Privacy Policy

Introduction

Fitxone LLC ("Fitxone," "Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy ("Policy") describes how we collect, use, disclose, store, and protect information when you use our website (www.fitxone.com), AI-powered coaching chat, online fitness programs, nutrition plans, digital products, subscription services, one-on-one coaching services, and all related services (collectively, the "Services").

This Policy applies to all information collected through:

• Our website and web-based platform
• Email and electronic communications
• Online forms, checkout flows, and account registrations
• AI coaching chatbot interactions (powered by the Anthropic Claude API)
• Coaching sessions and consultations
• Stripe payment and subscription processing
• Third-party integrations and platforms

By using our Services, you consent to the data practices described in this Policy. If you do not agree, please do not use our Services.

Fitxone operates globally from its principal base in Dubai, UAE, with its legal entity registered in Wyoming, USA. By using our Services, you consent to the transfer of your information to the United States and other jurisdictions where our service providers operate.

Information We Collect

Account and Contact Information:

• Full name and email address
• Date of birth and gender (optional)
• Physical address (for billing purposes)
• Emergency contact information (optional)

Health and Fitness Information:

• Medical history and health conditions (via PAR-Q assessment)
• Physical measurements (height, weight, body composition)
• Fitness goals, preferences, and current fitness level
• Dietary restrictions and nutritional information
• Injuries, limitations, and medications
• Pregnancy status (where relevant to program safety)

Payment and Billing Information:

• Credit/debit card details (processed and stored securely by Stripe — we do not store card numbers)
• Billing address and transaction history
• Subscription plan details and renewal dates
• Promotional code usage (including LAUNCH50 and future codes)

• IP address and approximate geolocation
• Device type, operating system, and browser version
• Pages visited, session duration, and navigation patterns
• Download events for digital products
• Crash reports and error logs

We use Essential, Analytics, Preference, and Session cookies. We do not currently use marketing/retargeting cookies, device fingerprinting, or cross-site tracking. If this changes, this Policy will be updated and you will be notified.

We may collect health-related sensitive information through fitness assessments. This is used solely to provide safe, personalised Services. By completing our assessment or purchasing a program, you explicitly consent to our processing of this information.

How We Use Your Information

• Deliver purchased digital products (PDF programs and guides) via email
• Activate and manage subscription plans and recurring billing via Stripe
• Provide personalised fitness and nutrition programs
• Conduct coaching sessions and consultations
• Process payments and apply valid promotional codes
• Track purchase history and grant access to purchased content
• Provide customer support via email and WhatsApp

• Send order confirmations and digital product delivery emails
• Send subscription renewal reminders and billing notifications
• Share program updates and educational content
• Send marketing communications (with your consent — opt-out available anytime)
• Notify you of material changes to this Policy or our Terms

• Analyse usage patterns to improve our website and programs
• Improve AI coaching chatbot responses and safety
• Verify identity and prevent fraud and chargebacks
• Comply with legal obligations

How We Share Your Information

We share information only with trusted third-party providers who assist in operating our Services:

• Stripe — Payment processing, subscription management, and billing (stripe.com/privacy)
• Anthropic — AI chatbot processing via Claude API (anthropic.com/privacy)
• Cloudflare — Website delivery, Worker hosting, and DDoS protection
• Resend — Transactional email delivery including digital product delivery
• Hostinger — Website and file hosting
• Calendly — Coaching call scheduling
• Formspree — Contact and assessment form processing

All service providers are contractually obligated to protect your information and use it only for specified purposes.

We may disclose information when required by law, court order, or to protect the rights, property, or safety of Fitxone, our users, or the public.

Data Security

• SSL/TLS encryption for all data transmission
• Stripe handles all payment card data under PCI-DSS compliance
• Cloudflare DDoS protection and network security
• Role-based access controls on internal systems
• Regular security reviews and updates

In the event of a data breach, we will notify affected users within 72 hours of discovery where feasible, in compliance with applicable breach notification laws. No security system is impenetrable — you acknowledge the inherent risks of transmitting information online.

Data Retention

• Active account and subscription data: Duration of relationship plus 30 days
• Deleted account data: Up to 12 months after deletion request
• Payment and transaction records: 7 years for tax and legal compliance
• Digital product purchase records: 7 years
• Health and fitness assessment data: 7 years or as required by law
• Email and support communications: 3 years
• Website analytics data: 24 months
• Security and access logs: 12 months

Your Privacy Rights

• Access: Request copies of your personal information
• Correction: Update or correct inaccurate data
• Deletion: Request deletion of your information (subject to legal exceptions)
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to certain processing activities
• Withdrawal: Withdraw consent at any time without affecting prior lawful processing
• Non-Discrimination: Exercise rights without penalty or reduced service quality

• Right to lodge complaints with your local Data Protection Authority
• Right to object to automated decision-making
• Legal bases: Consent, Contract performance, Legal obligations, Legitimate interests

• Right to know categories and specific pieces of information collected
• Right to know if information is sold or disclosed (we do not sell data)
• Right to limit use of sensitive personal information
• Right to correct inaccurate information and data portability

Contact us at privacy@fitxone.com or support@fitxone.com. We acknowledge within 48 hours and respond substantively within 30 days (45 days for complex requests). We may require identity verification before processing requests.

AI Chatbot & Automated Processing

• AI Coaching Chatbot: An on-site chat assistant powered by the Anthropic Claude API, providing fitness guidance and program recommendations
• Fitness Assessments: AI-assisted initial assessments subsequently reviewed by certified fitness professionals
• Content Personalisation: Recommendations based on your profile and stated goals

All AI-generated program recommendations are reviewed and validated by certified fitness professionals, subject to human modification, and supplementary to — not a replacement for — qualified human expertise.

• Request human review of any AI-generated recommendation
• Understand the general logic behind AI recommendations
• Opt out of AI chatbot use at any time
• Correct data that may be affecting AI-generated outputs

Children's Privacy

Our Services are intended for users who are at least 18 years of age. We do not knowingly collect personal information from anyone under 13. If we discover we have inadvertently collected data from a child under 13, we will promptly delete it. Users between 13 and 17 require verifiable parental or guardian consent. Parents may request review or deletion of their child's information by contacting privacy@fitxone.com.

Cookies and Tracking

• Essential Cookies: Required for checkout, session management, and basic functionality
• Analytics Cookies: Help us understand how visitors use our site
• Preference Cookies: Remember your settings between visits
• Session Cookies: Temporary, deleted after your browser session ends

We do NOT currently use marketing retargeting cookies or device fingerprinting. You can control cookies through your browser settings. We respect Do Not Track browser signals.

International Data Transfers

Your information may be transferred to and processed in the United States, the European Union, and other jurisdictions where our service providers operate. Safeguards include Standard Contractual Clauses (EU/UK-approved) and Data Processing Agreements with all third-party processors.

Marketing Communications

You can unsubscribe from marketing communications at any time via the unsubscribe link in any email or by contacting support@fitxone.com. You cannot opt out of transactional communications including order confirmations, digital product delivery, subscription billing receipts, payment failure alerts, and legal notices.

Changes to This Policy

We may update this Policy periodically. Material changes will be notified via email and a notice on our website at least 30 days before taking effect for existing users. Continued use after the effective date constitutes acceptance.

• Email: privacy@fitxone.com or support@fitxone.com
• Website: www.fitxone.com
• EU/EEA users: Your local Data Protection Authority
• UK users: Information Commissioner's Office (ICO)
• California users: California Attorney General