Privacy Policy
IMPORTANT INFORMATION ABOUT PRIVACY
The purpose of this notice is to provide you with all the information you need to make an informed decision about your use of this Product. We also inform you of your rights and how to exercise them. If you have any questions or concerns, please contact us.
We inform you that in order to use the Product, you may be asked to answer a number of questions about you, including your name, email address, current weight and height, goal weight, fitness level, areas for improvement, dietary preferences, and other personal information. We also automatically collect the following settings from your device such as language, IP address, time zone, device type and model, device settings, operating system, Internet service provider, mobile service provider, hardware ID, Facebook ID, and other unique identifiers (e.g., IDFA and AAID). We need this data to provide you with our services, analyze how you use our services, and measure our advertising. In fact, you own and have legal rights to all data about you, from the data you enter about your fitness experience, to the purposes for which you use the Product, to how you use the Product itself. To avoid violating the law, we may also use the terms "your data" or "your information" to refer to the same thing. We use third-party solutions to improve the Product and engage our users. As a result, we may process data using solutions developed by the following third parties: Amplitude, Facebook, Firebase, Google, Apple, Appsflyer, Crashlytics. As a result, some of the data may be stored and processed on the servers of such third parties. This allows us (1) to analyze various interactions (how often users subscribe, the average weight and height of our users, how many users have chosen a certain area for improvement); (2) to display advertisements (and to be able to display them only to a certain group of users, such as subscribers). As a result, we, in particular, have a better understanding of which of our features and content you see the most value in and are able to focus on them to improve your experience and enhance our products. Please read our Privacy Policy below to learn more about what we do with data (Section 3), what data privacy rights are available to you (Section 6) and who the data controller will be (Section 1). If any questions remain unanswered, please contact us at support@fit4me-life.com.
1. Who we are
The controller responsible for processing in relation to the Product is White Apps Ltd, registered at 61 Bridge Street, Herefordshire, United Kingdom, HR5 3DJ
2. Categories of personal data we collect
We collect data that you provide to us voluntarily (for example, when you select your areas for improvement or send us an email). We may also receive data about you from third parties (for example, when you sign in with Apple). Finally, we collect some data automatically (e.g., your IP address).
2.1. The data you provide to us
You provide us with information about yourself when you register for and/or use the Services. For example, name, age, gender, physical characteristics (including height, weight, and improvements), fitness level, dietary preferences (including food preferences, preferred meal frequency, and foods you dislike), meditation preferences, sleep preferences, type and duration of physical activity you engage in, food you have, email address, etc.
Some of the information we collect may be considered special categories of personal data or sensitive data under certain data protection laws which we are subject to. In such cases (for example, when we ask you if you need a diabetic meal plan or if you are considering joining a special program for amputees), we ask for your consent to process such data, but you can withdraw your consent at any time. The expression "all categories of personal data" or other generalized expression below does not include special categories of personal data or sensitive data.
If the information required to provide the Product falls under a special category of personal data (e.g., type of diabetes to develop a program that meets your needs), consent is required to access the Product.
2.2. Data provided by third parties
When you sign in with Apple to register for an account with the Product, we receive personal information from your Apple ID. This information includes, but is not limited to, your name and verified email address. You can provide your real email address or an anonymous email address that uses a private email relay service; Apple displays detailed privacy information on the Apple Sign-In screen. For more information about Apple Sign-In, please click here.
2.3. Data that we automatically collect
a. Information about how you learn about us.
We collect data about your application or the URL that led you to our site (i.e., the application or location on the Internet you were in when you clicked on our advertisement).
b. Device and location information.
We collect data from your mobile device. Examples of such data include language preferences, IP address, time zone, device type and model, device settings, operating system, Internet service provider, mobile network operator, device ID and Facebook ID.
c. Use of data.
We record how you interact with our Product. For example, we may record your clicks on certain parts of the interface, the features and content you interact with, the workouts you perform, the time and duration of those workouts, how often you use the Product, the time you spend in the Product, your progress in your workout program, and record any orders you place during your subscription. We also record the advertisements in the Product that you access (and the Internet links to which these advertisements lead).
d. Advertising identifiers
We collect your Apple Digital Advertising Identifier ("IDFA") or Google Advertising Identifier ("AAID") (depending on your device's operating system). You can usually reset these numbers in your device's operating system settings (although we have no control over this).
e. Transaction data.
