Privacy Policy

Last Updated: June 8, 2025

Important: This Privacy Policy explains how Fitmoji collects, uses, and protects your personal information. Please read it carefully to understand your privacy rights and choices.

Fitmoji Inc. ("Fitmoji," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Services"). This policy applies only to information collected through the Services and not to information collected offline or through third-party websites.

1. Information We Collect

1.1 Personal Information You Provide

We collect information you voluntarily provide when using our Services:

Data Type Examples Purpose
Account Information Name, email address, phone number, date of birth Account creation, authentication, communication
Profile Data Fitness goals, preferences, dietary restrictions, physical measurements Personalized recommendations and coaching
User Content Messages, photos, workout logs, progress notes Service functionality, progress tracking
Communication Data Support requests, feedback, survey responses Customer support, service improvement

1.2 Health and Fitness Data

HealthKit Integration: With your explicit permission, we may access health and fitness data from Apple HealthKit, including:

  • Physical activity data (steps, workouts, active energy)
  • Body measurements (weight, height, body mass index)
  • Heart rate and cardiovascular data
  • Sleep data
  • Nutrition information

Device Sensors: We may collect data from your device's built-in sensors (accelerometer, gyroscope) to track movement and activity.

Manual Entry: Health and fitness information you manually enter into the app.

1.3 Automatically Collected Information

We automatically collect certain information when you use our Services:

  • Device Information: Device type, operating system, unique device identifiers, mobile carrier
  • Usage Data: App features used, time spent in app, frequency of use, user interactions
  • Technical Data: IP address, browser type, app version, crash reports, performance data
  • Location Data: Approximate location based on IP address (we do not collect precise GPS location)

1.4 Cookies and Tracking Technologies

We use various technologies to collect information, including:

  • Local storage and session storage
  • Mobile app analytics tools
  • Crash reporting services
  • Performance monitoring tools

2. How We Use Your Information

We use your information for the following purposes:

2.1 Service Provision

  • Create and manage your account
  • Provide personalized fitness and health recommendations
  • Generate AI-powered coaching and guidance
  • Track your progress and achievements
  • Facilitate app functionality and features

2.2 Communication

  • Send you service-related notifications and updates
  • Respond to your inquiries and provide customer support
  • Send promotional materials (with your consent)
  • Notify you about changes to our Services or policies

2.3 Improvement and Analytics

  • Analyze usage patterns to improve our Services
  • Conduct research and development
  • Troubleshoot technical issues
  • Enhance user experience and app performance

2.4 Safety and Compliance

  • Prevent fraud and ensure security
  • Enforce our Terms of Use
  • Comply with legal obligations
  • Protect our rights and interests

2.5 Legal Basis for Processing (GDPR)

We process your personal information based on:

  • Consent: When you provide explicit consent (e.g., HealthKit access)
  • Contract: To provide Services you've requested
  • Legitimate Interests: For business operations, security, and improvements
  • Legal Compliance: To meet legal requirements

3. How We Share Your Information

We do not sell your personal information to third parties.

We may share your information in the following limited circumstances:

3.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our Services:

  • Cloud Storage: AWS, Google Cloud (data hosting and storage)
  • Analytics: App analytics and performance monitoring services
  • Customer Support: Help desk and communication platforms
  • Payment Processing: Apple App Store for subscription payments
  • AI Services: Third-party AI and machine learning platforms

These providers are bound by confidentiality agreements and may only use your information to provide services to us.

3.2 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal process, court orders, or government requests
  • Enforce our Terms of Use or other agreements
  • Protect the rights, property, or safety of Fitmoji, users, or others
  • Prevent fraud or security threats

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity, subject to this Privacy Policy.

3.4 Aggregated Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you for research, analytics, or business purposes.

3.5 With Your Consent

We may share your information with your explicit consent for specific purposes not covered in this policy.

4. Your Privacy Rights and Choices

4.1 Access and Control

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request your data in a portable format
  • Restriction: Limit how we process your information
  • Objection: Object to certain types of processing

4.2 Health Data Controls

  • HealthKit Permissions: Manage access through iOS Settings > Privacy & Security > Health
  • Data Export: Export your health data through the app or HealthKit
  • Selective Sharing: Choose which health data categories to share

4.3 Communication Preferences

  • Marketing Emails: Opt out using unsubscribe links
  • Push Notifications: Manage through device settings
  • Account Communications: Some service-related communications cannot be opted out

4.4 Account Deletion

You can request account deletion, which will:

  • Delete your account and associated data
  • Remove your personal information from our active systems
  • Revoke access to health data from HealthKit
  • Cancel any active subscriptions
Exercise Your Rights:
Submit privacy requests at: fitmoji.ai/contact/delete
Email: privacy@fitmoji.ai
Response time: Within 30 days of verified requests

5. Children's Privacy (COPPA Compliance)

Age Restriction: Our Services are intended for users 13 years and older.

