Privacy Policy

Body Fitness AI, a division of Escape Tech Enterprises, Inc. ("Body Fitness AI," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and services (collectively, the "Service").

Please read this Privacy Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

1. Information We Collect

1.1 Personal Information You Provide

We collect information that you voluntarily provide to us when you register for an account, use our Service, or communicate with us. This may include:

• Account Information: Email address, password (encrypted), name, date of birth, gender
• Profile Information: Height, weight, fitness goals, training experience, available equipment, physical limitations or injuries, one-rep max estimates for key exercises
• Workout Data: Exercise selections, sets, reps, weights used, RPE (Rate of Perceived Exertion) feedback, workout completion data, training logs
• Communication Data: Messages you send to our AI coach during workouts, support inquiries
• Payment Information: Processed securely through Stripe; we do not store full credit card numbers

1.2 Information Collected Automatically

When you access our Service, we automatically collect certain information, including:

• Usage Data: Pages visited, features used, time spent on pages, workout session duration
• Device Information: IP address, browser type, operating system, device identifiers
• Cookies and Tracking: Session cookies for authentication, analytics cookies (see Section 8)

1.3 AI-Generated Data

Our Service uses artificial intelligence (Claude Sonnet 4 by Anthropic) to generate workout programs and coaching guidance. We collect:

• User prompts and AI responses during coaching sessions
• AI-validated profile data (goals, limitations, equipment)
• Token usage metrics for billing and service optimization

2. How We Use Your Information

We use your information for the following purposes:

• Provide and Improve Service: Generate personalized workout programs, provide AI coaching, track progress, adapt exercises based on feedback
• Account Management: Create and maintain your account, authenticate access, communicate important updates
• Billing and Payments: Process subscription payments, manage token balances, send billing notifications
• Safety and Legal Compliance: Enforce our Terms of Service, detect fraud, comply with legal obligations
• Analytics and Research: Understand usage patterns, improve AI coaching quality, develop new features
• Communication: Send verification emails, workout summaries, service updates (you can opt out of marketing emails)

3. Third-Party Service Providers

We share your information with trusted third-party service providers who assist us in operating our Service:

• Anthropic (Claude AI): Processes your workout data and profile information to generate coaching guidance. Subject to Anthropic's privacy policy.
• Stripe: Processes payment information securely. We do not store full credit card details. Subject to Stripe's privacy policy.
• Hosting Providers: AWS Route53 (DNS), Vercel (frontend hosting), self-hosted infrastructure for backend and database
• Email Services: Dovecot SMTP for verification and notification emails
• Analytics: We may use analytics tools to understand usage patterns (you can opt out via browser settings)

These third parties are contractually obligated to use your information only for the purposes we specify and to maintain appropriate security measures.

4. Data Retention

We retain your information for as long as necessary to provide our Service and fulfill the purposes described in this Privacy Policy:

• Active Accounts: We retain all account and workout data while your account is active
• Deleted Accounts: When you delete your account, we anonymize or delete your personal information within 30 days, except where retention is required by law
• Billing Records: Retained for 7 years for tax and accounting purposes
• Liability Waivers: Retained indefinitely for legal protection

5. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Update or correct inaccurate information through your account settings
• Deletion: Request deletion of your account and associated data (subject to legal retention requirements)
• Portability: Request a machine-readable copy of your workout data
• Opt-Out: Unsubscribe from marketing emails (service emails required for account operation)
• Restrict Processing: Request limitations on how we use your information

To exercise these rights, please contact us at privacy@bodyfitnessai.com. We will respond within 30 days.

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption in transit (HTTPS/TLS) and at rest for sensitive data
• Password hashing using industry-standard bcrypt algorithm
• Regular security audits and updates
• Access controls limiting employee access to personal information
• Secure payment processing via PCI-compliant provider (Stripe)

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@bodyfitnessai.com, and we will delete such information.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies:

• Essential Cookies: Required for authentication and service functionality (cannot be disabled)
• Analytics Cookies: Help us understand usage patterns and improve the Service (can be disabled via browser settings)

You can control cookie preferences through your browser settings, but disabling essential cookies may limit Service functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. Our servers are located in the United States. By using our Service, you consent to the transfer of your information to the United States and other jurisdictions where our service providers operate.

We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information (subject to exceptions)
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your CCPA rights

To exercise these rights, contact us at privacy@bodyfitnessai.com.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated Privacy Policy on this page with a new "Last Updated" date
• Sending an email notification to your registered email address

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us: