Privacy Policy
Last updated: 2025-12-06
Fitcoin respects your privacy. This policy explains what we collect, why we collect it, how we use it, and the choices you have. By using Fitcoin, you agree to this policy.
Information We Collect
- Account & profile: email, username, avatar (if provided), device tokens for push, referral codes, and basic signup metadata.
- Health & activity (with your explicit consent): Apple HealthKit data such as workouts, active energy, steps, heart metrics (if you grant access). We read these locally to compute your FitScore/FitCoin. We sync only derived/aggregated scores (e.g., FitScore, FitCoins, daily summaries), not raw HealthKit samples.
- Location (if enabled): used for location-aware rewards or features. You can disable in system settings.
- Social & engagement: friends/connections, invites, referrals, raffle entries, rewards redemptions, in-app actions related to offers.
- Device & app data: app version, OS version, device model, language/locale, and push tokens (APNs/FCM) to deliver notifications.
- Usage, analytics, crash data: app interactions, performance metrics, and crash reports to improve stability and features.
- Support interactions: messages you send to us for help.
How We Use Information
- Compute and display your FitScore/FitCoins and related insights.
- Sync your scores and rewards across devices (derived data only; no raw HealthKit samples are sent to our servers).
- Deliver notifications (e.g., workout recognition, rewards, friend activity), if you allow push permissions.
- Operate social features (friends, leaderboards), referrals, rewards, and raffles.
- Improve performance, security, and reliability; prevent fraud and abuse.
- Provide customer support and communicate important updates.
- Serve ads and measure their performance where applicable (e.g., AdMob).
HealthKit Data
- We access HealthKit only with your consent. You can change permissions anytime in the Health app.
- Raw HealthKit data is processed on your device. We do not sell or use HealthKit data for advertising.
- We only sync derived values (e.g., FitScore, FitCoins, daily summaries) to Firebase so your account stays in sync across devices.
Push Notifications
We use device tokens (APNs/FCM) to send notifications about workouts, rewards, friends, and account activity. You can disable notifications in your device settings.
Location
If you grant location access, we use it for location-aware rewards or features. You can turn this off in system settings.
Sharing & Processors
- We do not sell personal data.
- Vendors/processors: Firebase (Auth, Firestore, Cloud Functions, Messaging), Apple (HealthKit, APNs), analytics/crash tools, AdMob (ads), and similar service providers who help us run the app.
- We may share data to comply with law, protect our rights, or in connection with a merger/acquisition.
Retention
We keep data while your account is active or as needed for legitimate business, legal, or security purposes. Derived fitness scores and account records may persist in backups for a limited period after deletion.
Security
Data in transit is encrypted (HTTPS). Access to production systems is restricted and audited. No system is 100% secure; please safeguard your account.
Your Choices & Rights
- Health permissions: manage in the Apple Health app.
- Notifications: manage in device settings.
- Location: manage in device settings.
- Data access/deletion: email hello@fitcoin.co. You can request account deletion and data removal; derived records in backups may take additional time to clear.
- Marketing: you can opt out of marketing communications at any time.
Children
Fitcoin is not directed to children under 13 (or the minimum age in your region). We do not knowingly collect data from children. If you believe a child has provided data, contact us to delete it.
Changes to This Policy
We may update this policy from time to time. Material changes will be posted here with an updated “Last updated” date.
Contact
Questions or requests: hello@fitcoin.co.