If you make a payment through the Product, you will be required to provide financial account information, such as a credit card number, to our third-party service provider. We do not collect or store full credit card number information, but we may receive credit card-related data and transaction data (date, time, amount and type of payment method used).
f. Cookies.
Cookies are small text files that are stored on a user's computer for record-keeping purposes. There are two types of cookies: session cookies and persistent cookies. Session cookies are deleted when you close your browser and are used to help you navigate our services. Persistent cookies remain on your device for a longer period of time. In addition, we use tracking pixels set by cookies to deliver online advertising.
Cookies are used, among other things, to automatically recognize you the next time you visit our services. As a result, information that you have previously entered in certain fields on the website may automatically appear the next time you use our services. These cookies are stored on your device and in most cases only for a limited period of time.
3. For what purpose we process your personal data
To provide our services
This includes the ability to use the Product uninterrupted and to prevent or correct errors or technical problems with the Product.
We use Amazon Web Services (AWS) to host personal data and to operate and distribute this Website, which is a hosting and server service provided by Amazon.
To personalize your experience
We process your personal data, such as information related to your menstrual cycle, to customize the content of the Product and make suggestions according to your personal preferences. For example, we ask you to provide the dates of your menstrual cycle and various symptoms related to your menstrual cycle in order to synchronize your fitness plan with your period.
Providing customer support
We process your personal data in order to respond to your requests for technical support, service information and other customer communications. For this purpose, we may send you messages or emails regarding, for example, the operation of our services, security, payment transactions, our Terms of Use or this Privacy Policy.
To communicate with you about your use of our services
We communicate with you through push notifications and emails. These may contain reminders and other information about the Product. As a result, for example, you may receive push notifications when new features are added to the Product. To stop receiving push notifications, you will need to change your device settings; to stop receiving emails, click on the unsubscribe link in the footer of each email.
The services we use for this purpose may collect data about the date and time you viewed the message or interacted with the message, for example, by clicking on a link contained in the message.
We use Sendpulse, a personalization and retention marketing platform, to send personalized emails to our users.
We use the Zendesk ticketing system to process customer requests. If you contact us through our contact form or email, we store the data you provide through the Zendesk ticketing system. Privacy Policy.
Research and analyze the use of the Product
This helps us to better understand our business, analyze our operations, and maintain, improve, innovate, plan, design and develop the Product and our new products. We also use this data for statistical analysis to test and improve our Product. This allows us to better understand which features and sections of the Product are most popular with our users and which categories of users use the Product. As a result, we often make decisions about how to improve our website based on the results of this process.
Third-party services we use for this purpose
We use Facebook Analytics, a service provided by Facebook that allows us to use various analytical tools; with the help of Facebook Analytics, we can, among other things, use aggregated demographic data as well as data on website traffic. For more information about Facebook's approach, please read the Facebook Privacy Policy.
To analyze the use of this website and to measure the effectiveness of certain advertisements, we use Google Analytics, a web analytics program from Google that stores a cookie on your device to provide you with analysis results. Google Analytics provides us with, among other things, aggregate information about the data you enter on our website and your user interactions on the website, which Google generates, in particular, by installing browser plugins available here. You can influence the collection and processing of information; you can learn more about how Google uses information here.
We also use the Amplitude analytics service to help us understand how you use our services, including time zone, device type (mobile or tablet) and unique identifiers (e.g., IDFA), unique identifiers (e.g., IDFA), etc. Amplitude also allows us to track the various interactions that take place in our apps. As a result, Amplitude helps us decide which features to focus on - Amplitude's privacy policy explains more about how we process data. We use Firebase Remote Config to track and analyze the behavior of users of the Product (in particular, their reaction to changes in the structure, text, and other components of the Product). Firebase Remote Config is an A/B testing and configuration service provided by Google that also allows us to tailor the content displayed to users of our applications (for example, different input screens may be displayed for different users). firebase privacy policy, privacy and security.
We also use Firebase Analytics, an analytics service from Google For more information about how Google uses your data, see Google's Partner Policy For information about Firebase, see . Google Privacy Policy.
