Privacy Policy - Fasting.fitness

1. Introduction

Welcome to Fasting.fitness ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our intermittent fasting tracker application.

By using Fasting.fitness, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account using Google or Apple Sign-In, we collect:

Email address
Full name (if provided by your OAuth provider)
Unique user identifier (OAuth provider ID)

2.2 Fasting Data

To provide our fasting tracking services, we collect:

Fasting session start and end times
Planned and actual fasting durations
Autophagy and ketosis level progress
Completed fasting phases

2.3 Health Tracking Data

If you choose to use our tracking features, we collect:

Mood entries (positive, neutral, or negative) with optional comments
Weight measurements and preferred units (kg or lbs)
Timestamps for all tracked entries

2.4 Usage Data

We automatically collect:

Session activity (login/logout events)
Feature usage patterns
Device and browser information

3. How We Use Your Information

We use the collected information for the following purposes:

Service Delivery: To provide, maintain, and improve our fasting tracking services
Personalization: To display your fasting progress, history, and achievements
Analytics: To understand how users interact with our app and improve user experience
Communication: To send you service-related notifications (if enabled)
Security: To detect, prevent, and address technical issues and fraudulent activity
Public Sharing: To display your fasting progress when you choose to share your public link

4. Data Storage and Security

4.1 Secure Authentication

We use industry-standard OAuth 2.0 authentication provided by Google and Apple. We never store your passwords. All authentication is handled by these trusted providers using:

End-to-end encryption during the authentication process
Secure token-based session management
Regular security audits by Google and Apple

4.2 Data Storage

Your data is stored securely using Google Firebase:

All data is encrypted at rest and in transit using TLS/SSL
Stored in secure, GDPR-compliant data centers
Regular automated backups to prevent data loss
Access controls and security rules to protect your information

4.3 Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data will be permanently deleted within 30 days, except where we are required to retain it for legal or regulatory purposes.

5. Data Sharing and Disclosure

5.1 We Do Not Sell Your Data

We do not sell, trade, or rent your personal information to third parties.

5.2 Public Sharing

If you choose to use the public sharing feature, the following information becomes publicly accessible via your unique share link:

Your name (from OAuth provider)
Active fasting session progress and statistics
Current fasting phase information

Your mood entries, weight data, and historical fasting records remain private and are never shared publicly.

5.3 Service Providers

We use the following trusted third-party services:

Google Firebase: For authentication, database, and hosting services
Google OAuth: For secure Google Sign-In
Apple Sign-In: For secure Apple authentication

These providers have their own privacy policies and security measures in place.

5.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

6. Your Rights and Choices

You have the following rights regarding your personal data:

Access: You can view all your data within the app at any time
Export: Use the "Export Data" feature in Settings to download all your information
Delete: You can delete individual entries or clear all data in Settings
Account Deletion: Contact us to permanently delete your account and all associated data
Opt-Out of Sharing: You control your public share link and can stop sharing at any time
Notifications: Manage notification preferences in Settings

7. Cookies and Tracking

We use essential cookies and session tokens to:

Keep you logged in during your session
Remember your preferences
Ensure the security of your account

We do not use advertising or tracking cookies. We do not track you across other websites.

8. Children's Privacy

Our service is not intended for children under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can delete it.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We ensure that such transfers comply with applicable data protection laws and that your data remains protected.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: [email protected]

12. GDPR Compliance

If you are located in the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR):

The right to access, update, or delete your information
The right to rectification if your information is inaccurate or incomplete
The right to object to our processing of your personal data
The right to request restriction of processing
The right to data portability
The right to withdraw consent at any time