5.1 Age Verification

We require users to be at least 13 years old. For users between 13-17, parental consent is required before collecting personal information.

5.2 Parental Rights

Parents of users under 18 have the right to:

  • Review their child's personal information
  • Request deletion of their child's account
  • Refuse further collection of their child's information
  • Contact us about their child's privacy

5.3 Accidental Collection

If we discover we have collected information from a child under 13 without parental consent, we will promptly delete such information.

6. Data Security

6.1 Technical Safeguards

We implement industry-standard security measures:

  • Encryption: Data encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • Access Controls: Role-based access and multi-factor authentication
  • Infrastructure: Secure cloud hosting with reputable providers
  • Monitoring: Continuous security monitoring and threat detection
  • Regular Audits: Security assessments and vulnerability testing

6.2 Organizational Safeguards

  • Employee training on privacy and security practices
  • Confidentiality agreements for all staff and contractors
  • Incident response procedures
  • Regular security policy updates

6.3 Your Responsibility

You are responsible for:

  • Keeping your login credentials secure
  • Using strong, unique passwords
  • Reporting suspected security breaches
  • Keeping your device and app updated

6.4 Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you and relevant authorities as required by applicable law, typically within 72 hours of discovery.

7. Data Retention and Deletion

7.1 Retention Periods

Data Type Retention Period Reason
Account Information Duration of account + 30 days Service provision and legal compliance
Health and Fitness Data Duration of account + 30 days Personalization and progress tracking
Usage and Analytics Data 24 months Service improvement and analytics
Support Communications 3 years Customer service and legal compliance
Financial Records 7 years Legal and tax compliance

7.2 Automatic Deletion

We automatically delete personal information when retention periods expire, except where longer retention is required by law.

7.3 Secure Disposal

When deleting data, we ensure secure disposal using industry-standard methods to prevent recovery.

8. International Data Transfers

Primary Operations: Our Services are primarily operated in and intended for users in the United States.

8.1 Cross-Border Transfers

Your information may be transferred to and processed in countries other than your country of residence, including:

  • United States (primary data processing)
  • Countries where our service providers operate
  • Countries with adequate data protection laws

8.2 Transfer Safeguards

When transferring data internationally, we ensure appropriate safeguards through:

  • Adequacy decisions by relevant authorities
  • Standard contractual clauses
  • Binding corporate rules
  • Certification programs

9. State-Specific Privacy Rights

9.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act:

  • Right to Know: What personal information we collect and how it's used
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of sale of personal information (we don't sell data)
  • Right to Non-Discrimination: Equal service regardless of privacy choices
  • Right to Correct: Correct inaccurate personal information
  • Right to Limit: Limit use of sensitive personal information

9.2 Other State Laws

We comply with applicable state privacy laws including Virginia CDPA, Colorado CPA, and others as they take effect.

10. Third-Party Services and Links

10.1 Apple HealthKit

Our integration with Apple HealthKit is governed by:

  • Apple's HealthKit Terms and Conditions
  • iOS privacy settings you control
  • Your specific permissions for data access

10.2 External Links

Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites.

10.3 Social Media Integration

If you connect social media accounts, those platforms' privacy policies govern the information shared with us.

11. Updates to This Privacy Policy

11.1 Policy Changes

We may update this Privacy Policy to reflect:

  • Changes in our Services or business practices
  • Legal or regulatory requirements
  • User feedback and privacy best practices

11.2 Notification of Changes

We will notify you of material changes through:

  • In-app notifications
  • Email notifications to registered users
  • Updates to this page with revision date

11.3 Continued Use

Continued use of our Services after policy updates constitutes acceptance of the revised Privacy Policy.

12. Contact Information

Privacy Inquiries

Email: privacy@fitmoji.ai

Data Requests: fitmoji.ai/contact/delete

General Support: support@fitmoji.ai

Response Times

We respond to privacy inquiries within 30 days. Complex requests may require up to 45 days with notification of the extension.

Effective Date: This Privacy Policy is effective as of June 8, 2025 and supersedes all previous versions.