Back to FitFlow
Legal

Privacy Policy

Last updated: May 11, 2025

This Privacy Policy explains how FitFlow (operated by OGY Digital) collects, uses, and protects your information. We are transparent about every third-party service we use, including AI providers.

1. Information We Collect

FitFlow collects the following types of information:

  • Account information: name and email address when you sign up with email, Apple, or Google.
  • Workout data: routines, exercises, sets, reps, weight, and duration that you create or import.
  • Training logs: personal records, workout history, and progress metrics.
  • Video URLs: links to YouTube, Instagram, TikTok, or other video platforms that you choose to import.
  • Fitness goals and profile data you provide during onboarding (e.g., fitness level, preferred workout style).
  • App usage data: screens viewed, features used, and interactions within the app.
  • Device information: device model, OS version, and crash/diagnostic data for app stability.
  • Push notification tokens (if you opt in to notifications).

2. How We Use Your Information

We use your data to:

  • Provide and operate the core FitFlow features including workout tracking, history, and progress analytics.
  • Power the Magic Import feature — processing video URLs and workout prompts to generate structured routines.
  • Deliver personalised AI Coach insights based on your training history.
  • Send push notifications about your workouts, streaks, and coach feedback (only if you opt in).
  • Improve app functionality, fix bugs, and optimise performance.
  • Respond to support requests.

3. Third-Party AI Services

AI Data Disclosure

FitFlow uses OpenAI (openai.com) to generate workout routines from your text prompts and video imports. When you use the Magic Import or AI Coach features, the following data is sent to OpenAI's API:

  • The text prompt or video URL you provide for workout generation.
  • Extracted text and transcription from video content (no video file is sent — only extracted text).
  • Your AI Coach conversation messages.
  • Anonymised context about your training history when generating coach feedback (no personally identifiable information is included).

What is NOT sent to OpenAI: your name, email address, Apple/Google account details, payment information, or any directly identifying personal data.

OpenAI processes this data in accordance with their Privacy Policy. OpenAI does not use API data submitted via the API to train their models by default.

FitFlow also uses Trigger.dev as a background task processor to handle video analysis jobs. Trigger.dev processes video URLs transiently and does not store your data.

4. Video Import (YouTube, TikTok, Instagram Reels)

When you import a workout from a video URL, FitFlow sends that URL to our secure backend. Our system extracts publicly available information (frames and audio transcription) from the video to identify exercises. We do not download, store, or redistribute video files. We do not access your accounts on any video platform.

FitFlow is not affiliated with, endorsed by, or sponsored by YouTube, TikTok, Instagram, or their respective parent companies.

5. Data Storage & Security

Your data is stored securely on Supabase (supabase.com), a cloud database platform that provides AES-256 encryption at rest and TLS 1.2+ in transit. Your workout data and account details are accessible only to you. We use industry-standard security practices and access controls.

6. Data Sharing

We do not sell your personal information to third parties. We share data only as described below:

  • OpenAI — for AI workout generation and coach features (see Section 3).
  • Supabase — for database hosting and authentication.
  • RevenueCat — for subscription management and purchase validation. RevenueCat receives your anonymised user ID and purchase history.
  • Apple / Google — for authentication and in-app purchase processing, subject to their own privacy policies.
  • Expo / React Native infrastructure — for push notifications (device token only).

7. Subscriptions & Payments

FitFlow Elite subscriptions are processed entirely through Apple's App Store. We do not collect, store, or process payment card information directly. Payment data is handled by Apple in accordance with their privacy policy. Subscription management (cancellation, renewal) is handled through your Apple ID account settings.

8. Your Rights

You have the right to:

  • Access all your workout and training data at any time within the app.
  • Delete your account and all associated data — available in Profile → Settings → Delete Account.
  • Request a copy of your data by contacting privacy@ogy.digital.
  • Opt out of push notifications at any time in your device settings.
  • Request correction of inaccurate personal information.

9. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data is deleted or anonymised within 30 days, except where we are required to retain it for legal or tax obligations.

10. Children's Privacy

FitFlow is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us at privacy@ogy.digital and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy here and in the app. Your continued use of FitFlow after changes constitutes acceptance of the updated policy.

12. Contact Us

For privacy questions or data requests, contact us at privacy@ogy.digital. FitFlow is operated by OGY Digital.

© 2026 FitFlow · OGY Digital. All rights reserved.

Terms of Service →