Privacy Policy

Last updated: 19 July 2026

Overlood is a workout tracking app operated by Ruben Eppink, based in the Netherlands ("Overlood", "we", "us"). This policy explains what personal data we collect through the Overlood mobile app and this website (overlood.com), and what we do with it.

We are the data controller for the data described here. You can reach us at support@overlood.com.

The short version

Data we collect

Account and profile

Training data

Collected automatically

Data we do not collect

How we use your data

We do not sell your data or use it for advertising.

Sharing

Your training data is private to your account. Other Overlood users cannot see your workouts, body metrics, or profile. If we ever add social or coaching features that share data between users, they will be described here before they launch.

Service providers

We use a small number of processors to run Overlood. They process data on our behalf and are bound by data-processing agreements:

ProviderPurposeLocation
Microsoft AzureHosting, database, and file storageEuropean Union (West/North Europe)
Auth0 (Okta)Sign-in and account authenticationUnited States
SentryCrash reporting (mobile app)United States
Expo (EAS)Delivering app updatesUnited States
Apple App Store / Google PlayApp distributionUnited States / European Union

Where a provider processes data outside the European Economic Area, transfers rely on recognised safeguards such as the EU–US Data Privacy Framework or Standard Contractual Clauses.

Cookies

This website (overlood.com) sets no cookies and runs no trackers — that is why there is no cookie banner. The mobile app does not use cookies; it stores its sign-in tokens in your device's secure storage.

Retention and deletion

Your rights

Under the GDPR you have the right to:

To exercise any of these rights, email support@overlood.com. We respond within one month.

Age

Overlood is not intended for children under 16. We do not knowingly collect data from anyone under 16; if you believe we have, contact us and we will delete it.

Security

All traffic is encrypted in transit (HTTPS). Data is stored on Microsoft Azure with access limited to what the service needs. Sign-in credentials are handled by Auth0 — we never see or store your password. On mobile, tokens live in your device's secure storage.

Changes to this policy

When we change this policy, we update the date at the top. For material changes — new data collected, a new provider, or new sharing — we will notify you in the app or by email before the change takes effect.

Contact

Ruben Eppink (Overlood), the Netherlands — support@overlood.com