Last updated: July 2026
Tandem collects account details (including your email, or an Apple private relay address, and the Apple identifier when you use Sign in with Apple), display name, role, trainer-client links, body metrics (age, sex, height, weight, target weight, activity level), nutrition and macro goals, meal entries, water and weight entries, meal photos, avatar photos, client meal notes, trainer notes, subscription status, and push notification tokens. If you connect Apple Health, Tandem also reads the health and fitness metrics described below.
This data is used to provide nutrition and activity tracking, wellness and recovery insights, trainer review, account management, realtime sync, push notifications, subscription management, support, security, and account deletion.
When you scan a meal, Tandem sends the compressed meal photo to a Supabase Edge Function. That function sends the photo to Google Gemini to identify the food components — dish name, ingredients, cooking methods, and estimated weights. The component names (text only, no photo) are then sent to OpenAI to generate search embeddings that match them against a nutrition database and estimate calories, macros, fiber, sugar, and sodium. The recognition result is stored server-side for debugging and quality. API credentials for Google Gemini and OpenAI are held server-side, not in the app.
Connecting Apple Health is optional. With your permission, Tandem reads (read-only — it never writes to Health) resting and sleeping heart rate, heart rate variability, beat-to-beat heart rate, respiratory rate, blood oxygen, wrist temperature, sleep, and step count. These are computed into your Recovery, Strain, and Sleep scores. If you are linked to a trainer and leave health sharing on, a daily wellness summary is synced to Tandem's server so your trainer can review it; you can turn this sharing off in the app. You can revoke Tandem's Health access at any time in the iOS Health app.
When you use Sign in with Apple, Tandem receives a stable Apple identifier and either your real email or an Apple private relay address if you chose Hide My Email. On first sign-in only, Apple may share your name; if your profile has no display name yet, Tandem saves it as your display name. Your Apple ID password and biometric data are never shared with Tandem.
Purchases are processed by Apple through the App Store; Tandem never receives your card or payment details. Subscription status is managed through RevenueCat, linked to your Tandem account identifier, so the app knows whether your subscription is active.
Tandem stores app data with Supabase (authentication, database rows, private storage buckets, Edge Functions, and realtime transport). Google Gemini processes meal photos for food identification. OpenAI processes food component names (text only) for search embeddings. RevenueCat manages subscription status. Apple provides Sign in with Apple, App Store purchases, and push delivery; Firebase Cloud Messaging delivers push on Android.
Push notifications are optional. Tandem stores a push token (Apple Push Notification service on iOS, Firebase Cloud Messaging on Android) with the signed-in user so notifications such as trainer notes can be delivered. Realtime sync still updates data if notifications are disabled.
You can delete your account in Settings → Delete Account. Tandem asks for your password, or re-authentication through Apple for Sign in with Apple accounts, then calls the delete-account server function, removes related server data through database cascades, and clears local app data.
Tandem does not use collected data for tracking and does not sell personal data.