Privacy Policy

To provide our technology and management services, we collect several categories of information, which may include personal data and sensitive health information:

Account Registration Data: Name, email address, phone number, date of birth, physical address, and government-issued identification numbers (where required for tax or compliance purposes).

Professional Credentials: Certification details, regulatory or professional council registrations (e.g., NCCA, CIMSPA, AUSactive credentials), and commercial banking/payout information.

Health and Wellness Data (Sensitive Information): Weight, height, body fat percentage, injury history, physical limitations, medical conditions relevant to fitness, progress photos, heart rate, and workout performance metrics uploaded by you or your trainer.

Payment and Financial Data: Credit card numbers, expiration dates, security codes, and billing details. All payment processing is handled securely by our integrated, PCI-DSS compliant third-party payment gateways (e.g., Stripe). Fitvia does not store raw credit card numbers on its servers.

Usage and Device Data: IP address, device type, operating system, browser type, unique device identifiers, approximate geographic location, and platform interaction logs.

We process your data based on contractual necessity, legitimate business interests, and explicit consent for specific purposes:

Service Delivery and Contract Execution: To enable trainers to build and prescribe workouts, allow clients to access training programs, and maintain application functionality.

Financial Processing: To securely handle payment processing, automate content unlocking, and execute correct revenue splits and payouts to professionals.

Service Optimization and Product Development: To analyze user behavior, fix bugs, improve app interfaces, and train our proprietary Artificial Intelligence (AI) models using aggregated, anonymized, or de-identified data to enhance workout and scheduling suggestions.

Communications: To send automated system notifications, workout reminders, billing alerts, security updates, and administrative announcements.

Security and Fraud Prevention: To detect, investigate, and prevent unauthorized access, revenue evasion, software circumvention, financial fraud, or other malicious activity.

Fitvia does not sell, rent, or trade your personal or health data to third parties for marketing purposes. Data sharing is strictly limited to the following scenarios:

Between Professional and Client: A client's health data, progress metrics, and photos are explicitly visible to the specific professional or trainer hired by that client within the Platform.

Third-Party Service Providers: We share data with trusted vendors who support our infrastructure, including cloud hosting providers (e.g., Cloudflare), database management systems, and automated email services. These providers are contractually bound to safeguard your data.

Integrated Payment Gateways: Financial transaction data is shared directly with our payment gateway partners to clear charges and process compliance checks.

Legal and Regulatory Compliance: We may disclose your information to federal, state, or international authorities if required to do so by applicable law, court order, subpoena, or government regulation, or to protect the safety, rights, and property of Fitvia, its users, or the public.

4.1 Data Security Measures: We implement industry-standard administrative, technical, and physical security measures. All sensitive health data and financial details are encrypted in transit using Transport Layer Security (TLS) and encrypted at rest on our secure cloud server architecture. Access to infrastructure servers is strictly restricted to authorized engineering personnel under zero-trust protocols.

4.2 International Data Transfers: Fitvia utilizes a globally distributed cloud infrastructure. By accessing the Platform, users in the US, Canada, UK, Australia, Brazil, and other regions acknowledge and agree that their personal and health data may be transferred to, stored, and processed in the United States or other international server locations. We ensure these transfers comply with recognized international data transfer mechanisms.

4.3 Data Retention: We retain your personal and health data for as long as your account remains active. Upon account deletion, Fitvia will permanently delete or anonymize your data, except for information we are legally required to retain under US federal, state, or international tax, accounting, anti-fraud, and corporate record-keeping laws.

Depending on your jurisdiction (including but not limited to the US, Canada, UK, Australia, and Brazil), you possess specific rights regarding your personal data. You may exercise these rights at any time through our official support channels:

Right to Access and Portability: You may request a copy of all personal data Fitvia holds about you.

Right to Rectification: You can update or correct incomplete, inaccurate, or outdated data in your profile at any time.

Right to Deletion ("Right to be Forgotten"): You may request the permanent deletion of your account and associated personal data, subject to legal data retention holdbacks.

Right to Restrict or Object to Processing: You may object to the processing of your data for specific business purposes, such as receiving promotional updates.

Compliance Frameworks: Fitvia operates in compliance with the Federal Trade Commission (FTC) guidelines, the California Consumer Privacy Act (CCPA/CPRA), the UK/EU General Data Protection Regulation (GDPR), and Brazil's General Data Protection Law (LGPD - Law 13.709/18) regarding the handling of data originating from those respective regions.

The Platform is intended exclusively for adults and individuals who have reached the legal age of majority in their jurisdiction. Fitvia does not knowingly collect or solicit personal information from children under the age of 13 (or under 16 in the UK/EU/Brazil). In compliance with the Children's Online Privacy Protection Act (COPPA), if we discover that a child under the required legal age has provided us with personal data without verifiable parental consent, we will delete that information from our servers immediately.

We use cookies, tokens, and tracking technologies to authenticate your identity, securely maintain active sessions, remember user interface preferences, and analyze platform performance. You can choose to disable cookies through your individual browser or device settings; however, doing so may cause certain automated functions, workout delivery flows, or checkout features of Fitvia to malfunction.

Fitvia reserves the right to modify, amend, or update this Privacy Policy at any time to reflect technical updates, infrastructure changes, or shifting international legal requirements. When updates occur, we will revise the "Last Updated" date at the top of this page. Your continued use of the Platform after an update constitutes your explicit acceptance of the revised Privacy Policy.

For any questions, privacy concerns, or to exercise your individual data rights, you may contact our privacy operations team at:

Fitvia LLC

Email: legal@fitvia.me (or privacy@fitvia.me)