, bis du einen 4. Athleten hinzufügst. Die Preisgestaltung ist gestaffelt — jede Stufe gilt nur für Athleten in diesem Bereich. Zum Beispiel zahlst du bei 25 Athleten nichts für die ersten 3, 7 EUR pro Athlet für Athlet 4–20 und 5 EUR pro Athlet für Athlet 21–25.

Kann ich jederzeit kündigen?

Absolut. Es gibt keine Verträge oder Verpflichtungen. Du kannst jederzeit kündigen, und deine Athleten haben bis zum Ende des Abrechnungszeitraums weiterhin Zugang.

Wie bekommen meine Athleten die App?

Du sendest ihnen einen Einladungslink von deinem Dashboard aus. Sie laden die Gain-App aus dem App Store oder Google Play herunter, geben den Code ein und sind sofort mit dir verbunden.

Sind meine Daten sicher?

Ja. Wir verwenden branchenübliche Verschlüsselung und sichere Authentifizierung. Wir sind vollständig DSGVO-konform.

Privacy Policy

Name: Gain
Author: Gain

Effective Date: February 14, 2026
Data Controller: Gain. Fitness GmbH, Kelchweg 3, 8048 Zurich, Switzerland
Contact: privacy@gain-app.com

1. Introduction

Gain. Fitness GmbH ("we," "us," or "our") operates the Gain mobile application ("the App").

This Privacy Policy explains how we collect, use, store, protect, and transfer personal data when you use our App as an athlete (client of a coach using the Platform).

Gain. Fitness GmbH acts as the data controller for all personal data processed within the App.

We comply with:

The EU General Data Protection Regulation (GDPR)
The Swiss Federal Act on Data Protection (FADP)
The California Consumer Privacy Act (CCPA/CPRA)

2. Categories of Data We Collect

2.1 Account Data

When you create an account via our authentication provider (Auth0), we collect:

Name
Email address
Profile picture
Pseudonymous user identifier (Auth0 ID)

2.2 Fitness & Health Data You Provide

To deliver the coaching service, we process:

Body weight measurements
Nutrition tracking data (protein, carbohydrates, fat, fiber)
Barcode scans (product barcode only)
Step counts
Sleep data
Training logs (exercises, weight, repetitions, RIR)
Form check photos and videos
Coach-athlete messages
Diet phase data
Nutrition targets
Rate of weight change
Coach notes
Custom tracking fields defined by your coach

Certain data elements listed above may qualify as health data under Art. 9 GDPR, as they relate to your physical health and fitness condition.

Your assigned coach may access this data strictly within the functionality of the Platform in order to provide coaching services.

2.3 Health Data from Your Device (Optional – Explicit Consent)

With your explicit permission, the App may read health data from:

Apple HealthKit (iOS)
Google Health Connect (Android)

Data types accessed:

Steps
Weight
Sleep
Nutrition (macronutrients)

Health data accessed via device integrations:

Is accessed only after explicit permission
Is used exclusively to provide the core coaching functionality
Is never used for advertising, marketing, profiling, or data brokerage
Is never sold
Is never shared with advertisers
Is not used for unrelated analytics or data mining

You can revoke access at any time in your device’s Health settings.

2.4 Push Notification Data (Optional)

If enabled, we process:

Device token (via Apple Push Notification Service (APNs) or Firebase Cloud Messaging (FCM))
Device platform identifier

Push notification tokens are used solely to deliver coaching-related notifications.

2.5 Technical & Diagnostic Data

We collect limited technical data via Sentry:

Exception class names
Stack traces
Performance traces
Allowlisted breadcrumb messages
Device type
OS version
Pseudonymous user identifier (Auth0 ID)

No name, email, or IP address is intentionally stored in diagnostic logs.

Crash logs are retained for a maximum of 90 days unless required for security investigations.

