FitNFaith
← Home

Privacy Notice

Last updated: June 11, 2026

1. Who we are

FitNFaith ("we", "us", "our") operates the FitNFaith service. For the personal data we collect through the Service, we act as the data controller.

2. Personal data we collect

  • Account data: name, email address, login credentials, authentication tokens.
  • Profile & health data you provide: goals, training experience, equipment, body metrics, weight history, progress photos, dietary preferences, and other inputs you share to receive plans.
  • Usage data: workouts completed, sets/reps logged, nutrition logs, reflections, check-ins, prayers, streaks.
  • Support communications: messages you send us.
  • Technical & device data: IP address, device identifiers, browser/OS, log data, and basic telemetry needed to operate and secure the Service.

3. Why we use it (purposes & legal bases)

  • Provide the Service (account creation, generating plans, tracking progress) — performance of a contract with you.
  • Improve the Service (analytics, debugging, model evaluation) — legitimate interests.
  • Security & fraud prevention — legitimate interests and legal obligations.
  • Customer support — performance of a contract.
  • Marketing communications (e.g. product updates) — consent, which you may withdraw at any time.

4. How we share data

We share personal data only with:

  • Service providers / subprocessors we rely on to operate the Service: cloud hosting, database, authentication, AI inference providers, analytics, error monitoring, and customer-support tooling.
  • Paddle.com, our Merchant of Record, for processing sales, subscription management, payments, tax compliance, invoicing, and refunds.
  • Professional advisers (legal, accounting) where reasonably necessary.
  • Authorities where required by law, court order, or to protect rights and safety.

We do not sell your personal data.

5. International transfers

We are based in the United States. If you access the Service from outside the US, your data may be transferred to and processed in countries with different data-protection laws. Where required (UK/EEA), we rely on appropriate safeguards such as the Standard Contractual Clauses or adequacy decisions.

6. Data retention

We keep personal data only as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. When no longer needed, we delete or anonymize it. You can request deletion of your account at any time.

7. Your rights

Subject to applicable law, you may have the right to access, correct, delete, restrict, or port your personal data; object to certain processing; withdraw consent; and lodge a complaint with your local supervisory authority. For UK/EEA users, GDPR rights apply and we will respond within one (1) month. To exercise these rights, contact us via the in-app support channel.

8. Security

We use appropriate technical and organisational measures — including encryption in transit, access controls, and least-privilege practices — to protect personal data. No system is perfectly secure; please use a strong password and protect your credentials.

9. Cookies

We use essential cookies and similar technologies needed to authenticate users, remember preferences, and secure the Service. We may use limited analytics cookies to understand usage. You can manage cookies through your browser settings; disabling essential cookies will break parts of the Service.

10. Children

The Service is not directed to children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us so we can delete it.

11. Changes

We may update this notice from time to time. Material changes will be communicated in-app or by email.

12. Contact

Privacy questions: contact us through the in-app support channel.