Summary
Questions? Email support@momentumfithub.com
01What Information Do We Collect?
Personal Information You Provide
We collect personal information you voluntarily provide when registering, using the app, or contacting us:
- Names and usernames
- Email addresses
- Passwords and authentication data
- Fitness and workout data (exercises, sets, reps, weights, duration, personal records)
- Body measurement data (weight, height, and other measurements you choose to log)
Sensitive Information
Fitness and body measurement data may be considered sensitive health data in certain jurisdictions. We process such data only with your explicit consent or as permitted by applicable law. We do not use this data to infer characteristics unrelated to the fitness services you have requested.
Social Login Data
If you register via Google or Apple, we receive limited profile information — typically your name and email address. See Section 05 for full details.
Application & Device Data
- Push Notifications — sent via Firebase Cloud Messaging. You can opt out through your device settings at any time.
- Device & Usage Data — device type, OS, app version, crash reports (Sentry), and feature usage patterns (Mixpanel). Used for troubleshooting and product improvement.
Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
02How Do We Process Your Information?
We process your personal information to:
- Facilitate account creation, authentication, and account management
- Provide and improve the Services, including storing and displaying workout and body measurement history
- Process subscription payments via RevenueCat (iOS/Android) and Stripe (web)
- Send push notifications about your account and app features
- Monitor application stability and diagnose crashes via Sentry
- Analyse feature usage and improve the product via Mixpanel
- Respond to user enquiries and provide customer support
- Send administrative notices such as policy updates
- Detect and prevent fraud or misuse of the Services
- Comply with legal obligations
03What Legal Bases Do We Rely On?
EU & UK (GDPR / UK GDPR)
- Consent — for health/fitness data and push notifications. Withdrawable at any time without affecting prior processing.
- Performance of a Contract — to deliver the Services you signed up for.
- Legitimate Interests — for analytics, crash reporting, fraud prevention, and product improvement, where not overridden by your rights.
- Legal Obligations — where required by law.
Canada
We rely on express or implied consent. You may withdraw at any time. Limited exceptions apply (e.g. fraud detection, legal compliance).
Australia & New Zealand
We process data in accordance with Australia's Privacy Act 1988 and New Zealand's Privacy Act 2020. See Section 11 for regional rights.
04When and With Whom Do We Share Your Information?
We share data only with the following service providers, each under a written agreement:
Cloud infrastructure, authentication, push notifications. Data may be processed in the US.
Subscription and in-app purchase management for iOS and Android.
Web payment processing. Full card details are handled directly by Stripe — we never store them.
Application error and crash monitoring. Reports may include device metadata and anonymised stack traces.
Product analytics and feature usage tracking. Data is pseudonymised where possible.
We may also share information in connection with business transfers, legal requirements, or protection of rights. We do not sell your personal data.
05How Do We Handle Social Logins?
When you register via Google or Apple, we receive limited profile information — typically your name and email address. We use this only to create and manage your account. We do not control how Google or Apple handle your data on their end; review their respective privacy policies for details.
06How Long Do We Keep Your Information?
We retain your data for as long as your account is active. Upon deletion:
| Data type | Retention period |
|---|---|
| Account & profile data | Deleted promptly on request (subject to legal holds) |
| Fitness & body data | Deleted on account deletion |
| Payment records (Stripe / RevenueCat) | Up to 7 years (tax & accounting obligations) |
| Crash & error logs (Sentry) | Up to 90 days |
| Analytics data (Mixpanel) | Up to 24 months, pseudonymised |
Where immediate deletion is not possible (e.g. backup archives), data will be isolated from further processing until deletion is complete.
07How Do We Keep Your Information Safe?
We use industry-standard security measures including encrypted data transmission (TLS/HTTPS), secure cloud infrastructure via Firebase, and strict access controls. Our third-party providers (Sentry, Stripe, RevenueCat) maintain their own security certifications.
No internet transmission is 100% secure. We cannot guarantee that unauthorised parties will never defeat our security measures. Transmitting personal information to our Services is at your own risk; please use a secure environment.
08What Are Your Privacy Rights?
Depending on your location, you may have the right to:
- Access — request a copy of the personal information we hold about you
- Rectification — request correction of inaccurate or incomplete data
- Erasure — request deletion of your personal information
- Restrict processing — request that we limit how we use your data
- Data portability — receive your data in a structured, machine-readable format
- Object — object to processing based on legitimate interests or for direct marketing
- Withdraw consent — where processing is consent-based, withdraw at any time without affecting prior processing
- No automated decisions — we do not make solely automated decisions with legal or similarly significant effects
To exercise any right, email support@momentumfithub.com. We respond within one month, free of charge.
Account Information
You may review, update, or delete your account at any time via account settings or by contacting us.
09Controls for Do-Not-Track
Because no uniform standard for recognising Do-Not-Track (DNT) signals has been finalised, we do not currently respond to DNT browser signals. If a standard is adopted that we are required to follow, we will update this policy accordingly.
10US Residents
If you reside in California, Colorado, Connecticut, Virginia, Texas, Oregon, Montana, or another state with a comprehensive privacy law, you have the right to:
- Know whether we process your personal data
- Access and obtain a copy of your personal data
- Correct inaccuracies in your personal data
- Request deletion of your personal data
- Opt out of sale or sharing of personal data — We do not sell personal data
- Non-discrimination for exercising your privacy rights
California residents may additionally request, once per year and free of charge, information about categories of personal information disclosed to third parties for direct marketing purposes (Cal. Civ. Code § 1798.83). We do not share personal information with third parties for their direct marketing purposes.
Categories Collected in the Last 12 Months
| Category | Collected |
|---|---|
| Identifiers (name, email, username, IP, device ID) | Yes |
| Personal info under CA Customer Records statute | Yes |
| Protected classifications (age/DOB if provided) | Yes |
| Commercial information (subscription/purchase history) | Yes |
| Biometric information | No |
| Internet/network activity (app usage, crash logs) | Yes |
| Geolocation data | Limited — approximate only (country/region from IP) |
| Audio, electronic, sensory data | No |
| Professional or employment data | No |
| Education information | No |
| Inferences from personal data | No |
| Sensitive info (health/fitness data, login credentials) | Yes |
To exercise your rights, email support@momentumfithub.com. We will verify your identity before processing requests. You may designate an authorised agent to submit requests on your behalf.
11Other Regions
Australia & New Zealand
We process your data under Australia's Privacy Act 1988 and New Zealand's Privacy Act 2020. You have the right to request access to or correction of your personal information at any time.
If you believe we are unlawfully processing your data, you may lodge a complaint with:
- Australia: Office of the Australian Information Commissioner (oaic.gov.au)
- New Zealand: Office of the Privacy Commissioner (privacy.org.nz)
EEA & United Kingdom
You have all the rights described in Section 08 and may lodge a complaint with your local data protection authority — in the UK, the Information Commissioner's Office (ico.org.uk). For EEA residents, contact your relevant Member State supervisory authority.
Where we transfer your data outside the EEA or UK, we ensure appropriate safeguards (e.g. Standard Contractual Clauses) are in place.
Switzerland
You may contact the Federal Data Protection and Information Commissioner (FDPIC) if you have concerns.
12Do We Update This Policy?
Yes. We may update this policy from time to time; the "Last updated" date at the top reflects the most recent version. For material changes, we will notify you via a prominent in-app notice or an email to the address associated with your account. We encourage you to review this policy periodically.
13–14Contact Us & Data Requests
Momentum
Email: support@momentumfithub.com
To review, update, or delete your personal information, contact us at the email above. We will respond within one month of receiving your verified request, in accordance with applicable data protection law.