RegionFit Logo
RegionFit

Privacy Policy

Last Updated: November 20, 2025

1. Introduction

Welcome to RegionFit. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our fitness and nutrition platform.

By using RegionFit, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us:

  • Account Information: Name, email address, password, gender, date of birth
  • Profile Information: Health goals, dietary preferences, fitness level, location (optional)
  • Health & Fitness Data: Weight, height, body measurements, workout logs, nutrition logs, step counts
  • Payment Information: Billing details (processed securely by Stripe)
  • Communications: Messages, comments, feedback, support requests

2.2 Automatically Collected Information

When you use RegionFit, we automatically collect:

  • Device Information: IP address, browser type, device type, operating system
  • Usage Data: Pages viewed, features used, time spent, click patterns
  • Location Data: General geographic location (city/region level)
  • Cookies & Tracking: Session tokens, preferences, analytics data

2.3 Information from Third-Party Integrations

With your authorization, we collect data from:

  • Fitbit: Step counts, heart rate, sleep data, activity logs
  • Google Fit: Physical activity, workouts, distance traveled
  • Apple Health: Health and fitness metrics
  • Stripe: Payment processing and subscription status

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Delivery

  • Create and manage your account
  • Provide personalized meal plans and workout recommendations
  • Track your progress and generate analytics
  • Sync data from connected fitness devices
  • Enable AI-powered features (Lucy assistant)

3.2 Communication

  • Send service notifications and updates
  • Respond to your inquiries and support requests
  • Send promotional emails (with your consent)
  • Notify you of new features or changes to our Service

3.3 Improvement & Analytics

  • Analyze usage patterns to improve our Service
  • Conduct research and development
  • Detect and prevent fraud or abuse
  • Monitor and improve system performance

3.4 Legal Compliance

  • Comply with legal obligations
  • Enforce our Terms of Service
  • Protect our rights and property
  • Respond to legal requests and prevent harm

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Stripe: Payment processing and subscription management
  • Cloud Hosting: Data storage and application hosting
  • Analytics Providers: Usage analysis and performance monitoring
  • Email Services: Transactional and promotional emails

4.2 With Your Consent

We may share your information when you explicitly consent, such as when connecting third-party fitness apps or participating in community features.

4.3 Legal Requirements

We may disclose information if required by law or if we believe such action is necessary to:

  • Comply with legal process or government requests
  • Enforce our Terms of Service
  • Protect the rights, property, or safety of RegionFit, our users, or the public
  • Detect, prevent, or address fraud or security issues

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

4.5 Aggregated or De-Identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for research, marketing, or other purposes.

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data transmitted is encrypted using TLS/SSL
  • Password Security: Passwords are hashed using bcrypt
  • Access Controls: Strict access controls and authentication
  • Regular Audits: Periodic security assessments and updates
  • Secure Infrastructure: Enterprise-grade hosting with monitoring

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. You may request deletion of your account at any time.

  • Account Data: Retained while your account is active
  • Usage Logs: Retained for 2 years for analytics and security
  • Deleted Data: Removed from active systems within 30 days
  • Backup Data: May remain in backups for up to 90 days

7. Your Privacy Rights

Depending on your location, you may have the following rights:

7.1 Access and Portability

Request a copy of your personal information in a structured, machine-readable format.

7.2 Correction

Update or correct inaccurate information through your account settings or by contacting us.

7.3 Deletion

Request deletion of your account and associated data (subject to legal retention requirements).

7.4 Opt-Out

Opt out of marketing communications (you will still receive transactional emails).

7.5 Restrict Processing

Request that we limit how we use your information in certain circumstances.

To exercise these rights, please contact us at [email protected] or through your account settings.

8. Cookies and Tracking Technologies

RegionFit uses cookies and similar tracking technologies to provide, protect, and improve our Service. This section explains what cookies are, how we use them, and how you can control them.

8.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us recognize you, remember your preferences, and provide personalized features.

8.2 Types of Cookies We Use

🔒 Necessary Cookies (Always Active)

Essential for the website to function properly. These cannot be disabled.

