How much does Harley AI cost?

Harley AI starts free (5 clients). Paid plans range from $14.99/month (Essentials) to $99.99/month (Business, unlimited clients). All paid plans include a 14-day free trial.

Can I migrate from Trainerize?

Yes. Harley AI offers one-click migration from Trainerize. Your clients, workouts, programs, exercise videos, and billing data are imported automatically.

Does Harley AI have AI workout generation?

Yes. Tell Harley what you want in natural language (e.g., '4-week hypertrophy program for intermediate lifter') and the AI generates a complete periodized program with exercises, sets, reps, and coaching cues in seconds.

All data is encrypted in transit and at rest. DNAi Systems operates under fiduciary duty — your data is never sold, never used for advertising, and never shared with third parties.

Privacy Policy | Harley AI

Harley AI Privacy Policy

DNAi Systems — Last updated March 7, 2026

1. Introduction

This Privacy Policy describes how DNAi Systems ("we," "us," "Company") collects, uses, and protects your information when you use Harley AI ("the Platform") as a trainer or client. By using the Platform, you consent to the practices described in this policy.

2. Information We Collect

2.1 All Users

Account information (name, email address) via authentication providers
Chat conversations with Harley AI
Messages sent between trainers and clients
Voice inputs and transcriptions (if voice features are used)
Device and browser information
Usage data (session timestamps, features accessed)
IP address (for security and fraud prevention)
Cookies required for authentication and session management

2.2 Trainers

Business information (credentials, certifications, business name)
Payment processing data (handled by our payment processor; we do not store full card numbers)
Alternative payment handles (if provided)
Exercise libraries, workout programs, and training content you create
Client rosters and client management data
Uploaded documents and media
Subscription and billing information

2.3 Clients

Fitness data (workouts, sets, reps, weight, exercise history)
Nutrition logs
Wearable device data (if connected): recovery scores, heart rate variability, resting heart rate, sleep metrics, and activity data
Waiver signatures and onboarding information
Progress tracking data
Guardian information (if client is under 18)

3. How We Use Your Information

We use your information to:

Operate and deliver the Platform's features
Generate AI-powered workout recommendations, training plans, coaching suggestions, and business insights
Process payments through our payment processing partners
Enable communication between trainers and clients (text, voice, and media)
Sync and display wearable device data
Improve the Platform's functionality and user experience
Comply with legal obligations and enforce our terms

4. Legal Basis for Processing (GDPR)

We process your data under the following legal bases:

Contract (Article 6(1)(b)): To provide the services you requested when you created your account
Explicit Consent (Article 9(2)(a)): For processing health and fitness data, wearable biometric data, and any data imported or migrated from third-party platforms at your direction
Legitimate Interests (Article 6(1)(f)): For security, fraud prevention, service improvement, and platform integrity
Legal Obligation (Article 6(1)(c)): Where required by law, such as tax records for payment processing

You may withdraw consent at any time by contacting us or using in-app controls. Withdrawal does not affect the lawfulness of processing before withdrawal.

5. AI Processing

AI features are powered by a combination of on-premise inference infrastructure and third-party AI services, all operating under zero data retention (ZDR) agreements or equivalent data isolation guarantees. Your data is processed to generate responses but is not stored by AI service providers and is not used to train third-party AI models.

AI-generated content (workout suggestions, client insights, drafted messages, business analytics) is intended as a tool for qualified fitness professionals and is not a substitute for professional judgment.

The Platform is not a medical device and does not provide medical advice, diagnosis, or treatment.

6. Data Sharing

6.1 Trainer-Client Relationship

Trainers can view data belonging to their own clients only, including fitness metrics, workout logs, nutrition data, wearable data, messages, and waiver records.
Clients can view their own data and training content assigned to them by their trainer.
Trainer data is stored in isolated, per-trainer environments. Your data is never commingled with other trainers' data.

6.2 Third-Party Services

The Platform uses third-party service providers in the following categories. Specific providers may change over time; we maintain data processing agreements with all processors and will update this section as material changes occur:

Authentication: Identity verification and single sign-on
Payment Processing: Subscription billing and trainer payouts (receives payment and account data as described in the processor's own privacy policy)
AI Inference: Language model processing under zero data retention agreements
Wearable Integrations: Health device data sync for clients who connect a supported device (receives only the data necessary for integration)
Voice Processing: Speech-to-text and text-to-speech conversion under data processing agreements with zero data retention (audio is processed in real-time and not stored by the provider)
Content Delivery & Security: CDN, DDoS protection, and edge security
Typography & Assets: Web font delivery (your IP address may be shared with the font provider when fonts load)

A current list of specific sub-processors is available upon request by contacting support@dnai.systems.

