Health & Fitness · Privacy report
Club Pilates icon
Club Pilates
Free · ★4.8 · Xponential Fitness LLC

Is Club Pilates safe?

It leans heavily on third-party trackers.

Our take. Club Pilates is built with more third-party tracking code than 83% of the health & fitness we have scanned.

Privacy footprint · vs 109 health & fitnessHeavy
Trackers from other companies10 · a lot
typical health & fitness: 6
Data the app links to you4 types · some
typical health & fitness: 5 · from its own privacy label
What it collects about you

Club Pilates links 4 categories of your data to you.

From the developer's own App Store privacy label. These are the kinds of data Club Pilates ties to your identity.

Financial InfoContact InfoIdentifiersUsage Data
Who else is inside

It carries trackers from 4 companies.

Third-party SDKs found in the app, matched to the company that publishes each. Present in the code; we do not observe what they transmit.

🇺🇸GoogleAnalytics
Firebase, AdMob and Google analytics SDKs, built to record how you use the app and serve ads.
7
SDKs
🏢Other third partiesadvertising
A third-party SDK.
1
SDK
🇺🇸BranchAttribution
Deep linking and marketing attribution.
1
SDK
🇺🇸AmplitudeAnalytics
Product analytics, built to record detailed behaviour inside the app.
1
SDK
How it compares

Where it sits among health & fitness.

Every one of these apps we have scanned, on the two measures above: third-party trackers it carries (across) and data it links to you on its own label (up). Toward the top right is more invasive.

Each dot is one health & fitnes app. Club Pilates sits to the right, carrying more third-party tracking than most.

The evidence

What it's built from.

All 32 SDKs in the app, grouped by what they are for. 10 are third-party trackers.

1
1
8
2
1
19
1advertising
1attribution
8analytics
2crash reporting
1push & messaging
19standard libraries

10 of the 32 are third-party trackers. One is a push-notification SDK that delivers notifications, rather than tracking you across apps. The rest are the app's own code and standard open-source building blocks.

Show the full SDK list
GoogleAnalytics · USA
Google Analytics Connector · Firebase A/B Testing · Firebase Core · Firebase Remote Config · Firebase Remote Config Interop · Firebase Sessions · Google Data Transport
Other third partiesadvertising
Snap Kit
BranchAttribution · USA
Branch
AmplitudeAnalytics · USA
Amplitude
Push & messaging1 · notifications
AirshipKit
Standard libraries19 · on-device
The app's own code plus open-source interface, storage and networking libraries.

How we know this

Counterspy downloads the app from the App Store and statically analyzes its compiled binary. Embedded SDKs are matched against a signature database and resolved to the company that operates each. We also read the developer's App Store privacy label, which lists the data the app says it collects and links to you. We do not run the app or intercept its traffic, so we report capabilities present in the code and the developer's own disclosures, not proven transmission. We assess privacy and data collection, not malware, security flaws, or developer intent. Reports are automated and never edited for payment. Scan v3.14.2, 2026-04-04.

  1. Third-party trackers are advertising, analytics and attribution SDKs detected by static signature matching. Presence shows a capability is compiled in, not that it ran or transmitted data.
  2. "Data the app links to you" is the count of data categories the developer declares as Data Linked To You in its App Store privacy label. Labels are self-reported and not verified by Apple.
  3. Comparison across the 109 health & fitness in our corpus. Trackers: median 6. Data linked to you: median 5.