Privacy Policy
Last updated: July 6, 2026
1. Operator (Data Controller)
"Punchy" (formerly "AI Boxing Trainer"; the "Service") is a Progressive Web App (PWA) operated by Do the right thing (a sole proprietorship; "we", "us", or "our"). We are responsible for the handling of personal information within the Service.
However, information related to payments for paid plans is collected and managed independently by our payment provider, Paddle.com Market Limited ("Paddle"), acting as the seller of record (Merchant of Record). See Section 5.
2. Information We Collect
The Service handles the following information.
- Camera video: used to analyze your posture and punches during training. It is processed through two separate paths:
- On-device analysis (no external transmission): detection of wrist, elbow and other landmarks via MediaPipe is performed entirely within your browser, and the video is not sent externally.
- Transmission for AI coaching: so that the AI coach can understand the situation, the video is thinned to still images (JPEG) at approximately 0.5 fps (about one frame every two seconds) and sent to Google's Gemini Live API. We do not retain the video on our servers.
In the "Ume" tier, no video is sent; the Service operates using on-device analysis and audio only (see Section 6).
- Microphone audio: for two-way voice interaction with the AI coach, audio (a PCM stream) is sent to the Gemini Live API. We do not retain the audio on our servers.
- Anonymous usage ID: to understand retention (for service improvement), a random, non-identifying string is stored in your browser's
localStorage and sent to the server when a session connects. This ID is never linked to your name or other personal information, and is only temporarily recorded in server logs (not stored in any persistent database).
- Session statistics: non-personal data such as punch counts, types, combination rate and duration are stored in your browser's
localStorage (up to 30 entries). They are not stored on our servers.
- Settings and nickname: punch-effect on/off, coaching interval/style, volume, voice/tier settings, and any nickname you optionally enter are stored in
localStorage. All of this remains on your device.
- Authentication token: a random string issued upon successful shared-password authentication (closed beta) is stored in
sessionStorage (expires automatically after 24 hours).
- Access logs: for fraud detection and rate limiting, we temporarily retain your IP address and connection time on the server.
The Service (the app) does not collect any directly identifying information such as your name, address, phone number, email address or date of birth. Where such information is required for paid-plan payments, it is collected by Paddle, not by us (see Section 5).
3. Purposes of Use
We use the information only within the following purposes.
- To pass camera stills and audio to the AI in real time and generate coaching responses.
- To detect punches and display particle effects via in-browser MediaPipe.
- To display statistics and improvement feedback after a session.
- To improve the Service through anonymous, aggregated retention metrics.
- To detect unauthorized access, apply rate limiting, and operate the Service reliably.
We do not use the information beyond the scope necessary to achieve these purposes.
4. Transmission to External Services / Third Parties
To provide the Service, data is sent to the following external services.
- Google Gemini Live API (Google LLC, a U.S. company): camera video (JPEG stills at ~0.5 fps) and audio (a PCM stream) are sent to generate AI responses and are processed on Google's servers in the United States, in accordance with the Google Privacy Policy. The Service uses the paid Gemini API; data sent is not used to train Google's generative AI models (per the paid Gemini API terms).
- Paddle.com Market Limited (a UK company; Merchant of Record): handles payment processing for paid plans. See Section 5.
- Fly.io (a U.S. company): our hosting infrastructure, handling application logs and connection information. It runs in the Tokyo (NRT) region.
- MediaPipe (client-side only): image analysis is completed within your browser and is not sent externally.
We do not sell or provide user data to any third party other than the above.
Cross-border transfers:
Through transmission to the Gemini API (Google LLC), video and audio are processed mainly on servers in the United States. Payment information is processed by Paddle (a UK company) mainly in the UK, EU and US. The data protection regimes of these countries may differ from that of Japan. By using the Service, you are deemed to consent to such cross-border transfers. Please review each provider's privacy policy for details of their safeguards.
