fitRDY Privacy Policy
Last updated: May 22, 2026
1. Who We Are
fitRDY is operated by fitRDY Inc. and provides a digital fitness and health platform that delivers personalized training, recovery, and lifestyle guidance through adaptive programming and performance insights. The app helps individuals improve their health and performance by combining training plans, readiness and recovery tracking, nutrition guidance, and optional integrations with wearable devices and other health data sources. This Privacy Policy explains what information we collect, how we use it, and the choices you have regarding your data when using the fitRDY platform.
Privacy contact for fitRDY Inc.: hello@fitrdy.com
fitRDY is a fitness and wellness technology service. It is not a healthcare provider, health plan, medical device, or emergency service. Unless fitRDY separately enters a written business-associate agreement for a specific customer relationship, fitRDY does not treat ordinary direct-to-consumer app accounts as HIPAA-covered services.
2. Scope
This policy applies to your use of fitRDY services across fitRDY.com, hosted web app surfaces,
and fitRDY mobile applications on iOS and Android, as well as optional third-party integrations you connect through fitRDY.
3. Information We Collect
Account and profile
- Account identifiers (for example, user ID and login email).
- Profile and onboarding fields you provide in the app.
- Health, fitness, nutrition, readiness, body-composition, sleep, cycle-support, PAR-Q, goal, and training preference fields you choose to provide.
- Subscription and entitlement metadata required to operate your account.
Usage and system data
- Operational logs, timestamps, and sync status metadata.
- Error diagnostics needed for reliability, security, and support.
- Admin/ops metrics used to monitor platform health and compliance posture.
Wearable and training data (when you connect a provider)
Depending on provider capabilities and permissions, fitRDY may process activity and health signals such as: workouts, sleep, recovery signals, heart-rate related fields, step counts, and calorie metrics.
Health Connect and similar mobile health bridges may request specific health categories including sleep, heart rate, resting heart rate, heart-rate variability, weight, body fat, lean body mass, oxygen saturation, respiratory rate, VO2 max, skin temperature, steps, step cadence, floors climbed, exercise sessions, active calories, total calories, and background read access when you enable automatic sync. fitRDY uses only the categories you grant and stores normalized summaries or samples needed for training, readiness, nutrition, and support workflows.
| Provider | Typical data categories | Purpose |
|---|---|---|
| Strava | Activity title/ID, start time, duration, distance, available HR fields | Cardio history, adherence context, coaching workflow support |
| Garmin Connect, WHOOP, Polar | Workout records plus daily health/recovery signals when available | Recovery-aware recommendations and training-load planning |
| Mobile health bridges and companion apps | Device health exports submitted or synced by the user from supported mobile apps, including Health Connect categories you approve | Normalize cross-provider health signals into one coaching profile |
Images and uploads
If you use photo or upload features, fitRDY may process meal photos, nutrition label photos, leftovers photos, body-composition scan images, workout screenshots, and related user notes. These uploads are used only to provide the requested parsing, review, coaching, or troubleshooting feature.
4. How We Use Information
- Deliver and maintain core app functionality, including connected sync flows.
- Generate training, recovery, and nutrition recommendations inside your account.
- Provide customer support and troubleshoot integration issues.
- Protect security, detect abuse, and maintain audit/compliance records.
- Meet contractual, legal, and regulatory obligations.
5. AI-Assisted Features
fitRDY uses AI-assisted tooling to help generate or refine training plans, nutrition guidance, summaries, and related coaching-support content. To provide those features, fitRDY may process relevant profile, training, recovery, readiness, and nutrition information that you provide in the platform or through connected integrations.
Some AI-assisted features send the minimum practical context to AI service providers, including OpenAI, for processing. That context may include meal or label photos, body-composition scan images, workout screenshots, food descriptions, profile details, training history, wearable summaries, readiness check-ins, or coaching prompts when those details are needed for the feature you use.
AI-generated outputs are intended to support human coaching and user decision-making, not replace professional judgment.
fitRDY does not use your account health, fitness, nutrition, image, or coach data to train fitRDY foundation models. When fitRDY uses OpenAI API services for selected features, fitRDY relies on provider API settings and terms intended for business processing; OpenAI states that API data is not used to train OpenAI models unless the API customer opts in. AI providers may still retain limited logs for abuse monitoring, security, or legal compliance according to their own terms.
