Legal

Privacy Policy

Last updated: 16 April 2026

FitTrack is built on the belief that your health data belongs to you. This policy explains exactly what we collect, why we collect it, and what we do with it. We've written it in plain English — not legal jargon.

The short version: We store your health data to power the app. We never sell your personal data. We may use anonymised, aggregated data for research. You can delete your account and all your data at any time.

Who we are

FitTrack is operated as an independent service. Our data is hosted on a private server in the United Kingdom. For data protection enquiries, contact us at [email protected].

What data we collect

We collect only what's needed to run the service:

Your name and email address (account creation)
Your password (stored as a one-way hash — we cannot see it)
Food entries you log, including calorie and macro estimates
Activity data synced from Apple Health or Garmin (calories burned, steps)
Health tracking data you choose to log: weight, sleep, mood, energy, workouts, body measurements
Your daily calorie target and base settings
iMessage Apple ID or phone number (only if you choose to enable iMessage logging)
Payment information (processed by Stripe — we never see your card details)

How we use your data

To calculate your daily calorie target and track progress
To generate AI calorie estimates from your food descriptions
To sync activity data from Apple Health and adjust your targets
To send you weekly summary reports (if enabled)
To process your subscription payment via Stripe
To respond to support requests

Anonymised aggregate data

We may use anonymised, aggregated data for research and commercial purposes. This means statistical patterns across our user base — for example, average sleep duration by day of week, or popular workout types.

Crucially, this data is fully anonymised before any use or sharing. Your user ID is replaced with a one-way cryptographic hash that cannot be reversed. No names, email addresses, or contact details are ever included. This is fully compliant with GDPR's anonymisation standards.

We will never sell your personal data — data that could identify you — to any third party.

AI food logging

When you describe food to log it, your description is sent to an AI model running locally on our server (Ollama/llama3.2). Your food descriptions are not sent to any third-party AI service and do not leave our infrastructure.

Data storage and security

All data is stored on a private server in the United Kingdom
Data is encrypted in transit using TLS (HTTPS)
Passwords are hashed using bcrypt — we cannot recover them
Database backups are taken nightly and stored securely
Access to raw data is restricted to the service operator

Third parties

We use a small number of trusted third-party services:

Stripe — payment processing. Subject to Stripe's privacy policy.
Cloudflare — DNS, DDoS protection and tunnel routing. Subject to Cloudflare's privacy policy.
Resend — transactional email (welcome emails, weekly reports). Subject to Resend's privacy policy.
Apple HealthKit — activity data sync (iOS app only). Data is read from your device; nothing is written back.

We do not use advertising networks, tracking pixels, or analytics services that share data with third parties.

Your rights (GDPR)

If you are based in the UK or EU, you have the following rights:

Access: Request a copy of all data we hold about you
Rectification: Ask us to correct inaccurate data
Erasure: Request deletion of your account and all associated data
Portability: Request your data in a machine-readable format
Objection: Object to processing of your data for research purposes
Withdraw consent: Disable weekly reports or iMessage logging at any time in Settings

To exercise any of these rights, email [email protected]. We will respond within 30 days.

Data retention

We retain your data for as long as your account is active. If you delete your account, all personal data is permanently deleted within 30 days. Anonymised aggregate statistics that do not contain any personal data may be retained indefinitely.

Cookies

FitTrack does not use tracking cookies. We use a single authentication token stored in your browser's local storage to keep you logged in. This token contains no personal information and expires after 7 days.

Children

FitTrack is not intended for use by anyone under the age of 16. We do not knowingly collect data from children.

Changes to this policy

If we make significant changes to this policy, we will notify active subscribers by email. The updated date at the top of this page will always reflect the latest version.

Contact

For any privacy questions or data requests: [email protected]