Privacy Policy

Last updated: January 13, 2026

Introduction

FitOS ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our fitness coaching platform, including our mobile application and website.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application or website.

Information We Collect

Personal Information

We collect information that you provide directly to us when you:

  • Create an account (name, email address, password)
  • Complete your profile (age, gender, fitness goals, measurements)
  • Use our services (workout logs, nutrition entries, progress photos)
  • Communicate with us or your trainer
  • Make payments (processed securely through Stripe)

Health and Fitness Data

With your consent, we collect health and fitness data including:

  • Workout performance (exercises, sets, reps, weight lifted)
  • Nutrition logs (food intake, macronutrients, calories)
  • Body measurements and progress photos
  • Wearable device data (heart rate, sleep, steps, HRV) via Terra API

Voice and Photo Data

When you use our AI-powered features, we collect:

  • Voice recordings (temporarily processed for workout and nutrition logging, not permanently stored)
  • Photos of meals (processed for food recognition, stored until you delete them)
  • AI chat conversations with your trainer's AI assistant

Automatically Collected Information

When you use FitOS, we automatically collect certain information including:

  • Device information (device type, operating system, unique identifiers)
  • Usage data (features accessed, time spent, interactions)
  • Location data (if you grant permission)
  • Log data (IP address, browser type, access times)

How We Use Your Information

We use the information we collect to:

  • Provide Services: Deliver our fitness coaching platform, process transactions, and send service-related communications
  • AI Features: Process voice commands, recognize food in photos, generate personalized coaching responses, and provide proactive interventions at optimal times (JITAI)
  • Personalization: Customize your experience, recommend workouts, and track your progress
  • Trainer-Client Relationships: Enable communication and data sharing between trainers and their clients
  • Improve Platform: Analyze usage patterns, identify bugs, and develop new features. AI models may be trained on anonymized, aggregated data to improve accuracy
  • Safety & Security: Protect against fraud, unauthorized access, and other security threats
  • Legal Compliance: Comply with applicable laws, regulations, and legal processes
  • Marketing: Send promotional emails through our CRM system (you can opt out at any time)

Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

With Your Trainer

If you are a client, your trainer can access your workout logs, nutrition data, measurements, progress photos, and other information you choose to share.

With Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Supabase: Database and authentication services
  • Stripe: Payment processing (we do not store your full credit card information)
  • Terra API: Wearable device integration
  • Google Cloud Platform: AI backend hosting (LangGraph) and data processing
  • Anthropic (Claude AI): AI language model for coaching chat and text processing
  • Deepgram: Voice transcription for workout and nutrition logging
  • Passio AI: Food recognition from photos
  • Resend: Email delivery for CRM campaigns
  • Sentry: Error tracking and monitoring

For Legal Reasons

We may disclose your information if required by law, court order, or governmental authority, or to protect our rights, property, or safety.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit (HTTPS/TLS) and at rest
  • Row-level security policies in our database
  • Regular security audits and penetration testing
  • Access controls and authentication requirements
  • Secure storage of progress photos with signed URLs

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security.

Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Data Portability: Request your data in a machine-readable format
  • Opt-Out: Unsubscribe from marketing emails
  • Withdraw Consent: Revoke consent for wearable data collection

To exercise these rights, please contact us at privacy@nutrifitos.com. We will respond within 30 days.

Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. If you delete your account:

  • Your profile and personal information will be deleted within 30 days
  • Workout and nutrition logs may be retained in anonymized form for analytics
  • Financial records will be retained as required by law (typically 7 years)
  • Backups containing your data will be deleted within 90 days

Children's Privacy

FitOS is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@nutrifitos.com.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using FitOS, you consent to the transfer of your information to the United States and other countries where we operate.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. Your continued use of FitOS after changes are posted constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have questions or concerns about this Privacy Policy, please contact us: