Privacy Policy

We collect account identity details such as your name, email address, phone number, and profile preferences when you provide them. We also collect device, session, and security signals that help us protect your account and detect suspicious activity.

Sensitive authentication material is handled server-side with security-first controls. This frontend does not store auth tokens in localStorage, sessionStorage, or client-readable cookies.

We use your information to create and secure your account, verify identity, personalize product experiences, deliver platform features, and respond to support or operational needs.

We may also use security and audit data to investigate abuse, enforce policy, and protect members, trainers, gyms, and administrators on the platform.

We design our authentication and account flows around least privilege, server-side verification, audit logging, and secure session management. Browser-facing experiences are intentionally limited to the minimum user data needed for each screen.

Where retention is necessary for security or compliance, records may be preserved even after a user account is deactivated or soft-deleted.