Privacy Policy

Last updated: May 29, 2026

Fitnora ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service"). Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service.

1. Information We Collect

1.1 Information You Provide Directly

• Account information: name, email address, and password when you register.
• Profile & onboarding data: fitness goal, fitness level, available equipment, weekly schedule, body stats (height, weight, age), injuries, and training experience.
• Workout logs: exercises performed, sets, reps, weights, session duration, and notes.
• Communications: messages or feedback you send to us directly.

1.2 Information Collected Automatically

• Device information: device type, operating system version, unique device identifiers, and mobile network information.
• Usage data: features accessed, screens viewed, session duration, and interaction events.
• Performance data: crash reports, error logs, and diagnostic information.
• Purchase data: subscription status and transaction identifiers (processed through Apple App Store or Google Play — we do not store full payment card information).

1.3 Health & Fitness Data

Fitnora may access Apple HealthKit or Google Fit data (e.g. step counts, heart rate, active energy) only if you explicitly grant permission. This data is used solely to enhance your workout experience and is never sold or shared with advertisers.

2. How We Use Your Information

We use the information we collect to:

• Create and manage your account.
• Generate and personalise your workout plans.
• Track your progress and provide performance insights.
• Process subscription payments and manage entitlements.
• Send transactional notifications (e.g. workout reminders) you have opted into.
• Improve, test, and maintain the Service.
• Respond to support requests and feedback.
• Comply with legal obligations.

We do not sell your personal data to third parties. We do not use your health or fitness data for advertising purposes.

3. How We Share Your Information

We may share your information with:

• Service providers: cloud hosting (Supabase), analytics (anonymised), push notification services, and payment processors (Apple / Google) under confidentiality agreements.
• RevenueCat: subscription management; receives your app user ID and purchase events. See RevenueCat's Privacy Policy.
• Legal authorities: when required by law, court order, or to protect rights, property, or safety.
• Business transfers: in the event of a merger, acquisition, or sale of assets, your data may be transferred with appropriate notice.

4. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. You may request deletion at any time by contacting us at privacy@fitnora.app. We will delete or anonymise your data within 30 days of a verified request, except where retention is required by law.

5. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access: request a copy of the personal data we hold about you.
• Correction: request correction of inaccurate or incomplete data.
• Deletion: request erasure of your personal data ("right to be forgotten").
• Portability: receive your data in a structured, machine-readable format.
• Objection / Restriction: object to or restrict certain processing activities.
• Withdraw consent: where processing is based on consent, withdraw it at any time without affecting prior processing.

To exercise any of these rights, contact us at privacy@fitnora.app. We will respond within 30 days.

6. Children's Privacy

The Service is not directed to children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.

7. Security

We implement industry-standard technical and organisational measures to protect your data, including TLS encryption in transit, encrypted storage at rest, and access controls. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access.

9. International Data Transfers

Your information may be stored and processed in countries other than your own. Where we transfer data outside the EEA, we ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses).

10. Push Notifications

With your permission, we may send push notifications for workout reminders and app updates. You can disable notifications at any time in your device settings.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via in-app notification or email at least 14 days before the changes take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:

• Email: privacy@fitnora.app
• Support: support@fitnora.app