Legal

Privacy Policy

Last updated: November 2024

This Privacy Policy explains how FitOr4Fit ("FitOr4Fit", "we", "us", "our") collects, uses, shares, and protects information in connection with the FitOr4Fit mobile application and related services (the "Service").

By using the Service, you agree to this Privacy Policy. If you do not agree with it, please do not use the Service.


1. Who We Are and How to Contact Us

The Service is provided by:

FitOr4Fit
770 East 500 South
Salt Lake City, UT 84102
United States

For the purposes of data protection laws (including the EU General Data Protection Regulation "GDPR" and the UK GDPR), FitOr4Fit is the data controller of your personal information, unless stated otherwise.

If you have questions or concerns about this Privacy Policy or our data practices, you can contact us at:

If you are located in the European Economic Area (EEA), United Kingdom (UK), or another jurisdiction with specific privacy rights, you may have additional rights described in Section 10.


2. Information We Collect

We collect the following categories of information about you when you use the Service:

2.1 Account and Profile Information

When you register and use the Service, we may collect:

We may also receive certain information from the third-party providers you use to sign in (e.g., Google or Apple), such as your name, email address, and profile image, according to their privacy policies and your settings.

2.2 Challenge, Usage, and Device Information

When you use the Service, we may collect:

2.3 Health, Fitness, and Location Information

With your explicit permission, we access certain health and fitness data from:

Depending on your permissions and platform, we may access:

We do not intentionally collect or store other categories of health data such as heart rate, weight, or medical conditions unless clearly needed for a feature and explicitly disclosed to you.

2.4 Payment and Financial Information

We use third-party payment processors (e.g., Stripe for entry fees; PayPal, Tremendous, or similar services for payouts). Through these providers and our database, we may collect:

We do not store full payment card numbers or CVV codes on our servers. These are processed directly by our payment processors.

2.5 Communications and Support

If you contact us by email or through support channels, we may collect:

2.6 Push Notifications

If you enable push notifications, we may collect:

You can disable push notifications at any time through device settings, though this may affect certain features (such as reminders).


3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 To Provide and Operate the Service

3.2 To Ensure Fair Play and Prevent Fraud

3.3 To Communicate with You

3.4 To Improve and Develop the Service

3.5 To Comply with Legal Obligations and Enforce Rights

Where applicable law requires a legal basis for processing (for example, under the GDPR or UK GDPR), we rely on:


4. How We Share Your Information

We share information with third parties only in the ways described in this Privacy Policy or when we have your consent.

4.1 Service Providers and Subprocessors

We share information with third-party vendors who help us operate, maintain, and improve the Service, including:

These service providers are authorized to process your information only as necessary to perform services for us and are subject to appropriate confidentiality, security, and data protection obligations.

4.2 Other Users

To support challenge functionality, we may display limited information about you to other users, such as:

We do not share your email address, payout details (such as PayPal email or Venmo phone), or raw health data with other users.

4.3 Legal and Safety Reasons

We may disclose your information if we believe in good faith that such disclosure is reasonably necessary to:

4.4 Business Transfers

If we are involved in a merger, acquisition, restructuring, financing, or sale of assets, your information may be transferred as part of that transaction, subject to continued protection consistent with this Privacy Policy. We will provide notice of any such transfer where required by law.

4.5 No Sale of Personal Information

We do not sell your personal information as the term "sell" is commonly defined, including under the California Consumer Privacy Act (CCPA/CPRA). We do not share your health or precise location data with third-party advertisers for targeted advertising.


5. Health and Sensitive Data

Because the Service processes health- and location-related data, we apply additional safeguards:

Under GDPR/UK GDPR, health data is considered "special category data." We process it only when you have given your explicit consent (e.g., granting permissions in Apple Health or Health Connect and within the app) and only for the limited purposes described above.

You can revoke access to health data at any time in your device settings; however, this may limit or prevent the Service from functioning as intended.


6. Data Retention

We retain your information for as long as reasonably necessary to:

In general:

When we no longer need personal information, we will delete or anonymize it, subject to technical, legal, and security constraints.


7. Security

We implement reasonable and appropriate administrative, technical, and physical safeguards designed to protect your information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Examples include:

However, no method of transmission over the internet or method of electronic storage is 100% secure. You are responsible for maintaining the security of your device and the accounts (e.g., Google, Apple, PayPal) you connect to the Service.


8. International Data Transfers

We and our service providers may process your information in the United States and other countries that may have different data protection laws than your country of residence.

Where required by law (e.g., for EEA/UK users), we take steps to ensure that appropriate safeguards are in place for cross-border transfers of personal information, such as:

By using the Service, you understand that your information may be transferred to and processed in countries outside of your own, including the United States.


9. Your Rights and Choices

Your rights vary depending on where you live, but may include the following:

9.1 General Rights

Subject to applicable law, you may have the right to:

You can exercise some rights directly in the app or in your device settings (for example, revoking HealthKit or Health Connect permissions or disabling notifications). For other rights, you can contact us using the details above.

We may need to verify your identity before fulfilling your request, and some requests may be limited or denied where allowed by law (for example, where fulfilling the request would conflict with legal obligations or the rights of others).

9.2 Rights of EEA/UK Users

If you are located in the EEA or UK, you have the rights set out above under the GDPR/UK GDPR and also the right to lodge a complaint with your local data protection authority. A list of EU supervisory authorities can be found on the European Data Protection Board website, and the UK authority is the Information Commissioner's Office (ICO).


10. California Privacy Notice (CCPA/CPRA)

If you are a California resident, this section supplements the rest of this Privacy Policy and describes additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

10.1 Categories of Personal Information We Collect

In the past 12 months, we may have collected the following categories of personal information, as defined by California law:

10.2 Sources of Personal Information

We obtain the categories of personal information described above from:

10.3 Purposes for Collection and Use

We use personal information for:

We do not use sensitive personal information (such as health and precise geolocation data) to infer characteristics about you for marketing or for cross-context behavioral advertising. We use it only as necessary to provide the Service and ensure fair play.

10.4 Disclosure of Personal Information

We may disclose the categories of personal information listed above to the service providers and third parties identified in Section 4 for the business purposes described in this Privacy Policy.

We do not "sell" or "share" personal information (including sensitive personal information) for cross-context behavioral advertising as those terms are defined in the CCPA/CPRA.

10.5 Your California Privacy Rights

If you are a California resident, you have the right to:

You can exercise these rights by contacting us at the email address provided in Section 1 and indicating that you are making a request under the CCPA/CPRA. We may need to verify your identity before fulfilling your request.

You may also authorize an agent to make requests on your behalf, subject to verification and applicable law.


11. Children's Privacy

The Service is not intended for children under 18 years of age, and we do not knowingly collect personal information from children under 18.

If we become aware that we have collected personal information from a child under 18 without appropriate consent, we will take steps to delete that information where required by law. If you believe a child has provided us with personal information, please contact us using the details above.


12. Third-Party Links and Services

The Service may contain links to third-party websites, apps, or services. This Privacy Policy does not apply to those third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you interact with.


13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will:

If you continue using the Service after the revised Privacy Policy becomes effective, you are deemed to have accepted the changes. If you do not agree with the changes, you should stop using the Service.


14. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us at:

FitOr4Fit
770 East 500 South
Salt Lake City, UT 84102
United States
Email: support@fitor4fit.com