Privacy Policy

1. Information We Collect

Account Information

When you create an account, we collect your email address, password (stored securely via hashing), and first name. If you sign up using Google OAuth, we receive your name and email address from Google.

Profile & Fitness Data

To personalize your experience, we may collect your weight, height, age, gender, and daily step goal. This information is provided voluntarily and used solely to tailor your workout plan experience.

Workout Progress

We store your workout progress data, including which exercises and days you have completed, so you can track your journey over time.

Progress Photos

You may upload progress photos to track your physical transformation. These images are stored securely and are accessible only to you. We do not share, sell, or use your progress photos for any purpose other than displaying them back to you within the Service.

Payment Information

Payment details (credit card numbers, billing addresses) are collected and processed directly by Stripe. We do not store your full credit card number on our servers. We receive limited information from Stripe, such as the last four digits of your card, card brand, and transaction status.

2. How We Use Your Information

• To create and manage your account
• To process payments for one-time purchases ($10) and monthly subscriptions ($15/mo)
• To deliver and personalize your workout plans
• To track your workout progress and display it within your dashboard
• To store and display your progress photos securely
• To communicate with you about your account, purchases, or support requests
• To analyze usage patterns and improve the Service (via Vercel Analytics)
• To detect, prevent, and address technical issues or abuse

We do not sell, rent, or trade your personal data to third parties.

3. Third-Party Services

We use the following third-party services to operate the Service. Each has its own privacy policy governing the data they process:

4. Data Storage & Security

Your data is stored securely using Supabase, which provides encrypted database storage and authentication services. Passwords are hashed using industry-standard algorithms and are never stored in plain text.

Progress photos are stored in secure, private storage buckets accessible only to the authenticated user who uploaded them.

We implement Row Level Security (RLS) policies on our database to ensure users can only access their own data. While we take reasonable measures to protect your information, no method of electronic storage or transmission over the internet is 100% secure.

5. Cookies

We use cookies and similar technologies for the following purposes:

• Authentication: To keep you signed in and maintain your session securely.
• Analytics: Vercel Analytics may use cookies to collect anonymized performance and usage data.

We do not use cookies for advertising or third-party tracking purposes. You can configure your browser to reject cookies, but this may affect your ability to use certain features of the Service.

6. Your Rights

You have the following rights regarding your personal data:

To exercise any of these rights, contact us at support@hisandhersfitness.app.

7. Children's Privacy

The Service is not intended for individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@hisandhersfitness.app and we will promptly delete that information.

8. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

9. Contact

If you have any questions about this Privacy Policy or your personal data, please contact us: