Privacy Policy
Last updated: 2026-01-13
Fitcoin respects your privacy. This policy explains what we collect, why we collect it, how we use it, and the choices you have. By using Fitcoin, you agree to this policy.
Information We Collect
- Account & profile: email, username, avatar (if provided), device tokens for push, referral codes, and basic signup metadata.
- Health & activity (with your explicit consent): Apple HealthKit data such as workouts, active energy, steps, heart metrics (if you grant access). We read these locally to compute your FitScore/FitCoin. We sync only derived/aggregated scores (e.g., FitScore, FitCoins, daily summaries), not raw HealthKit samples.
- Location (if enabled): used for location-aware rewards or features. You can disable in system settings.
- Social & engagement: friends/connections, invites, referrals, raffle entries, rewards/offers redemptions, and in-app actions related to social and rewards features.
- User content (Stories): photos you choose to post as a Story (visible to your friends). We also store view markers so you can see “Seen by” counts on your own Stories. Stories are designed to expire after 24 hours, but you can delete them sooner.
- User content (Clubs): club membership, posts, post images (if you attach media), comments, replies, likes, and related timestamps. Club posts and comments are generally visible to members of that club, and can be aggregated into a feed for the clubs you’ve joined.
- Links you share: if you share a club post, we generate a link (deep link/universal link) that contains identifiers (e.g., clubId/postId) so recipients can open the exact post in the app or on the web.
- Safety & reporting: if you report a user or content, we collect the report details you submit (reason, optional note) plus relevant account identifiers so our team can review and take action.
- Blocking: if you block another user, we store a block record so we can hide their content and prevent unwanted interactions.
- Device & app data: app version, OS version, device model, language/locale, and push tokens (APNs/FCM) to deliver notifications.
- Usage, analytics, crash data: app interactions, performance metrics, and crash reports to improve stability and features.
- Support interactions: messages you send to us for help.
How We Use Information
- Compute and display your FitScore/FitCoins and related insights.
- Sync your scores and rewards across devices (derived data only; no raw HealthKit samples are sent to our servers).
- Deliver notifications (e.g., workout recognition, rewards, friend activity), if you allow push permissions.
- Operate social features (friends, leaderboards), referrals, rewards, and raffles.
- Enable Stories (posting, viewing, friend-only sharing, view counting, and deletion).
- Enable Clubs features (creating/joining clubs, viewing member lists, posting updates, commenting, replying, liking, and sharing posts).
- Allocate and store partner promo codes when you redeem certain rewards/offers (so you can access your code later).
- Improve performance, security, and reliability; prevent fraud and abuse.
- Provide customer support and communicate important updates.
- Serve ads and measure their performance where applicable (e.g., AdMob).
HealthKit Data
- We access HealthKit only with your consent. You can change permissions anytime in the Health app.
- Raw HealthKit data is processed on your device. We do not sell or use HealthKit data for advertising.
- We only sync derived values (e.g., FitScore, FitCoins, daily summaries) to Firebase so your account stays in sync across devices.
Push Notifications
We use device tokens (APNs/FCM) to send notifications about workouts, rewards, friends, and account activity. You can disable notifications in your device settings.
Stories, Friends & Visibility
- Stories are shared with your friends (not publicly).
- When you view a friend’s Story, we store a view marker so the story owner can see aggregate “Seen by” information for that story instance.
- You can delete your Story at any time. Deleted Stories should stop being visible immediately.
Reports, Blocking & Safety
If you report a user, club post, or comment, we store the report details (reason and optional note), the reporter and reported user IDs/usernames, and relevant metadata to help investigate. If you block a user, we store a block record so we can hide their content and prevent unwanted interactions. We may review reported content and take action (e.g., warnings, removals, content deletion, member removal, or account restrictions) to keep the community safe.
Clubs Moderation & Controls
- Club owners can typically manage their club (e.g., update club details, post updates, view members, and remove members).
- App moderators may have elevated permissions across clubs to help keep Fitcoin safe (e.g., removing abusive content or users).
- Content removal: you may be able to delete your own content in-app (where available). Club owners/moderators may remove posts/comments or members for safety and community reasons.
Location
If you grant location access, we use it for location-aware rewards or features. You can turn this off in system settings.
Sharing & Processors
- We do not sell personal data.
- Vendors/processors: Firebase (Auth, Firestore, Cloud Functions, Messaging), Apple (HealthKit, APNs), analytics/crash tools, AdMob (ads), and similar service providers who help us run the app.
- We may share data to comply with law, protect our rights, or in connection with a merger/acquisition.
Retention
We keep data while your account is active or as needed for legitimate business, legal, or security purposes. Stories are designed to expire after 24 hours and may be deleted by you sooner. Clubs content (posts, comments, likes) may persist until deleted by you (where available), by a club owner, or by moderators. Derived fitness scores and account records may persist in backups for a limited period after deletion.
Security
Data in transit is encrypted (HTTPS). Access to production systems is restricted and audited. No system is 100% secure; please safeguard your account.
Your Choices & Rights
- Health permissions: manage in the Apple Health app.
- Notifications: manage in device settings.
- Location: manage in device settings.
- Data access/deletion: email hello@fitcoin.co. You can request account deletion and data removal; derived records in backups may take additional time to clear.
- Marketing: you can opt out of marketing communications at any time.
Children
Fitcoin is not directed to children under 13 (or the minimum age in your region). We do not knowingly collect data from children. If you believe a child has provided data, contact us to delete it.
Changes to This Policy
We may update this policy from time to time. Material changes will be posted here with an updated “Last updated” date.
Contact
Questions or requests: hello@fitcoin.co.