Your Privacy Rights (GDPR & CCPA)

🌍 Your Data, Your Rights

Regardless of where you live, we believe you should have control over your personal data. This page explains your privacy rights under various laws including GDPR (Europe) and CCPA (California).

For our complete privacy practices, see our Privacy Policy.

Your Universal Rights

No matter where you live, you have the following rights with respect to your personal data:

Right to Know

You have the right to know what personal data we collect about you and how we use it.

Right to Access & Correct

You can access your personal data and request corrections if it's inaccurate.

Right to Delete

You can request deletion of your personal data (subject to certain exceptions).

Right to Data Portability

You can request a copy of your data in a portable format.

Right to Opt-Out

You can opt-out of certain data collection and processing activities.

🇪🇺 GDPR Rights (European Union)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

Your GDPR Rights Include:

1.
Right to Access (Article 15): Request confirmation of what personal data we process and obtain a copy.
2.
Right to Rectification (Article 16): Request correction of inaccurate or incomplete data.
3.
Right to Erasure (Article 17): Request deletion of your data ("right to be forgotten").
4.
Right to Restriction (Article 18): Request limitation of processing in certain circumstances.
5.
Right to Data Portability (Article 20): Receive your data in a structured, commonly used format.
6.
Right to Object (Article 21): Object to processing based on legitimate interests or direct marketing.
7.
Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
8.
Right to Lodge a Complaint: File a complaint with your local data protection authority.

Legal Basis for Processing

Under GDPR, we process your data based on:

Consent: When you explicitly agree to data processing
Contract: To provide services you've requested
Legitimate Interests: For business operations and improvements
Legal Obligations: To comply with applicable laws

🇺🇸 CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Your CCPA/CPRA Rights Include:

1.
Right to Know: Request disclosure of personal information we collect, use, disclose, or sell.
2.
Right to Delete: Request deletion of your personal information.
3.
Right to Opt-Out: Opt-out of the "sale" or "sharing" of personal information.
4.
Right to Correct: Request correction of inaccurate personal information.
5.
Right to Limit Use of Sensitive Data: Limit use of sensitive personal information.
6.
Right to Non-Discrimination: Not be discriminated against for exercising your rights.

Important CCPA Disclosure

Do we "sell" your personal information?

No, we do not sell your personal information in the traditional sense. We do not exchange your data for money. However, like many websites, we use analytics services (e.g., Google Analytics) that may be considered "sharing" under CCPA.

🚫 Do Not Sell or Share My Personal Information

You can opt-out of analytics and tracking by adjusting your cookie preferences or using browser settings.

📊 Categories of Personal Information

We collect the following categories of personal information:

Category	Examples	Purpose
Identifiers	Name, email, user ID	Account management
Fitness Data	Workouts, exercises, metrics	Service functionality
Device Info	Device type, OS, IP address	Analytics & security
Usage Data	App interactions, preferences	Service improvement
Location	Approximate location (if enabled)	Optional features

⏱️ Data Retention

We retain your personal data for as long as necessary to:

Provide our services to you
Comply with legal obligations
Resolve disputes and enforce agreements
Maintain security and prevent fraud

Typical Retention Periods:

Active Account Data: As long as your account is active
Workout History: Until you delete it or close your account
Account After Closure: 30 days for recovery, then deleted
Analytics Data: Anonymized after 26 months (Google Analytics)
Legal/Financial Records: As required by law (typically 7 years)

🔄 How to Exercise Your Rights

Submit a Data Rights Request

📧

Email

Send requests to:

lxftfxtness@gmail.com

📱

In-App

Go to Settings → Privacy → Data Rights

🌐

Online Form

Coming soon - web-based request portal

What to Include in Your Request:

Your full name and email address
Description of your request (access, delete, correct, etc.)
Account information to verify your identity
Specific data you're requesting (if applicable)

⏳ Response Timeline

We will respond to your request within:

GDPR: 1 month (extendable to 3 months for complex requests)
CCPA: 45 days (extendable to 90 days)

✅ Verification Process

To protect your privacy, we need to verify your identity before fulfilling data requests. We may ask you to:

Log into your account
Provide additional identifying information
Confirm your email address
Answer security questions

You can also authorize an agent to make requests on your behalf by providing written authorization.

🚫 Limitations on Rights

In certain circumstances, we may be unable to fulfill your request if:

We cannot verify your identity
The request is manifestly unfounded or excessive
Deletion would violate legal obligations
Data is necessary for legal claims
Data is required for public interest purposes

If we deny your request, we will explain why and inform you of your right to appeal.

🌍 International Data Transfers

If you are located outside the United States, please note that we may transfer your data to and process it in the United States and other countries.

For EEA/UK users, we use appropriate safeguards such as:

Standard Contractual Clauses (SCCs)
Adequacy decisions by the European Commission
Your explicit consent

📞 Contact Our Data Protection Officer

Data Protection Officer / Privacy Team

Email: lxftfxtness@gmail.com

Privacy Inquiries: lxftfxtness@gmail.com

General Support: lxftfxtness@gmail.com

⚖️ Regulatory Authorities

You have the right to lodge a complaint with a data protection authority:

🇪🇺 EU/EEA Residents

Contact your local data protection authority:

Find your DPA

🇺🇸 California Residents

California Privacy Protection Agency:

cppa.ca.gov

💜 We Respect Your Privacy

Your privacy and data protection rights are important to us. We are committed to transparency and giving you control over your personal information. If you have any questions about your rights or our privacy practices, please don't hesitate to contact us.

Version 1.0 • Effective November 1, 2025

This document should be read in conjunction with our Privacy Policy