Privacy Policy

1. Data We Collect

2. How We Use Your Data

• To provide the core product: logging, tracking, analytics, consistency scoring, streaks, sprints, and leaderboards
• To operate social features you opt into: feed, follows, tribes, and challenges
• To send transactional emails (e.g. account verification, password reset)
• To send in-app notifications according to your notification settings
• To secure the platform: detecting abuse, enforcing rate limits, and auditing sensitive actions
• To fix bugs and improve stability via crash reports

We do not sell your data. We do not use your data for advertising. We do not share your data with third parties for their own purposes.

3. Visibility of Your Data Within Iterofit

Iterofit has social features. The following applies:

• Your username, profile photo, performance tier, and consistency-related stats may be visible to other users on leaderboards and in the community feed
• You control this with privacy settings: private account, show/hide on leaderboard, show/hide streak, show/hide points, and follow-request approval
• Posts you create are visible according to the visibility you choose
• Progress photos are private by default and are never shared unless you change their visibility yourself
• Workout, nutrition, mood, and body data is private and visible to others only if you explicitly share it as a post

4. Where Your Data Is Stored

Your data is stored on Supabase infrastructure in the AWS Asia Pacific (Mumbai) region, India (ap-south-1). Data is encrypted in transit (TLS) and protected at the database level with row-level security so that users can only access their own private data.

5. Third-Party Service Providers

We use a small number of service providers who process data only on our behalf and on our instructions:

We do not share data with any provider for advertising or marketing purposes.

6. Data Retention and Account Deletion

• Your data is retained for as long as your account is active
• You can delete your account directly in the app (Settings → Account → Delete Account)
• When you delete your account, it enters a 15-day recovery window during which you can restore it by signing back in
• After 15 days, your account and personal data are permanently deleted and cannot be recovered
• You can also request deletion by emailing sudhanshu@iterofit.com from your registered email address

Some minimal records (e.g. security logs) may be retained for a limited period after deletion where required for security or legal compliance.

7. Your Rights

Under the Digital Personal Data Protection Act, 2023 (India) and applicable law, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data (most data is editable directly in the app)
• Delete your data (via in-app account deletion or by email)
• Withdraw consent for processing, by deleting your account
• Raise a grievance regarding the handling of your data

To exercise any of these rights, contact sudhanshu@iterofit.com. We will respond within a reasonable timeframe as required by law.

8. Children

Iterofit is intended for users 18 years of age and older. We do not knowingly collect data from anyone under 18. If you believe a user under 18 has created an account, contact us and we will delete it.

9. Security

We protect your data using industry-standard measures including encryption in transit, hashed passwords, database row-level security, restricted storage access policies, rate limiting, and audit logging of sensitive actions. No system is perfectly secure, but we take the protection of your health and fitness data seriously.

10. Changes to This Policy

We may update this policy as the product evolves. Material changes will be communicated in the app or by email. The effective date at the top will always reflect the latest version.

11. Contact

Iterofit

Email: sudhanshu@iterofit.com

Website: iterofit.com