Privacy Policy

Fitness Challenge · Last updated: March 30, 2026

Fitness Challenge ("the App") is a mobile application that allows groups of friends to compete in fitness challenges using health data from Apple HealthKit. Your privacy is important to us. This policy explains what data we collect, how we use it, and your rights.

1. Data We Collect

Data Type	Purpose	Storage
Display Name	Shown to group members on the leaderboard. You can customize this directly in the App.	Device & Server
Apple Sign-In Information	Optional. Name, Email, and Apple ID used to secure your account, allowing syncing and recovery.	Server
HealthKit Data Read-only	Steps, distance, flights climbed, and active calories for challenge tracking	Server (aggregated daily values only)
Group Membership	Associates you with your challenge groups (up to 5)	Server
Device Token	Required to send push notifications for challenge updates and rank changes.	Server (Securely stored)

2. What We Do NOT Collect

We do not collect your phone number, physical address, or location data.
We do not use advertising trackers, analytics SDKs, or any third-party tracking tools.
We do not sell, rent, or share your data with third parties for marketing purposes.
We do not write to or modify your Apple Health data. The App has read-only access.

3. Apple HealthKit Data

The App requests read-only access to specific HealthKit data types relevant to your active challenge (e.g., Step Count, Walking + Running Distance, Flights Climbed, or Active Energy Burned). This data is:

Only accessed when you are participating in an active challenge.
Aggregated into daily totals before being sent to the server.
Used solely to display your progress on the group leaderboard.
Never used for advertising, marketing, or sold to third parties.
Never stored in iCloud or transferred to any platform other than our secure database for leaderboard purposes.
May be accessed in the background to keep your progress synchronized with the group leaderboard.

Background synchronization is used to ensure that the leaderboard remains accurate for all participants. You can control this access through your device's system settings.

In compliance with Apple's guidelines, HealthKit data is not used for any purpose other than providing the health and fitness functionality described above.

4. Push Notifications

The App offers push notifications to keep you informed about challenge start/end times, rank changes on the leaderboard, and other group updates. We collect a unique device token from your phone to deliver these messages.

Opt-in: Notifications are only sent if you explicitly grant permission.
Controls: You can choose from 'All', 'Limited', or 'Off' within the App's settings at any time.
No Marketing: We never use push notifications for advertising or promotional purposes.

5. Authentication & Anonymous Accounts

The App supports Anonymous Accounts, allowing you to create or join groups and participate in fitness challenges immediately without providing any personal information.

To prevent data loss and enable syncing across multiple devices, we recommend using Sign in with Apple. This securely links your anonymous progress to your Apple ID. Your authentication is securely managed by Apple, and no passwords are ever created or stored by our servers.

6. Data Storage & Security

Server-side data is stored in a Supabase-hosted PostgreSQL database with row-level security (RLS) policies to ensure users can only access data associated with their groups. Communication between the App and the server is encrypted via HTTPS/TLS.

7. Data Retention & Deletion

Your data is retained only for as long as you are a member of a group. You can leave a group at any time, which removes your membership and associated health logs. Admins can permanently delete a group, which removes all associated data for all members.

You may also request complete account deletion via the support email below.

8. Children's Privacy

The App is not directed at children under the age of 13. We do not knowingly collect data from children. If you believe a child has provided us with data, please contact us and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected on this page with an updated "Last updated" date. Continued use of the App after changes constitutes acceptance of the revised policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at:

michaelyta@gmail.com