Send marketing messages
We process your personal data for marketing campaigns. We may add your email address to our marketing lists. As a result, you will receive information about our products, such as special offers and new features and products available on the Product. If you do not wish to receive marketing emails from us, you may unsubscribe by following the instructions in the footer of the marketing email.
We use Sendpulse, a personalization and retention marketing platform, to send personalized emails to our users.
To personalize our advertising
We and our partners use your personal data to tailor advertisements and possibly even show them to you at appropriate times. For example, if you have accessed our Product, you may see advertisements for our products, for example, in your Facebook feed.
How to opt out or influence personalized advertising
On the website: you can use the Consent Management Platform to decide whether to allow us to store or access information on your devices using cookies and other tracking technologies in order to display interest-based advertising. You can open the Consent Management Platform by clicking the "Privacy" button in the lower right corner of the website.
iOS: On your iPhone or iPad, go to Settings > Privacy > Apple Ads and uncheck Personalized Ads.
Android: To turn off ads on your Android device, simply open the Google Settings app on your mobile phone, tap on "Ads" and turn on "Opt-out of interest-based ads". Alternatively, you can reset your advertising ID in the same section (this may also help you see fewer personalized ads).
To learn more about how you can influence the choice of ads on different devices, please see the information available here.
You can also get useful information and opt-out of interest-based advertising by following these links:
Network Advertising Initiative - http://optout.networkadvertising.org/
Digital Advertising Alliance - http://optout.aboutads.info/
Digital Advertising Alliance (Canada) - http://youradchoices.ca/choices
Digital Advertising Alliance (EU) - http://www.youronlinechoices.com/
DAA AppChoices page - http://www.aboutads.info/appchoices
Browsers: It is also possible to completely prevent your browser from accepting cookies by changing your cookie settings. You can usually find these settings in the "options" or "preferences" menu of your browser. The following links may be helpful, or you can use the "Help" option in your browser.
Setting cookies in Internet Explorer
Cookie settings in Firefox
Cookie settings in Chrome
Setting up cookies in Safari web and iOS
What third-party services do we use for this purpose?
We value your right to influence the advertisements you see, so we let you know which service providers we use for this purpose and how some of them allow you to control your advertising preferences.
We use the Facebook pixel on the Product. The Facebook pixel is a code placed on the Product that collects data that helps us track conversions from Facebook ads, create targeted audiences, and remarket to people who have taken certain actions on the Website.
We also use Facebook Ads Manager in conjunction with Facebook Custom Audience, which allows us to select the audience that will see our ads on Facebook or other Facebook products (e.g., Instagram). With Facebook Custom Audience, we can create a list of users with specific data sets, such as IDFA, select users who have performed certain actions on the Product. As a result, we can ask Facebook to show ads to a specific list of users. As a result, more of our ads may be displayed when you use Facebook or other Facebook products (e.g., Instagram). You can learn how to opt out of ads served to you through Facebook Custom Audience here.
Facebook allows its users to influence the types of ads they see on Facebook. To learn how to control the ads you see on Facebook, go here or change your Facebook ad settings.
Google Ads is an ad serving service from Google that may deliver ads to users. In particular, Google allows us to customize ads so that they are displayed, for example, only to users who have performed certain actions on our website (e.g., to show our ads to users who have visited our website). This remarketing can be in the form of an ad on a Google search results page or on a site in the Good Display Network.
Third-party vendors, including Google, use cookies to serve ads based on past visits to the Product. Google allows its users to opt-out of Google's personalized advertising and prohibit the use of their Google Analytics data.
To process your payments
We provide paid products and/or services as part of the Product. To do so, we use third-party services to process payments (e.g., payment processors). As a result of this processing, you will be able to make a payment for a personalized fitness plan, and we will receive a notification that the payment has been made and send you the fitness plan.
We will not store or collect your payment card information ourselves. This information will be provided directly to our third-party payment processors.
To enforce our Terms of Use and to prevent and combat fraud
We use personal data to ensure the fulfillment of our agreements and contractual obligations, to detect, prevent and combat fraud. As a result of such processing, we may provide your information to other parties, including law enforcement agencies (in particular, if a dispute arises in connection with our Terms of Use).
