top of page

Security & Data Protection

  • Architecture: Supabase (Postgres with Row Level Security). Data encrypted at rest; TLS in transit.

  • Access Control: least‑privilege roles, MFA for admin consoles, audit logging, periodic permission reviews.

  • Key Management: environment secrets stored in secure vaults; rotated on a schedule or upon suspicion.

  • Vulnerability Handling: report to support@liftor.app; we acknowledge within 72 hours and prioritize remediation.

  • Backups & Continuity: regular backups with limited retention; tested restores.

  • Responsible Disclosure: good‑faith reports welcome; we will not pursue legal action for accidental discovery.

Health & Safety Disclaimer

Liftor provides coaching guidance based on information you supply and is not a substitute for professional medical advice, diagnosis, or treatment. Stop exercise if you feel pain, dizziness, or shortness of breath. People with pre‑existing conditions, recent injuries, or those who are pregnant should consult a professional before using Liftor. In an emergency, contact local emergency services immediately.

Cookie & Tracking Notice

We use essential cookies to operate the site. We may use analytics cookies to understand usage and improve services. You can manage non‑essential cookies via the banner or your browser settings. See /privacy for details about data, purposes, and retention.

Categories: essential (required), analytics (optional). We do not sell personal data.

Accessibility Statement

We aim to conform to WCAG 2.1 AA. Our efforts include semantic HTML, keyboard navigability, focus indicators, descriptive link text, and alt text guidelines. If you encounter barriers, email support@liftor.app with page URL, device/OS, browser, and assistive tech used. We will work to resolve issues promptly and provide content in alternative formats upon request.

bottom of page