Privacy Policy

2.1 Personal Information

• Name: First name and last name
• Email Address: Used for account creation, authentication, and communication
• Age: Used for personalized plan generation
• Biological Sex: Used for fitness and nutrition recommendations
• Height and Weight: Used for BMI calculation and plan customization
• Profile Photo: Optional, if you choose to upload one

2.2 Health and Fitness Data

• BMI (Body Mass Index): Calculated from height and weight
• Target Goals: Weight loss, muscle gain, maintenance, etc.
• Workout Experience: Beginner, intermediate, or advanced
• Activity Level: Sedentary, lightly active, moderately active, very active, or extremely active
• Sleep Patterns: Target sleep hours and completion tracking
• Stress Levels: Self-reported stress indicators
• Daily Steps: Step count tracking
• Exercise Completions: Records of completed workouts
• Meal Completions: Records of completed meals
• Weight Entries: Historical weight tracking data
• Progress Photos: Optional, if you choose to upload them

2.3 Dietary Information

• Diet Type: Vegetarian, non-vegetarian, vegan, etc.
• Food Allergies: Allergies and intolerances
• Cooking Ability: Skill level in meal preparation
• Budget Level: Food budget preferences
• Regional Preferences: Cuisine preferences and regional food choices
• Meal Preferences: Breakfast, lunch, dinner preferences

2.4 Lifestyle Information

• Job Type: Occupation and work schedule
• Screen Time: Daily screen time tracking
• Smoking Habits: Smoking status and frequency
• Alcohol Consumption: Alcohol consumption patterns
• Lifestyle Struggles: Self-reported challenges and goals
• Habit Completions: Tracking of lifestyle habit adherence

2.5 Authentication Data

• Password: Encrypted and hashed (we cannot see your actual password)
• Google Sign-In Data: If you use Google authentication, we receive:
  • Google account email
  • Google account name (given name and family name)
  • Google account profile picture (optional)
  • Google account ID

2.6 Payment Information

• Payment Method: Processed through Razorpay (we do NOT store credit card numbers, CVV, or full card details)
• Transaction Records: Payment history, transaction IDs, amounts, and timestamps
• Billing Address: If required for payment processing

2.7 Technical Information

• Device Information: Device type, operating system, device identifiers
• App Usage Data: Features used, time spent, interaction patterns
• Log Data: IP address, access times, error logs, crash reports
• Location Data: General location (country/region) - we do NOT collect precise GPS location

2.8 AI-Generated Content

• Generated Plans: Workout plans, diet plans, and lifestyle plans created by our AI system
• Plan History: All previously generated plans
• User Feedback: Any feedback you provide on plans (if applicable)

4.1 How Our AI Works

Our Service uses advanced Artificial Intelligence based personalization to generate personalized plans:

• AI Models: We use properly trained AI models (Azure OpenAI) to analyze your profile data
• Knowledge Base: Our AI-based personalization system retrieves relevant fitness and nutrition guidelines from our curated knowledge base
• Personalization: Plans are generated based on your specific profile, goals, preferences, and constraints
• Continuous Learning: Our AI models may be updated and improved over time

4.2 AI Limitations

• AI-generated content is based on general fitness and nutrition principles
• Plans are NOT medical advice, diagnosis, or treatment
• AI may not account for all individual health conditions or circumstances
• You should always consult a healthcare professional for medical concerns

4.3 Data Used for AI Training

• We may use anonymized and aggregated data to improve our AI models
• Personal identifiers are removed before using data for model training
• Your individual data is NOT used to train third-party AI models

6.1 Data Storage

• Location: Your data is stored on secure cloud servers (MongoDB Atlas, Microsoft Azure)
• Retention: We retain your data for as long as your account is active or as needed to provide services
• Deletion: You can request account deletion at any time (see Section 8)

6.2 Security Measures

• Encryption: Data is encrypted in transit (HTTPS/TLS) and at rest
• Authentication: Secure password hashing (bcrypt) and JWT tokens
• Access Controls: Limited access to personal data on a need-to-know basis
• Regular Security Audits: We conduct regular security assessments
• Secure Payment Processing: Payment data is processed through PCI-DSS compliant Razorpay

6.3 Data Breach Notification

In the unlikely event of a data breach that compromises your personal information, we will:

• Notify you within 72 hours (or as required by applicable law)
• Provide details about what information was compromised
• Explain steps we are taking to address the breach
• Recommend actions you should take to protect yourself

9.1 Data Transfer

Your data may be transferred to and processed in countries other than your country of residence, including:

• United States: Azure cloud services
• India: Our primary operations and Razorpay payment processing
• Other Countries: Where our service providers operate

9.2 Transfer Safeguards

We ensure appropriate safeguards are in place for international data transfers:

• Standard Contractual Clauses (SCCs) for EEA data transfers
• Adequate security measures and encryption
• Compliance with applicable data protection laws

10.1 Cookies

Our Service may use cookies and similar tracking technologies:

• Authentication Cookies: To maintain your login session
• Analytics Cookies: To understand app usage (anonymized)
• Functional Cookies: To remember your preferences

10.2 Tracking

• We do NOT use third-party advertising trackers
• We do NOT share data with advertising networks
• Analytics are anonymized and aggregated

12.1 Retention Period

• Active Accounts: Data is retained while your account is active
• Inactive Accounts: Data may be retained for up to 3 years after last activity
• Deleted Accounts: Data is permanently deleted within 30 days of account deletion request (subject to legal requirements)

12.2 Legal Retention

We may retain certain data longer if required by law, such as payment records, legal dispute records, and fraud prevention records.

13.1 Updates

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Updating the "Last Updated" date at the top of this policy
• Posting a notice in the app
• Sending an email notification (for significant changes)

13.2 Continued Use

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

13.3 Review

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

15.1 Applicable Law

This Privacy Policy is governed by the laws of India, subject to applicable data protection laws (GDPR, CCPA, etc.).

15.2 Dispute Resolution

Any disputes regarding privacy will be resolved through:

• First, direct communication with us
• If unresolved, through binding arbitration in India
• Subject to applicable data protection authority oversight

17.1 Links to Other Services

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these external services. We encourage you to review their privacy policies.

17.2 Social Media

If you connect your social media accounts (e.g., Google Sign-In), those services may collect information about your use of our Service. Please review their privacy policies.

17.3 Do Not Track

Our Service does not currently respond to "Do Not Track" signals from browsers. However, we do not use third-party advertising trackers.