Privacy Policy
Information We Collect
We collect the following categories of personal data depending on how you interact with FitPassio:
1.1 Personal Information
| Data | Required / Optional | Purpose |
|---|---|---|
| Phone number | Required | Account creation and login via OTP |
| Full name | Required | Profile identification |
| Email address | Optional | Profile and communication |
| Date of birth | Optional | Age calculation and profile |
| Gender | Optional | Profile personalization |
| Address | Optional | User profile |
1.2 Health and Fitness Data
📏 Body Metrics
Height (feet & inches) and weight (kg & lbs) for fitness tracking features
🏋️ Activity Data
Monthly workout tracking, attendance days, leave days, and progress records
1.3 Location Data
📍 Precise Location (GPS)
Used to discover nearby gyms and display them on a map
🗺 Approximate Location
Network-based fallback for gym discovery when GPS is unavailable
Location data is collected only when the app is in use and you have granted permission. You can revoke it anytime through your device settings.
1.4 Media
Profile image — uploaded by you and stored in Firebase Storage. Images are compressed before upload.
1.5 App Activity & Membership Data
- Gym membership details (plan name, duration, start/end dates, remaining days)
- Gym enrollment and leave records
- Notification preferences and interaction history
1.6 Device & Technical Information
- Firebase instance identifiers — automatically collected by Firebase SDKs for push notification delivery and app security (Firebase App Check)
- FCM token (device notification identifier) — used to deliver push notifications to your device
We do not collect IP addresses, browser data, advertising IDs, device IMEI, MAC addresses, financial/payment data, or any analytics tracking data. We do not use cookies or any web-based tracking.
How We Use Your Data
We use the collected data strictly for the following purposes:
- Account management — to create, authenticate, and maintain your user account
- Service delivery — to provide gym discovery, membership tracking, leave management, and fitness tracking features
- Notifications — to send push notifications about membership expiry, leave updates, gym recommendations, and offers (based on your notification preferences)
- Profile management — to display and update your profile information
- Location-based services — to show nearby gyms on a map and calculate distances
- Security — to verify device integrity via Firebase App Check
🚫 What We Never Do
We do not use your data for advertising, analytics profiling, or any purpose unrelated to app functionality. We do not perform any behavioural tracking or build advertising profiles.
Data Sharing
We share your data only with the following third-party service providers, strictly for app functionality:
| Service Provider | Data Shared | Purpose |
|---|---|---|
| Firebase Authentication (Google) | Phone number | OTP-based login and account verification |
| Firebase Cloud Messaging (Google) | FCM device token | Push notification delivery |
| Firebase Storage (Google) | Profile image | Cloud storage for profile photos |
| Firebase App Check (Google) | Device attestation data | Preventing unauthorized access |
| Mapbox | Map tile requests (no personal data) | Rendering gym locations on the map |
| FitPassio backend server | All user-provided data | Core app functionality, membership management |
We do not sell, rent, or trade your personal data. We do not share data with advertisers or analytics companies. We may disclose data if required by law, court order, or government authority.
Data Retention
📋 Our Retention Policy
We retain user data only while the account is active. When a user deletes their account, all personal data is permanently deleted within 7 days. We do not retain personal data beyond this period. No backups or copies are kept after deletion.
| Scenario | Retention Period | Notes |
|---|---|---|
| Active account | Duration of account activity | Retained only while you actively use our services |
| After account deletion | Deleted within 7 days | Permanently removed from all servers |
| Firebase Authentication data | Deleted within 7 days | Auth records removed along with account |
| Firebase Storage (profile image) | Deleted within 7 days | Profile photos permanently removed |
| Post-deletion | None retained | No backups or copies kept |
We do not retain billing records, usage logs, or any other data beyond what is needed for active service delivery. There is no extended retention period for any category of data.
Data Deletion
You have the right to delete your account and all associated data at any time.
Option 1: Delete from within the app
- Open the FitPassio app
- Go to Settings
- Tap Delete My Account
- Choose to remove yourself from specific gyms, or permanently delete your entire account
- Confirm the deletion
Option 2: Request via email
If you are unable to access the app, email support@fitpassio.com with your registered phone number. We will process your request within 7 days.
What gets deleted
Account deletion is permanent and irreversible.
Permissions
The app requests the following device permissions:
| Permission | Why We Need It |
|---|---|
| Internet | Required for all network communication with our servers and Firebase |
| Precise Location (GPS) | To discover and display nearby gyms on the map |
| Approximate Location | Fallback location for gym discovery when GPS is unavailable |
| Push Notifications | To send membership alerts, leave updates, offers, and gym recommendations |
| Vibrate | For notification alerts |
All permissions are optional except Internet. You can deny or revoke any permission through your device settings. Denying location permission will disable the nearby gyms feature but the rest of the app will continue to work.
Data Security
🔐 Transit Encryption
All data transmitted between the app and our servers is encrypted using HTTPS (TLS)
☁️ Firebase Security
Firebase services use Google's security infrastructure for data protection
🔑 Auth Tokens
Authentication tokens (JWT) are stored securely on your device
✅ App Check
Firebase App Check is used to prevent unauthorized API access and verify device integrity
While we implement reasonable security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security. Report vulnerabilities to support@fitpassio.com.
Children's Privacy
FitPassio is not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe we have collected data from a child, please contact us at support@fitpassio.com and we will promptly delete it.
Your Rights
👁 Access
Request a copy of your personal data
✏️ Correction
Update inaccurate or incomplete data via your profile settings
🗑 Deletion
Permanently delete your account and all data (see Section 5)
🔕 Withdraw Consent
Revoke permissions (location, notifications) through device settings
📦 Portability
Request your data in a portable format by contacting us
🚫 Object
Object to any processing you believe is not justified
To exercise any of these rights, contact us at support@fitpassio.com. We respond within 30 days.
Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes, we will update the "Last Updated" date at the top of this page and notify registered users of material changes at least 14 days in advance. Continued use of the app after changes constitutes acceptance of the updated policy.
Contact Us
🛡 FitPassio Technologies Pvt. Ltd.
For any questions, concerns, or requests regarding this Privacy Policy or your personal data:
Email: support@fitpassio.com
Address: 4th Floor, Innovation Hub, Bandra Kurla Complex, Mumbai – 400051, India
Your Privacy, Our Commitment
We are dedicated to protecting your personal data and being transparent about how it is used.