When will the app be available?

We're currently in the final stages of development. The mobile app for iOS and Android, along with the web platform for trainers, are expected to launch soon. Contact us to stay updated on our progress!

Will the mobile app be free?

Yes! The mobile app will be completely free for athletes and fitness enthusiasts. You'll have full access to workout tracking, exercise library, and the ability to follow routines assigned by your trainer.

How does the trainer platform work?

Trainers will have access to a web-based platform where they can manage clients, build custom workout routines, assign them to clients, and track their progress. Clients will receive these routines directly in their mobile app.

Can I use the app without a trainer?

Absolutely! While the app works great with a trainer, you can also use it independently. Create your own routines, track your workouts, and monitor your progress all on your own.

What platforms will be supported?

The mobile app will be available on both iOS and Android. The trainer platform will be a web application accessible from any modern browser on desktop or tablet.

Absolutely. We use industry-standard encryption to protect your data. Your workout history and personal information are stored securely, and we never share your data with third parties without your consent.

Privacy Policy

Last updated: January 27, 2025

1. Introduction

MyFitnessGoals ("we", "us", "our") respects your privacy and is committed to protecting your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable Croatian data protection laws.

This Privacy Policy explains how and why we collect, use, disclose, and safeguard your information when you use our mobile application and website (the "App").

2. Data Controller

The data controller responsible for your personal data is:

Hotfix d.o.o.
Croatia
Email: budalic@hotfix-doo.com
Website: https://www.myfitnessgoals.app

3. Information We Collect

We collect the following categories of personal data:

Account Information: Email address, name, password (encrypted)
Profile Information: Age, gender, profile photo
Fitness Data: Workout history, body measurements, fitness goals, progress photos
Communications: Chat messages between trainers and clients, support messages
Technical Data: IP address, device type, browser type, operating system
Usage Data: App usage patterns, features accessed, timestamps

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under Article 6 GDPR:

Contract Performance (Art. 6(1)(b)): Processing necessary to provide our services, manage your account, and fulfill our contractual obligations to you.
Consent (Art. 6(1)(a)): For processing health and fitness data (special category data under Art. 9(2)(a)), marketing communications, and non-essential cookies.
Legitimate Interests (Art. 6(1)(f)): For improving our services, ensuring security, preventing fraud, and analytics. Our legitimate interests do not override your fundamental rights and freedoms.
Legal Obligation (Art. 6(1)(c)): To comply with applicable laws, regulations, and legal processes.

5. Health and Fitness Data

Health and fitness data constitutes special category data under Article 9 GDPR. We process this data (such as workout history, body measurements, fitness goals, and progress photos) only with your explicit consent in accordance with Article 9(2)(a) GDPR.

You may withdraw this consent at any time by contacting us or through your account settings. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

6. Chat Messages

We process chat messages and shared media to provide communication features between trainers and clients. We do not routinely access private messages. Access occurs only:

When legally required by court order or law enforcement
To investigate abuse reports or violations of our Terms of Service
To protect users and platform security

7. How We Use Your Data

Your data is used for the following purposes:

Providing and maintaining the App and its features
Creating and managing your user account
Processing payments and subscriptions
Enabling communication between trainers and clients
Sending service-related notifications
Improving and personalizing user experience
Ensuring security and preventing fraud
Complying with legal obligations
Providing customer support

8. Payments

Payments are processed by Stripe, Inc. (certified PCI-DSS Level 1 compliant). We do not store full payment card numbers on our servers. We receive only limited billing information (last 4 digits, card type, expiration date) for record-keeping purposes.

For more information, see Stripe's Privacy Policy.

9. Data Sharing and Recipients

We share your data only with the following categories of recipients:

Cloud Infrastructure Providers: For data hosting and storage (servers located in EU)
Payment Processors: Stripe for payment processing
Email Service Providers: For transactional and service emails
Analytics Providers: For anonymized usage analytics

We may also share data:

When legally required by law, court order, or government request
During business transfers (merger, acquisition, sale of assets)
With your explicit consent

All third-party processors are bound by data processing agreements ensuring GDPR compliance.

10. Data Retention

We retain personal data for the following periods:

Account Data: For the duration of your account plus 30 days after deletion
Fitness and Workout Data: For the duration of your account plus 30 days after deletion
Chat Messages: For the duration of your account plus 30 days after deletion
Transaction Records: 7 years (as required by Croatian tax law)
Technical Logs: 90 days
Backup Data: Up to 30 days after deletion from primary systems

After these periods, data is securely deleted or anonymized.

11. Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

Right of Access (Art. 15): Request a copy of your personal data
Right to Rectification (Art. 16): Request correction of inaccurate data
Right to Erasure (Art. 17): Request deletion of your data ("right to be forgotten")
Right to Restriction (Art. 18): Request limitation of processing
Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format
Right to Object (Art. 21): Object to processing based on legitimate interests
Right to Withdraw Consent (Art. 7): Withdraw consent at any time where processing is based on consent

How to Exercise Your Rights

To exercise any of these rights, contact us at budalic@hotfix-doo.com with "GDPR Request" in the subject line. We will respond within 30 days as required by GDPR. We may request verification of your identity before processing your request.

Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP):

Agencija za zaštitu osobnih podataka (AZOP)
Selska cesta 136, 10000 Zagreb, Croatia
Email: azop@azop.hr
Website: www.azop.hr

12. International Data Transfers

Your data is primarily stored and processed within the European Union. Where data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions where applicable
Transfer Impact Assessments where required

You may request information about specific safeguards by contacting us.

13. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or significantly affects you as defined under Article 22 GDPR.

14. Cookies and Tracking Technologies

Our website uses cookies and similar technologies. Essential cookies are necessary for the App to function. Non-essential cookies (analytics, preferences) require your consent.

You can manage cookie preferences through your browser settings or our cookie consent banner. For detailed information, see our Cookie Policy.

15. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Encryption of data in transit (TLS/SSL) and at rest
Secure authentication and password hashing
Access controls and employee training
Regular security assessments
Incident response procedures

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your data.

16. Children's Privacy

The App is not intended for users under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16, we will delete it promptly.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

Updating the "Last updated" date at the top of this policy
Sending an email notification for significant changes
Displaying a notice within the App

We encourage you to review this Privacy Policy periodically. Continued use of the App after changes constitutes acceptance of the updated policy.

18. Contact Us

For any questions about this Privacy Policy, to exercise your data protection rights, or for any privacy-related concerns, please contact us:

Hotfix d.o.o.
Email: budalic@hotfix-doo.com
Website: https://www.myfitnessgoals.app

Please include "Privacy Request" or "GDPR Request" in the subject line for faster processing. We aim to respond to all requests within 30 days.

By using MyFitnessGoals, you acknowledge that you have read and understood this Privacy Policy. See also our Terms of Service.