To comply with legal obligations
We may process, use, or share your data when required to do so by law, including if a law enforcement agency requests your data through available lawful means.
4. On what legal basis do we process your personal data
In this section, we inform you which legal basis we use for each specific processing purpose. For more information about the specific purpose, please see Section 3. This section only applies to users from the EEA.
We process your personal data on the following legal grounds:
- your consent
We will send you marketing communications in accordance with this legal basis. You have the right to withdraw your consent at any time by using the unsubscribe link in the footer of our emails. We will also send you push notifications if you allow us to. You can turn off notifications at any time in your device settings.
- to fulfill our contract with you;
According to this legal framework, we can:
Provide our services (in accordance with our Terms of Use)
Customize your experience
Manage the account and provide customer support
Communicate with you regarding your use of our Product
- processing your payments
for our (or others') legitimate interests, unless these interests are overridden by your interests or fundamental rights and freedoms that require the protection of personal data;
We rely on legitimate interests:
- to research and analyze your use of the Product
Our legitimate interest for this purpose is our interest in improving our Product so that we understand user preferences and can provide you with a better experience (for example, to make using the website easier and more enjoyable or to introduce and test new features).
- to personalize our ads
The legitimate interest we rely on for this processing is our interest in the targeted promotion of our Product
- to ensure compliance with our Terms of Use
- to prevent and combat fraud. Our legitimate interests for this purpose are to comply with our legal rights, to prevent and combat fraud and unauthorized use of the Product, non-compliance with our Terms of Use
- to fulfill legal obligations.
5. With whom we share your personal data
We share information with third parties who help us operate, provide, improve, integrate, customize, support and market our services. We may share some personal information, in particular for the purposes set out in Section 3 of this Privacy Policy. The types of third parties with whom we share information include, but are not limited to
5.1. Product providers.
We share personal information with third parties that we hire to provide services or perform business functions on our behalf under our instructions. We may share your personal information with the following service providers
Cloud storage providers (Amazon)
Data analytics providers (Facebook, Google, Amplitude)
Marketing partners (social networks, marketing agencies, email delivery services, etc.)
Communication service providers (Zendesk)
Payment service providers
Section 3 of this Privacy Policy describes in detail the purposes for which we share information and with which third-party service providers.
5.2. Law enforcement and other government agencies
We use personal data to enforce our Terms of Use; to protect our rights, privacy, security or property and/or the rights of our affiliates, customers or others; and to respond to requests from courts, law enforcement, regulators, other governmental authorities and as otherwise required by law. We may use and disclose personal data if required to do so by law.
5.3. Third parties as part of a merger or acquisition
In the course of developing our business, we may acquire or sell assets or business offerings. Customer information is typically one of the business assets transferred in such transactions. We may also share such information with related parties (e.g., parent companies and subsidiaries) and may transfer such information as part of corporate transactions, such as the sale, disposition, merger, consolidation or sale of our business assets or in the unlikely event of bankruptcy.
6. Your privacy rights and how to exercise them
You have rights in relation to the data below. These rights can be exercised (to the extent possible) through the Product or directly through the "Contact Us" option.
Please note that these rights are based on European law, namely the General Data Protection Regulation ("GDPR"). Depending on your country of residence, these rights may be interpreted differently. If you wish to assert your rights in a particular country, please let us know.
The right of access
You can ask us to verify whether we process your data and, if so, to provide you with a copy of the extent to which we do so and what data we store.
The right to rectification
You have the right to request us to correct inaccurate or outdated personal data about you and to supplement incomplete data. To the extent possible, we will try to provide you with the opportunity to correct/add data through the Product settings. For example, you can log in to your user profile and correct, modify or delete information about yourself. We will also notify third parties to whom we have shared your data if your data has been changed.
The right to be deleted (the right to be forgotten)
You may request the erasure of your personal data that we store. However, the right to erasure is not absolute and can only be exercised if certain legal requirements are met. You can only request erasure if
- your personal data is no longer necessary for the purposes for which it was collected; or
- you withdraw your consent to the processing of your personal data and that consent was the only lawful basis for the processing; or
- you object to the processing on the basis of a balance of interests appropriate to your particular circumstances; or
- if your personal data has been processed unlawfully; or
- if we have to delete your personal data to comply with a legal obligation.