5. Payments and the Data Flow via Paddle (Important)
Payments for paid plans are provided by Paddle (Paddle.com Market Limited, a UK company) acting as the seller of record (Merchant of Record). Accordingly, the handling of card details and billing information, taxation, refunds and compliance with consumer laws in various countries are all handled by Paddle, and we do not receive or store your credit card information. What we receive is only a token indicating your purchase entitlement (purchase confirmation / license information).
Paddle collects and processes the name, email address, billing address, card details and similar information necessary for payment processing, as an independent data controller/processor in its own right. The handling of that information is governed by Paddle's privacy policy and data processing terms.
| Type of information | Us (Punchy operator) | Paddle (payments) | Google (Gemini) |
| Camera video (0.5 fps stills) | Not received (no retention; on-device analysis not sent externally) | Not received | Received (AI processing; not used for training) |
| Microphone audio | Not received (no retention) | Not received | Received (AI processing; not used for training) |
| Name, email, billing address | Not collected | Collected and managed | Not received |
| Credit card details | Not received / not stored | Collected and managed (PCI DSS compliant) | Not received |
| Purchase entitlement token (claim) | Stored on device (purchase confirmation; not identifying) | Issuer | Not received |
| Anonymous usage ID / usage logs | Temporarily logged (no persistent DB) | Not received | Not received |
For details of the information Paddle collects, your rights, and how to contact Paddle, please see:
For questions about purchases, refunds or billing, Paddle's support channel (or the contact shown in your receipt email) is the primary point of contact.
6. Differences by Plan / Tier
- Tiers (Matsu / Take / Ume): the information sent to the AI and the maximum session length vary by the tier you choose. In particular, the "Ume" tier does not send video to Gemini and operates using on-device analysis and audio only.
- Paid plan (Premium): purchasing via Paddle extends the maximum length of each session. Entitlement is determined by a token (claim) stored on your device and is not linked to your name or other personal information.
7. Data Storage and Retention
- Camera stills / audio: discarded immediately after processing (no server storage).
- WebSocket session: automatically disconnected at the plan's maximum length (about 15 minutes by default).
- Server-side access logs: about 24 hours.
- Authentication token: expires 24 hours after issuance.
- Payment information (name, billing address, card details, etc.): retained by Paddle in accordance with Paddle's policy and its statutory retention obligations.
- Data in your browser's
localStorage: until you delete it.
8. Security Measures
We implement the following measures.
- Encryption of communications via HTTPS (with HSTS).
- Shared-password authentication (closed beta) and automatic token expiry.
- Security headers (CSP / X-Frame-Options / Permissions-Policy, etc.).
- Per-IP rate limiting and lockout.
- A WebSocket message size limit.
- A design in which highly sensitive information such as card details is not held by us (payments are delegated to Paddle, minimizing the information we hold).
9. Your Rights and Data Deletion
- Deleting in-browser data: you can delete site data for this domain from your browser settings (this erases statistics, settings and the anonymous ID).
- Stopping use: if you stop accessing the Service, no persistent data remains on our servers.
- Disclosure, correction or suspension of information we hold: we do not hold directly identifying information on the app side, but requests can be made via our contact channel.
- Requests regarding payment information (name, billing address, card details, etc.): these are managed by Paddle; please make such requests via the channel stated in the Paddle Privacy Policy.
10. Cookies and SDKs
- The Service uses
localStorage / sessionStorage to maintain authentication state and save settings.
- We do not use advertising tracking cookies or third-party advertising SDKs.
- On the payment page (Paddle Checkout), Paddle may use its own cookies for payment processing and fraud prevention. Please review Paddle's policy for details.
11. Notes
- The Service is not a medical act, diagnosis or treatment. Please train at your own risk.
- This is a closed beta. Specifications may change without notice.
- Minors should use the Service with the consent of a guardian. Users under 13 may use it only with the consent and supervision of a guardian.
12. Contact
For privacy inquiries about the Service, please contact us at punchy.trainer@gmail.com. For payment inquiries, Paddle's support channel is the primary point of contact.
13. Changes to This Policy
This policy may change without notice. Where changes are material, we will announce them within the Service or on the home page.