FitCommit ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share information about you when you use our mobile application and services.
1. Information We Collect
Account Information
When you create an account using Apple Sign-In, we collect your name and email address (if you choose to share them). We also generate a unique user identifier. You may set a display nickname and select an avatar within the app.
Activity Data
When you log activities, we collect photos you take to verify your workouts, the workout duration you select, and your sport type. Photos are stored securely in our cloud infrastructure. We also track your weekly submission count, total points, and commitment progress.
Location Data
With your permission, we collect precise location data (latitude and longitude) when you verify activities. This helps us confirm you are at a gym, sports facility, or other fitness venue using the Google Places API. Location data is only collected when you actively use the verification feature and is stored alongside the activity log.
Device & Notification Data
If you enable push notifications, we store your device push token to send you reminders about your commitments. You can disable notifications at any time through your device settings or within the app.
Payment Information
All payments for FitCommit Pro subscriptions are processed through the Apple App Store. We do not collect or store your credit card or payment details. We receive subscription status information from RevenueCat to manage your access to Pro features.
2. How We Use Information
We use your information to:
- Provide and maintain our services
- Verify your fitness activities using AI photo analysis and location data
- Track your commitment progress, points, and rank
- Manage your FitCommit Pro subscription status
- Display leaderboards and social pact features (Pro)
- Send push notifications about your commitments and reminders
- Calculate and apply point awards and penalties
- Improve and develop new features
3. AI Photo Analysis
We use Google Gemini AI to analyze photos you submit for activity verification. The AI evaluates whether your photo depicts a legitimate fitness activity consistent with your selected sport type. Photos are sent to Google's servers for analysis and processed according to Google's privacy policy. We do not use your photos to train AI models. Photos submitted for verification may contain facial imagery; this data is used solely for activity verification and is not used for facial recognition or identification purposes.
4. Third-Party Services
We share data with the following third-party services:
- Apple: Sign-In with Apple authentication and App Store payments
- RevenueCat: Subscription management and entitlement verification
- Google Gemini: AI-powered photo analysis for activity verification
- Google Maps/Places: Location verification against fitness venues
- Supabase: Secure database hosting, authentication, and cloud storage
Each service operates under its own privacy policy governing how your data is processed. Data may be processed by our service providers in the United States. We ensure appropriate safeguards are in place for any international data transfers.
5. Data Retention
We retain your account information and activity history as long as your account is active. Activity photos are retained for 90 days after verification and are then automatically deleted from our servers. Points, commitment records, and weekly progress data are retained for the lifetime of your account. You can request deletion of your account and all associated data at any time through the app settings.
Upon account deletion, your personal data is immediately removed from our active systems. Backup copies are purged within 30 days as part of our standard disaster recovery cycle.
6. Data Security
We implement industry-standard security measures including encryption in transit (TLS), secure cloud storage with row-level security policies, and access controls. Authentication tokens are stored securely on your device using platform-native secure storage.
7. Your Rights
You have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your account and all associated data
- Export your data
- Withdraw consent for camera and location access at any time
- Disable push notifications
To exercise these rights, use the settings in the app or contact us at pickitbox.official@gmail.com.
8. Children's Privacy
FitCommit is not intended for users under 18. We do not knowingly collect personal information from users under 18. If you believe someone under 18 has provided us with personal information, please contact us immediately.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes through the app or by updating the "Last Updated" date. Continued use of the app after changes constitutes acceptance.
10. Contact Us
If you have questions about this Privacy Policy, please contact us at:
Email: pickitbox.official@gmail.com