  • Authentication: Keep you logged in securely (next-auth session tokens)
  • Security: Prevent fraud and protect against attacks (CSRF tokens)
  • Basic Functions: Enable core features like navigation and forms
  • Load Balancing: Distribute server load for better performance

Examples: next-auth.session-token, next-auth.csrf-token, next-auth.callback-url

📊 Analytics Cookies (Opt-in Required)

Help us understand how you use RegionFit so we can improve features and performance.

  • Google Analytics: Track page views, user behavior, and traffic sources
  • Performance Monitoring: Measure page load times and identify errors
  • Feature Usage: Understand which features are most valuable
  • A/B Testing: Compare different versions to optimize UX

Examples: _ga, _gid, _gat (Google Analytics cookies)

Data Collected: Pages visited, time on page, device type, geographic location (city-level), referral sources

🎯 Marketing Cookies (Opt-in Required)

Used to deliver personalized advertisements and measure campaign effectiveness.

  • Google Ads: Show relevant ads based on your interests
  • Remarketing: Display RegionFit ads on other websites you visit
  • Conversion Tracking: Measure ad performance and ROI
  • Social Media Pixels: Track interactions with social media platforms

Examples: _gcl_au, IDE, test_cookie (Google Ads cookies)

Data Collected: Ad clicks, conversions, browsing history, device identifiers

⚙️ Preference Cookies (Opt-in Required)

Remember your settings and preferences for a personalized experience.

  • Theme Selection: Save your light/dark mode preference
  • Language: Remember your preferred language
  • Layout Preferences: Keep your dashboard customizations
  • Unit Systems: Store metric/imperial preference

Examples: theme, language, layout_preference

8.3 Google Tag Manager

We use Google Tag Manager (GTM) to manage and deploy marketing tags (snippets of code) without modifying our codebase. GTM respects your cookie preferences and only fires tags for categories you've consented to.

8.4 How We Comply with GDPR/CCPA

  • Consent-First Approach: We ask for your consent before setting non-essential cookies
  • Granular Control: You can accept/reject cookies by category
  • Easy Opt-Out: Change your preferences anytime via cookie settings
  • Google Consent Mode v2: We use the latest consent framework to ensure compliance
  • No Sale of Data: We never sell your personal information to third parties

8.5 Managing Your Cookie Preferences

You have several options to control cookies:

  • Cookie Banner: Choose your preferences when you first visit RegionFit
  • Cookie Settings Button: Update preferences anytime from our footer or privacy page
  • Browser Settings: Block or delete cookies through your browser
  • Do Not Track: We respect browser Do Not Track signals

8.6 Third-Party Cookies

Some cookies are set by third-party services we integrate with (Google Analytics, Google Ads, Stripe). These services have their own privacy policies:

8.7 Impact of Disabling Cookies

Disabling certain cookies may affect your experience:

  • Necessary Cookies: Cannot be disabled; website will not function without them
  • Analytics Cookies: We won't be able to improve features based on usage data
  • Marketing Cookies: You'll still see ads, but they won't be personalized
  • Preference Cookies: Your settings won't persist across sessions

Manage Your Cookie Preferences

You can update your cookie preferences at any time. Your choices will be respected across all pages on RegionFit.

9. Third-Party Services

Our Service integrates with third-party services (Fitbit, Google Fit, Apple Health, Stripe). These services have their own privacy policies that govern their data practices. We encourage you to review their policies:

10. Children's Privacy

RegionFit is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately so we can delete it.

11. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country. By using RegionFit, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

We take steps to ensure that your information receives an adequate level of protection in the jurisdictions in which we process it.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to say no to the sale of personal information
  • Right to access your personal information
  • Right to equal service and price

Note: We do not sell your personal information.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making

Our legal basis for processing your information includes: consent, contractual necessity, legal obligations, and legitimate interests.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Updating the "Last Updated" date
  • Sending an email notification (for significant changes)

Your continued use of RegionFit after changes are posted constitutes acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

RegionFit Privacy Team

Email: [email protected]

Website: https://regionfit.com

Response Time: Within 30 days of receipt

Your Privacy Matters

We are committed to transparency and protecting your privacy. This policy describes how we handle your information responsibly and securely.

By using RegionFit, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please discontinue use of our Service.