Privacy Policy

1. Introduction

Welcome to BodyTrak Pro ("we," "our," or "the App"). We are committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy explains how we collect, use, store, and protect your data when you use our fitness and health tracking application.

By using BodyTrak Pro, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the App.

2. Information We Collect

2.1 Information You Provide Directly

• Account Information: Email address, username, password (encrypted), profile information
• Profile Data: Age, gender, height, weight, fitness goals, dietary preferences
• Workout Data: Exercise logs, sets, reps, weight lifted, workout duration, personal records
• Nutrition Data: Food intake, calorie tracking, macronutrient data, meal logs, custom recipes
• Fasting Data: Fasting schedules, fasting duration, mood and energy levels during fasts
• Body Metrics: Weight measurements, body measurements, body fat percentage, progress photos
• User-Generated Content: Posts, comments, shared workouts, profile information

2.2 Automatically Collected Information

• Device Information: Device type, operating system, app version, device identifiers
• Usage Data: App features used, time spent in app, interaction patterns, crash reports
• Log Data: IP address, access times, pages viewed, error logs

2.3 Information from Third-Party Integrations

With your explicit consent, we may collect health and fitness data from:

• Garmin Connect (Coming Soon): Heart rate, steps, distance, calories burned, sleep data, activity summaries, workout details
• Apple Health (Coming Soon): Health metrics, activity data, workout information
• Fitbit (Coming Soon): Activity tracking, heart rate, sleep patterns
• Google Fit (Planned): Activity and health data

Important: You must explicitly authorize each integration. You can disconnect any integration at any time through the app settings.

3. How We Use Your Information

3.1 Primary Uses

• Service Delivery: Provide core app functionality for workout, nutrition, and health tracking
• Data Synchronization: Sync data across your devices and integrated services
• Progress Tracking: Calculate statistics, trends, and insights about your fitness journey
• Personalization: Customize recommendations and content based on your goals and preferences
• Social Features: Enable sharing, following, and community interactions (if you choose to use these features)

3.2 Secondary Uses

• App Improvement: Analyze usage patterns to enhance features and user experience
• Technical Support: Diagnose and fix technical issues, respond to support requests
• Security: Detect, prevent, and respond to fraud, abuse, or security threats
• Communications: Send important app updates, security alerts, and (with consent) promotional content
• Legal Compliance: Comply with applicable laws and regulations

3.3 Research and Development

We may use aggregated, anonymized data for research purposes to improve health and fitness tracking methodologies. Individual user data is NEVER used for research without explicit consent, and all research data is fully anonymized.

4. Third-Party Services and Integrations

4.1 Garmin Connect Integration

Status: Coming Soon

Data Collected: Heart rate, steps, distance, calories burned, sleep data, activity summaries, workout details

Purpose: Automatically import fitness data from your Garmin devices to provide comprehensive health tracking

Your Control: You must explicitly authorize this integration via Garmin's OAuth authentication. You can disconnect at any time in Settings > Connected Devices.

Garmin's Privacy Policy: https://www.garmin.com/en-US/privacy/policy/

4.2 Apple Health Integration

Status: Coming Soon

Data Collected: Health metrics, activity data, workout information (with your explicit permission)

Purpose: Sync health and fitness data with Apple Health ecosystem

Your Control: Apple Health integration requires explicit iOS permissions. You control exactly which data types are shared.

4.3 Fitbit Integration

Status: Coming Soon

Data Collected: Activity tracking, heart rate, sleep patterns

Purpose: Import fitness data from Fitbit devices

Your Control: Requires explicit authorization via Fitbit OAuth. Can be disconnected anytime.

4.4 Other Third-Party Services

• PocketBase (Backend): Secure data storage and synchronization
• Cloud Storage: Secure storage for progress photos (encrypted)
• Analytics (Future): We may implement privacy-respecting analytics to improve the app. You will be notified and can opt-out.

4.5 No Data Selling

We DO NOT sell, rent, or trade your personal data to third parties for marketing purposes. Ever.

5. Data Storage and Security

5.1 Data Storage

• Location: Data is stored on secure servers with industry-standard encryption
• Encryption: All data transmissions use TLS/SSL encryption
• Password Security: Passwords are hashed using bcrypt and never stored in plain text
• Local Storage: Some data is cached locally on your device for offline access (encrypted)

5.2 Security Measures

• End-to-end encryption for sensitive data
• Regular security audits and penetration testing
• Access controls and authentication protocols
• Automated backup systems
• Secure API endpoints with OAuth 2.0/1.0 authentication
• GDPR and CCPA compliance measures

5.3 Data Retention

• Active Accounts: Data retained as long as your account is active
• Deleted Accounts: Data permanently deleted within 30 days of account deletion request
• Backups: Backup copies removed within 90 days of deletion request
• Legal Requirements: Some data may be retained longer if required by law

6. Your Rights and Choices

6.1 Access and Control

You have the right to:

• Access Your Data: View all data we have about you via Settings > Privacy > Download My Data
• Correct Your Data: Edit profile information, workout logs, and other data directly in the app
• Delete Your Data: Request complete account deletion via Settings > Privacy > Delete Account
• Export Your Data: Download a copy of all your data in JSON format
• Opt-Out: Disable specific features, integrations, or data collection

6.2 Device Integration Control

For each third-party integration, you can:

• Connect or disconnect at any time
• Choose which data types to sync
• View sync history and data sources
• Delete imported data while keeping the connection

6.3 Marketing Communications

• Opt-out of promotional emails via unsubscribe link
• Control push notification preferences in Settings
• We will always send critical security and account-related notifications

6.4 GDPR Rights (EU Users)

If you are in the European Union, you have additional rights under GDPR:

• Right to data portability
• Right to restriction of processing
• Right to object to processing
• Right to lodge a complaint with supervisory authority

6.5 CCPA Rights (California Users)

If you are a California resident, you have rights under CCPA:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale of personal information (Note: We DO NOT sell your data)
• Right to non-discrimination for exercising CCPA rights

7. Children's Privacy

BodyTrak Pro is not intended for children under the age of 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@bodytrakpro.com and we will delete the information.

8. Alpha Testing Considerations

Current Status: BodyTrak Pro is in alpha testing phase.

What This Means:

• Active Development: Features and functionality are actively being developed and may change
• Potential Bugs: You may encounter bugs or issues during testing
• Data Changes: Database schema may change, potentially affecting data structure
• Feedback Collection: We may collect additional feedback and usage data to improve the app
• No Warranty: The app is provided "as is" during alpha testing

Your Data During Alpha:

• We will make reasonable efforts to protect and preserve your data
• We recommend regular data exports as a precaution
• Major changes will be communicated via email and in-app notifications
• You can delete your account and all data at any time

9. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by regulatory authorities
• Adequacy decisions by relevant authorities
• Data encryption during transfer and storage

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

• We will update the "Last Updated" date at the top of this policy
• Material changes will be communicated via email and in-app notification
• You will be asked to review and accept significant changes before continuing to use the app
• Previous versions will be archived and available upon request

Your continued use of BodyTrak Pro after changes indicates acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within 30 days (or sooner as required by applicable law).

12. Your Consent

By using BodyTrak Pro, you acknowledge that you have read, understood, and agree to this Privacy Policy. For third-party integrations, you will be asked to provide explicit consent through OAuth authorization flows before any data is collected from those services.