- if you are underage and misuse our products.
Your right to delete personal data is also limited. For example, you are not obliged or permitted to delete data that you are required to keep in accordance with statutory retention periods. Similarly, your right to erasure does not apply to data that is necessary for the establishment, exercise or defense of legal claims.
If we transfer your personal data to a third party, we will initiate the deletion of your data from that third party or, if required by applicable law, notify the third party of the deletion.
In order to avoid unnecessary legal disputes and given the common usage of these terms, we will interpret all user requests to "delete my data" as requests to delete data in accordance with Article 17 of the GDPR.
The right to restrict processing
Users have the right to request restriction of processing (i.e., marking to limit the further use of stored personal data) under certain conditions. The requirements for restriction of processing are as follows
There is an objection to the accuracy of your personal data and we need to verify its accuracy; or
if the processing is unlawful, but you do not want your personal data erased and we must instead restrict the use of your personal data; or
when your personal data is no longer required for the purposes of processing, but we need the data to establish, exercise or defend a legal claim;
when you object to the processing and we determine whether our legitimate interests override your legitimate interests.
The right to object
You have the right to object to the full or partial processing of your personal data at any time and in any form, if our processing is based on legitimate interests (balance of interests). In order for us to consider your objection, please let us know about your specific situation and the reasons why you believe that your rights and freedoms are particularly at risk (see Article 21 of the GDPR for more information). The right to object is not absolute, and we will only stop processing your data if we cannot demonstrate compelling legitimate grounds for processing your data.
If the processing that is the subject of the objection is for direct marketing purposes, we will stop the processing as soon as we receive your objection. A typical example of how you can object to a marketing communication is by clicking the "unsubscribe" button in an email.
The right to data portability
You have the right, in accordance with applicable law, to receive the data you provide to us in a commonly used and machine-readable format and to transmit it to other controllers without our intervention.
Where possible, we will allow you to export and use your data directly through the Product. You may also ask us to assist you in moving your data, if technically feasible. Please note that this option only applies to data that is processed based on the performance of a contract with you or based on your consent.
The right to withdraw consent
If you have consented to the processing of your personal data, you may withdraw your consent at any time. Withdrawal of consent does not have retroactive effect and does not affect any processing that took place before the withdrawal.
The right to file a complaint
If you believe that your data has been processed unlawfully, you may lodge a complaint with the data protection authority at any time. Below are the contact details of the Data Protection Supervisory Authority in Cyprus:
Data Protection Commissioner, https://ico.org.uk/
7. California privacy rights
This section describes your privacy rights as a California resident as set forth in California law, including the California Consumer Privacy Act ("CCPA").
Please note that this Section 7 describes rights specific to the State of California that differ significantly from those set forth in the GDPR. These rights are in addition to the rights of California residents described in Section 6 above under the GDPR.
These rights can be exercised (to the extent possible) through the Product or directly through the contact details.
Rights of access to certain information and data transfer
In general, your rights to request access to your data and data portability are described in Section 6 above under the headings "Right to Access" and "Right to Rectification" respectively. The scope of these rights differs slightly in the CCPA.
You have the right to request that we disclose certain information about the collection and use of your personal data for the last 12 months only. We will notify you as soon as we receive and verify your verifiable consumer claim:
Categories of personal data we collect.
Category of the source of the personal information we collect.
Our business or commercial purpose for collecting or selling this personal information.
Categories of third parties with whom we share this personal information.
Specific personal information we collect about you.
If we have sold or disclosed your personal information for commercial purposes, we will notify you separately.
Please note that verifiable consumer requests for access or portability of data can only be made twice in a 12-month period. A verifiable consumer request must
Provide us with sufficient information to reasonably verify that you are the person whose personal data we have collected or an authorized representative of that person.
Describe your request in sufficient detail so that we can properly understand, evaluate, and respond to it.
The right to request deletion
Generally, your right to request deletion is set forth in Section 6, "Right to erasure (right to be forgotten)" above.
Please note that although the right to request erasure under the CCPA and the right to request erasure under the GDPR are essentially the same, under the CCPA we are not required to comply with your request if we need to retain your information for a specific reason. For your convenience, a summary of these exceptions is provided below. For more information, please read the full text of the CCPA or additional clarifications from the California Attorney General.
