TerraFit Privacy Policy

Last Updated: March 27, 2026

TerraFit ("we," "us," or "our") operates the TerraFit mobile application (the "App"). This Privacy Policy explains what information we collect, how we use it, and your rights.

1. Information We Collect

We collect only the information necessary to operate the App.

Account Information

• Email address
• Username and display name
• Encrypted password (hashed; never stored in plain text)
• Onboarding preferences (e.g., goals, fitness level)

Profile & Fitness Data (Optional)

• Body metrics (e.g., weight, measurements)
• Profile photo

Workout Data

• Exercises, sets, reps, weight
• Workout history and progress

Device & Usage Data

• Authentication and push notification tokens
• Basic device and app information

Error Reports

• Crash diagnostics (e.g., stack traces, device type) via Sentry
• No passwords, tokens, or sensitive health data are included

HealthKit (Optional)

• If enabled, we read/write workout data via Apple HealthKit
• This data remains on your device and is not stored on our servers

Voice & Camera

• Voice input is processed on-device only
• Photos are uploaded only when you choose to add them

2. How We Use Information

We use your information to:

• Provide core functionality (tracking workouts, progress, and programs)
• Generate performance insights and recommendations
• Maintain account security and prevent abuse
• Send essential account communications (e.g., password resets)
• Diagnose and fix technical issues

We do not sell your personal data or use it for advertising.

3. Data Sharing

We share data only with service providers necessary to operate the App:

• Supabase - database hosting
• Render - application hosting
• Sentry - error monitoring
• RevenueCat - subscription management
• Email provider - transactional emails

These providers process data on our behalf and do not use it for their own purposes.

We do not share data with advertisers or data brokers.

4. Data Storage & Security

Your data is stored on servers in the United States.

We implement standard security measures including:

• Encrypted data transmission (HTTPS)
• Secure authentication and token handling
• Access controls and rate limiting

5. Data Retention

We retain your data while your account is active.

If you delete your account, we delete your data within 30 days, except where retention is required by law or for limited backup purposes.

6. Your Rights

You may:

• Access and update your data within the App
• Request deletion of your account and data
• Control social visibility and notifications

To request account deletion or support, contact: [email protected]

7. Children's Privacy

The App is not intended for users under 13. We do not knowingly collect data from children.

8. Changes to This Policy

We may update this policy from time to time. Updates will be reflected by the "Last Updated" date. Continued use of the App constitutes acceptance of the updated policy.

9. Contact

For questions or privacy requests:

[email protected]