Privacy Policy

Effective date: April 2, 2026

DilFit ("we", "us", or "our") operates the DilFit mobile application. This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our app.

1. Information We Collect

We collect the following categories of personal data:

• Account information — email address, display name, profile photo, and fitness preferences you provide during sign-up.
• Workout data — exercises, sets, reps, weights, duration, and notes you log while using the app.
• Social data — posts, comments, likes, and follower/following relationships you create.
• Device & usage data — device model, OS version, crash logs (via Sentry), and anonymous analytics to improve app performance.

2. How We Use Your Information

• Provide, maintain, and improve the DilFit service.
• Personalise your experience, including AI Coach recommendations.
• Display community features such as challenges and social feed.
• Send transactional emails (e.g., password resets) and, with your consent, promotional communications.
• Monitor and prevent fraud, abuse, and security incidents.

3. Data Storage & Security

Your data is stored in Supabase-managed PostgreSQL databases with row-level security (RLS) enforced. All traffic is encrypted in transit via TLS. Profile photos and media are stored in Supabase Storage with access-controlled buckets.

4. Third-Party Services

We use the following third-party services that may process your data in accordance with their own privacy policies:

• Supabase — authentication, database, and file storage.
• Firebase Cloud Messaging — push notifications.
• Sentry — error and crash reporting.
• RevenueCat — subscription management.
• Anthropic / OpenAI — AI Coach features (workout context is sent to generate personalised advice).
• Google Sign-In / Apple Sign-In — OAuth authentication.

5. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, we permanently erase all associated data within 30 days, including workouts, social posts, challenge participation, badges, and profile information.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access and receive a copy of the personal data we hold about you.
• Rectify inaccurate or incomplete data.
• Request deletion of your account and all associated data.
• Object to or restrict certain processing activities.
• Data portability — receive your data in a structured, machine-readable format.

To exercise any of these rights, email us at bek.develop@gmail.com.

7. Children's Privacy

DilFit is not intended for users under 16 years of age. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

8. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes by posting the new policy in the app and updating the "Effective date" above.

9. Contact Us

If you have questions about this privacy policy, contact us at bek.develop@gmail.com.