Under the CCPA, we may retain your personal information, among other things, in the following circumstances
To complete a transaction for which personal information was collected, or to fulfill the terms of a written warranty or product recall.
To detect security incidents, protect against malicious, deceptive, fraudulent or illegal activities, or to prosecute those responsible for such activities.
Debugging to identify and fix bugs that jeopardize existing planned functionality.
Compliance with the California Electronic Communications Privacy Act.
Allow only internal use that reasonably meets consumer expectations based on the consumer's relationship with the business.
Fulfillment of legal obligations.
Otherwise, use personal information for internal activities in a lawful manner in accordance with the context in which the consumer provided the information.
The right to non-discrimination
Consumers in California are entitled to nondiscriminatory treatment in the exercise of their rights under the CCPA. In particular, we may not refuse to provide the Product, charge different prices for the Product, deny benefits or impose penalties, provide a different level or quality of Product than other consumers in California, or threaten consumers with any of the above. Right to request information about data transfer to third parties for direct marketing purposes
In accordance with the California Shine the Light Act (Civil Code Section 1798.83), users may request information about the transfer of their personal data to third parties for direct marketing purposes.
The right to prohibit the sale of information
We do not sell personally identifiable information (as defined in the CCPA) that we collect. We also do not sell information without giving users the right to opt out. However, we may share users' personal information for our business purposes, as described in Section 5.
8. Age restrictions.
We do not knowingly process personal data from anyone under the age of 16. If you learn that someone under the age of 16 has provided us with personal data, please contact us at
9. International data transfer
We do business all over the world. We may transfer personal data to countries other than the country in which the data was originally collected in order to provide the Product set forth in the Terms of Use and for the purposes described in this Privacy Policy. If those countries do not have the same data protection laws as the country in which you originally provided the information, we take special security measures.
Specifically, if we transfer personal data originating in the EEA to countries with inadequate data protection, we use one of the following legal bases: (i) Standard Contractual Clauses approved by the European Commission (details available here), or (ii) country-specific adequacy decisions of the European Commission (details available here).
10. Changes to this privacy policy
We may change this Privacy Policy from time to time. If we decide to make material changes to this Privacy Policy, we will notify you through our Product or other available means and provide you with the opportunity to review the revised Privacy Policy. By continuing to access or use the Product after these changes become effective, you agree to be bound by the new version of the Privacy Policy.
11. Storage of your personal data
We will retain your personal data for as long as necessary to fulfill the purposes set out in this Privacy Policy, unless further retention is required by applicable law.
You can ask us to close your account and delete your data at any time. We will treat such requests as termination of your contract with us and withdrawal of your consent. Following such a request, we will stop processing the data in accordance with the relevant legal basis.
Please note that certain data may be retained after a deletion request. This applies when the processing is based on our legitimate interests. For example, we may retain purchase information to protect our rights in court. Such retention is not indefinite and is limited to the usefulness of the data concerned and the fulfillment of our legitimate purposes. As described in Section 6, "Your Privacy Rights and How to Exercise Them", you may object to our legitimate interests. If you wish to do so, please indicate this when contacting us.
We may also retain data if it is technically impossible to delete it (for example, if your personal data is stored in a backup archive). We will securely store your personal data and isolate it from further processing until deletion is possible.
The same applies if we are obliged to store your data in accordance with applicable laws (e.g., accounting and tax laws). In the event of such storage, we will ensure by technical and organizational means that such data will not be used for contradictory purposes, for example, to send you advertising.
12. How do not track requests are processed
The service does not support Do Not Track requests. To determine if the third-party services he uses honor Do Not Track requests, please read their privacy policies.
13. How to delete the account
iOS:
Open the Fit4Me app and go to Plan → Profile at the top.
Select Personal Data Management.
Tap Delete personal data.
Android:
If you wish to request a deletion of your data, please contact us at: support@fit4me-life.com.
Please bear in mind that this action cannot be undone. You will be logged out of your account and your progress will be deleted.
14. Contact us
You can contact us at any time for more information about this Privacy Policy and previous versions. For any questions regarding your account or your personal data, please contact us at support@fit4me-life.com.