Privacy Policy

Introduction

MedBFit ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

By using MedBFit, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Services.

Information We Collect

Personal Information You Provide:

• Account Information: Name, email address, phone number, date of birth
• Profile Data: Photos, bio, fitness goals, experience level
• Health & Fitness Data: Height, weight, body measurements, medical conditions, injuries
• Training Data: Workout history, exercise preferences, progress photos, performance metrics
• Payment Information: Credit card details (processed by Stripe - we don't store card numbers)
• Communication Data: Messages between trainers and clients, feedback, support requests

Information Collected Automatically:

• Device Information: Device ID, model, operating system, app version
• Usage Data: Features used, session duration, clicks, page views
• Location Data: GPS location (only if you enable location services)
• Log Data: IP address, browser type, access times, referring URLs

How We Use Your Information

We use the collected information for various purposes:

• To provide and maintain our fitness training services
• To match clients with appropriate trainers
• To track and display your fitness progress
• To process payments and manage subscriptions
• To send notifications about workouts, appointments, and updates
• To provide customer support and respond to inquiries
• To improve our app and develop new features
• To send marketing communications (with your consent)
• To detect and prevent fraud or technical issues
• To comply with legal obligations

How We Share Your Information

We may share your information in the following situations:

• With Your Trainer/Clients: Profile information, fitness data, and messages as necessary for training
• Service Providers: Supabase (database), Stripe (payments), SendGrid (emails)
• Analytics Partners: Google Analytics (anonymized data only)
• Legal Requirements: When required by law or to protect rights and safety
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• With Your Consent: When you explicitly agree to share information

Data Security

We implement industry-standard security measures to protect your data:

• SSL/TLS encryption for all data transmissions
• Encrypted storage of sensitive information
• Regular security audits and vulnerability assessments
• Limited employee access on a need-to-know basis
• Two-factor authentication available for accounts
• Regular backups with disaster recovery procedures
• PCI DSS compliance for payment processing

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Your Privacy Rights

You have the following rights regarding your personal information:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Portability: Receive your data in a machine-readable format
• Restriction: Limit how we process your information
• Objection: Opt-out of certain uses of your data
• Withdraw Consent: Revoke previously given permissions

To exercise these rights, contact us at privacy@medbfit.com

Cookies and Tracking

We use cookies and similar tracking technologies to:

• Keep you logged in to your account
• Remember your preferences and settings
• Analyze app usage and performance
• Provide personalized content and recommendations

You can control cookies through your browser settings, but disabling them may limit app functionality.

Children's Privacy

MedBFit is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are under 16, please do not use our services or provide any information. If we learn we have collected information from a child under 16, we will delete it.