6. Coach Access and Member Sharing
fitRDY may include coach features. For launch, a coach relationship is created only when you make an express choice to use a coach path, such as signing up with a coach join token or manually adding/selecting a coach later. Coaches are not assigned to your account without your decision to use that coach relationship.
When you enable a coach relationship, fitRDY may let that coach view the data categories allowed for that relationship, such as nutrition targets and logs, workout and cardio history, and body-composition trend context. You remain able to use fitRDY without exposing your data to unrelated users, and coach access can be revoked or changed through supported account or support workflows.
Internal beta testing may use controlled test access for staff or founders to validate coach workflows. That beta-only access is not the normal launch model for member-coach relationships.
7. Legal Bases (where applicable)
- Contract performance: to provide the services you request.
- Consent: for optional connected integrations, Health Connect/mobile health permissions, coach relationships, and related syncing.
- Legitimate interests: reliability, security, fraud prevention, and service improvement.
- Legal obligation: when retention or disclosure is required by law.
8. Sharing and Disclosure
- We do not sell personal data or sell connected-provider activity/health data.
- We do not share Health Connect, wearable, nutrition, body-composition, or other sensitive health data with advertising platforms, data brokers, or information resellers.
- We do not use sensitive health data for targeted advertising, credit, insurance, employment, or eligibility decisions.
- We share data with service providers needed to run the platform, such as hosting, database, authentication, storage, email/support, payments, app distribution, monitoring, and AI processing providers.
- We share data with a coach only when you choose to create or use a coach relationship and only within the access scope supported for that relationship.
- We may disclose information when legally required or to protect rights, safety, and security.
- If fitRDY is involved in a merger, acquisition, or asset transfer, relevant data may be transferred as part of that transaction.
Current major infrastructure and processing categories include Firebase/Google services for authentication, database, storage, hosting, and Android distribution; OpenAI for selected AI-assisted features; Stripe for payment and billing workflows when used; wearable and health providers you connect; and hosting/operations services used to run the fitRDY bridge and support workflows.
9. Data Retention
We retain data for as long as necessary to deliver services and satisfy legal, security, accounting, and support obligations.
| Category | Typical retention approach |
|---|---|
| Account and profile records | Retained while account is active and for legitimate post-termination obligations. |
| Connected-provider sync records | Retained while connection is active or until user deletion/disconnect actions require removal. |
| Health, nutrition, workout, body-composition, and readiness history | Retained while your account is active so the app can show history, trends, and coaching context, unless you request deletion or a narrower lawful retention need applies. |
| Uploaded images and parsed AI outputs | Retained as needed for the feature, review history, troubleshooting, or deletion request handling; temporary upload helpers may expire sooner. |
| Integration tokens and connection secrets | Retained only while needed to maintain the connected integration, then removed or disabled after disconnect, deauthorization, or verified deletion where applicable. |
| Billing and transaction records | Retained as required for accounting, tax, fraud-prevention, dispute, and legal obligations. |
| Security and operational logs | Retained for limited periods required for monitoring, abuse prevention, and incident response. |
10. Your Choices and Rights
- Disconnect integrations at any time from the fitRDY integrations interface.
- Grant, deny, or revoke mobile health permissions through your device or Health Connect settings.
- Choose whether to create or use a coach relationship before coach-visible data sharing begins.
- Request deletion using Data Deletion.
- Contact support for access, correction, deletion, or portability requests where applicable.
For privacy support, email hello@fitrdy.com.
11. Security
- Role-based access controls and scoped auth checks for connected sync operations.
- Encryption in transit and controlled server-side storage for integration credentials.
- Monitoring and audit telemetry for operational and compliance posture.
Security questions or vulnerability reports can be sent using the process on Security.
12. Children
fitRDY is intended for adults and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal data, contact us so we can investigate and remove it.
13. Additional Health, AI, and Coach Disclosure
A concise standalone summary of sensitive health data, AI-assisted processing, and coach access is available at Health Data, AI, and Coach Disclosure.
14. Changes to This Policy
We may update this policy as products, integrations, or legal requirements change. We will update the "Last updated" date when revisions are made.
If a change materially expands how fitRDY uses or shares sensitive health data, we will provide notice appropriate to the change and, where required, ask for consent before the expanded use begins.
Strava is a trademark of Strava, Inc. Garmin is a trademark of Garmin Ltd. or its subsidiaries. Use of third-party data through fitRDY is subject to applicable provider terms and permissions.