Draft — pending legal review. This document is provided for internal review and is not yet final.

Privacy Policy

Last updated: [Effective date — set on publish]

1. Introduction

JFit ("JFit", "we", "us") provides a fitness coaching platform for personal trainers and their clients, available as a web dashboard and a mobile app. This Privacy Policy explains what information we collect, how we use and share it, and the choices you have. It applies to the JFit mobile app (package com.jacobdevelops.jfit) and the JFit website.

2. Information we collect

We collect the following categories of information so the service can function:

  • Account & identity. When you sign in we receive your name, email address, and a user identifier from your chosen sign-in provider (Google Sign-In, and Sign in with Apple where offered).
  • Profile & body metrics. Information you provide about yourself, such as body measurements and training preferences.
  • Workout & training data. Workout logs, completed sets, and check-in responses you record in the app.
  • Health & fitness data. With your explicit permission, the app reads steps, sleep, and resting heart rate from Apple Health (HealthKit) on iOS and Health Connect on Android. This data is used to auto-fill your daily wellness metrics. You can grant or revoke this access at any time in your device's Health or Health Connect settings.
  • Diagnostics. We use Firebase Crashlytics to collect crash logs, performance data, and a device installation identifier so we can diagnose and fix stability problems.

3. How we use your information

  • To provide, maintain, and operate the JFit service.
  • To auto-fill and display your daily wellness and fitness metrics.
  • To make your data available to your trainer as part of the coaching relationship (see Section 5).
  • To diagnose crashes and improve the reliability and performance of the app.
  • To communicate with you about your account and the service.

4. Health data — special handling

Health and fitness data receives additional protection. We never use health data for advertising, and we never sell it. Health data read from Apple Health or Health Connect is used only to provide the features described in this policy and is not shared with any third party for their own purposes. You can revoke the app's access to Apple Health or Health Connect at any time through your device settings; doing so stops further reads but does not delete metrics already saved to your account (see Section 7).

5. How your data is shared

  • With your trainer. JFit is a coaching product. If you are a client linked to a trainer, that trainer can view your profile, body metrics, workout logs, wellness metrics, and check-in responses in order to coach you. This sharing happens inside the product as a core part of the service.
  • Service providers. We rely on Google (sign-in and Firebase/Crashlytics) and Apple (Sign in with Apple, where offered) to deliver parts of the service. These providers process data on our behalf under their own terms.
  • Legal compliance. We may disclose information where required by law or to protect the rights, safety, and security of our users and the service.

We do not sell your personal information and do not use it for third-party advertising. The app contains no advertising or third-party tracking SDKs.

6. Data retention

We retain your personal data for as long as your account is active. If you delete your account, we delete your associated personal and health data, except where we are required to retain limited records to comply with legal, tax, or accounting obligations. [Retention period and any legally-required exceptions — to be confirmed by legal.]

7. Your rights and choices

  • Delete your account and data. You can delete your account and associated data at any time. In the mobile app, go to Profile → Delete account. On the web, sign in and go to Settings → Account → Delete account. For more detail, see our account deletion page.
  • Manage health permissions. Revoke the app's access to Apple Health or Health Connect in your device settings.
  • Access and correction. You can access and update much of your profile information directly in the app, or contact us for assistance.

8. Security

Data is encrypted in transit using standard TLS. Authentication tokens and credentials on your device are held in platform-secure storage (the iOS Keychain and Android encrypted storage). No method of transmission or storage is completely secure, but we take reasonable measures to protect your information.

9. Children's privacy

JFit is not directed to children. We do not knowingly collect personal information from children under the age required by your local law. [Confirm minimum age with legal.] If you believe a child has provided us personal information, contact us and we will delete it.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, where appropriate, provide additional notice.

11. Contact us

For privacy questions or requests, contact us at [email protected].