6.3 Data Migration

If you migrate data to Harley from a third-party platform (e.g., another training management system), we process that imported data under the same protections described in this policy. Imported data is stored in your isolated tenant environment and is subject to the same retention, deletion, and access controls as data created natively on the Platform. We do not retain copies of data from third-party platforms beyond what is necessary to complete the migration.

6.4 What We Never Do

We never sell your data to third parties
We never share your data with advertisers or insurance companies
We never use your biometric or fitness data for any purpose other than delivering the Platform's features
We never allow commercial interests to influence training recommendations
We never use your data to train AI models without explicit opt-in consent

7. Data Security

TLS 1.3 encryption for all data in transit
AES-256 encryption for all data at rest
Role-based access controls with audit logging
Per-trainer data isolation
Regular security assessments and vulnerability monitoring
Encrypted off-site backups with geographic redundancy

8. Data Retention and Deletion

Account Data: Retained until account deletion
Fitness and Training Data: Retained until account deletion or explicit deletion request
Messages: Retained until account deletion or explicit deletion request
Usage Logs: 90 days for security and debugging purposes
Security & Authentication Logs: 1 year for fraud detection and incident response
Audit Logs: 7 years where required by applicable financial, tax, or regulatory obligations
Payment Records: Retained as required by tax law (typically 7 years)

All retained data is stored on encrypted primary infrastructure with encrypted off-site backups. Backup copies follow the same retention schedule and are purged within 30 days of the primary data's deletion.

You may request deletion of your data at any time by contacting support@dnai.systems. Upon account termination, you may request a full data export in a machine-readable format within 30 days.

9. Data Breach Notification

In the event of a data breach affecting your personal data, we will:

Notify affected users within 72 hours of discovery
Report to relevant supervisory authorities as required by law
Provide details of the breach, potential impact, and remedial measures
Offer guidance on protective steps you can take

10. Children's Privacy & Minor Safety

The Platform is not intended for use by individuals under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact us immediately at support@dnai.systems and we will delete it promptly.

Users between 13 and 17 may use the Platform with verifiable guardian consent, which is collected during the onboarding process. For minor users, the following safeguards apply:

AI coaching features will not recommend caloric deficit goals, restrictive eating patterns, or body weight targets for users under 18
Content related to body composition is presented in the context of athletic performance and health, never aesthetic goals
If the Platform detects language or patterns consistent with disordered eating or body dysmorphia, it will provide evidence-based health resources and encourage the user to speak with a trusted adult or healthcare provider
Trainers are responsible for age-appropriate programming for their minor clients

11. Wearable & Health Device Data

If you connect a supported wearable or health device, we may collect recovery scores, heart rate variability, resting heart rate, sleep metrics, and activity data. This biometric data is:

Used solely to enhance your training experience
Visible to you and your trainer only
Never sold or shared with third parties
Deletable at any time by disconnecting your device, which stops all future data collection

12. Voice Features

The Platform may offer voice-based interaction including speech-to-text and text-to-speech. When you use voice features:

Audio is processed in real-time by our voice processing providers under zero data retention agreements
Audio recordings are not stored by DNAi Systems or our providers after transcription is complete
The resulting text transcription is treated the same as typed input under this policy
You can disable voice features at any time in your settings

13. Cookies

Essential Cookies: Required for authentication and session management. Cannot be disabled.
Analytics Cookies: Optional. Used to understand usage patterns and improve the Platform. You can accept or decline these via the cookie banner.

14. International Data Transfers

Your data is stored on DNAi Systems infrastructure in the United States. If you access the Platform from outside the United States, your data may be transferred to and processed in the United States. We protect international transfers through Standard Contractual Clauses (SCCs) and Data Processing Agreements with all third-party processors.

15. Your Rights

You have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate information
Erasure: Request deletion of your data ("right to be forgotten")
Portability: Receive your data in a machine-readable format
Object: Opt out of certain data processing
Restriction: Request limited processing while a dispute is resolved
Withdraw Consent: Revoke previously given consent at any time
Non-Discrimination: Exercise your rights without penalty to your service

EU/EEA users have rights under the General Data Protection Regulation (GDPR). California users have rights under the California Consumer Privacy Act (CCPA/CPRA). India users have rights under the Digital Personal Data Protection Act (DPDP Act).

We will respond to data rights requests within: GDPR: 30 days · CCPA: 45 days · DPDP Act: 30 days.

16. Changes to This Policy

We may update this Privacy Policy at any time. Material changes will be communicated via email or in-app notice at least 30 days before taking effect. Continued use of the Platform after changes constitutes acceptance.

17. Contact

For all privacy inquiries and data requests: support@dnai.systems

DNAi Systems · Incorporated in Delaware · dnai.systems