3. Legal Bases for Processing (GDPR)

Legal Basis	Data	Purpose
Art. 6(1)(b) – Contract	Account, fitness, coaching data	Provide the coaching service
Art. 6(1)(f) – Legitimate Interest	Technical data	Ensure app stability, security, and fraud prevention
Art. 6(1)(a) – Consent	Push notifications	Deliver notifications
Art. 6(1)(a) + Art. 9(2)(a) – Explicit Consent	Health data (manually entered or device-imported)	Processing of special category data within the coaching service

Health-related data, whether manually entered or imported from device integrations, is processed based on your explicit consent in accordance with Art. 9(2)(a) GDPR.

You may withdraw consent at any time. Withdrawal does not affect processing prior to withdrawal.

4. How We Use Your Data

We use your data to:

Provide and maintain the coaching service
Enable communication with your assigned coach
Synchronize data across devices
Authenticate users
Maintain system security
Diagnose and fix technical issues
Protect against unauthorized access
Deliver notifications (if enabled)

We do not:

Sell personal data
Use personal data for personalized advertising
Engage in profiling
Conduct automated decision-making with legal or similarly significant effects

5. Third-Party Service Providers

5.1 Data Processors (acting on our behalf)

We use carefully selected processors under Data Processing Agreements (Art. 28 GDPR):

Service	Purpose	Data Shared
Auth0 (Okta Inc.)	Authentication	Name, email address, profile picture, Auth0 ID
AWS (Amazon Web Services)	Secure cloud hosting & storage	All data stored within the Platform
Sentry	Crash reporting & performance monitoring	Error metadata, device info, pseudonymous user ID
Open Food Facts	Barcode nutrition lookup	Product barcode only (no user data)
Apple Push Notification Service (APNs)	Push notifications (iOS)	Device token
Firebase Cloud Messaging (FCM)	Push notifications (Android)	Device token

All processors act solely on our behalf and under contractual safeguards.

5.2 Third-Party Content Providers (Independent Controllers)

The App may display embedded exercise videos via YouTube (Google LLC).

When interacting with embedded YouTube content, Google may process certain data (such as IP address or usage data) in accordance with its own privacy policy.

YouTube acts as an independent data controller for its own processing activities.

6. International Data Transfers

Data is stored on servers in the United States.

Transfers from the EEA/Switzerland are safeguarded by:

Standard Contractual Clauses (SCCs)
Additional technical and organizational safeguards

7. Data Retention

Active accounts: retained while account is active
Account deletion: data permanently deleted upon deletion request
Backup systems: overwritten within 30 days
Technical logs: deleted after 90 days
Inactive accounts: may be deleted after 24 months of inactivity

Local device data is removed upon app uninstall.

If your coach relationship ends, access to your data by that coach will be revoked.

8. Your Rights

Under GDPR/FADP, you have the right to:

Access
Rectification
Erasure
Restriction
Data portability
Object to processing

Contact: privacy@gain-app.com

You may lodge a complaint with your supervisory authority.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you may have the following rights:

Right to know what personal information we collect and how we use it
Right to delete personal information, subject to legal exceptions
Right to correct inaccurate personal information
Right to opt-out of sale or sharing (we do not sell or share personal data for cross-context behavioral advertising)
Right to non-discrimination

To exercise your rights, contact us at privacy@gain-app.com.

10. Data Security

We implement:

Encryption in transit (TLS 1.2+)
Encryption at rest (AWS server-side AES-256)
Secure storage of authentication tokens (iOS Keychain / Android Keystore)
Strict role-based access controls
Time-limited presigned upload URLs

Your data is accessible only to you and your assigned coach within the Platform.

11. Children’s Privacy

The App is not intended for individuals under 16.

We do not knowingly collect data from children under 16.

12. Automated Decision-Making

We do not perform automated decision-making with legal or similarly significant effects.

13. Changes to This Policy

We may update this policy. Material changes will be communicated via the App.

14. Contact

Gain. Fitness GmbH
Kelchweg 3
8048 Zurich
Switzerland

privacy@gain-app.com