Privacy Policy

Last Updated: 8 April 2026

Key points

  • We explain what personal data we collect, why we use it, and the legal bases we rely on.
  • We describe the parties we share data with, international transfers, and how long we keep data.
  • We explain your rights (including GDPR and California rights) and how to exercise them.
  • We explain how to manage marketing, cookies, and app tracking (including IDFA/AAID where applicable).
  • Contact us: support@fit4me.io

1. Who we are

This Privacy Policy explains how White Apps LTD ("White Apps", "we", "us") processes personal data when you use:

  • our website: https://fit4me.io/ (the Website); and
  • the Fit4Me mobile application (the App).

Together, the Website and App are the Services.

Controller. White Apps LTD is the controller for the personal data described in this Privacy Policy.

Company details.

  • Legal name: White Apps LTD
  • Registered address: 6TH FLOOR, CASTLEMEAD, LOWER CASTLE STREET, BRISTOL, BS1 3AG, UNITED KINGDOM
  • Company registration number: 14985123
  • Country of registration: the United Kingdom

How to contact us. If you have questions or want to exercise your rights, contact us at support@fit4me.io.

2. Scope and local laws

We apply this Privacy Policy under the laws that may apply to you, including:

  • UK GDPR and the UK Data Protection Act 2018 (for UK users);
  • EU GDPR (for users in the European Economic Area (EEA));
  • CCPA/CPRA (for California residents);
  • other local privacy laws where applicable.

Where local law requires additional disclosures, those are included in the relevant sections below.

3. What personal data we collect

We collect personal data in three ways: (a) you provide it, (b) we receive it from third parties, and (c) it is collected automatically when you use the Services.

3.1 Data you provide

Depending on how you use the Services, you may provide:

  • Account data: email address, login method, user identifiers.
  • Profile and preferences: height, weight, age range, goals, fitness level, dietary preferences, meal preferences, and similar inputs.
  • User content and communications: messages to support, feedback, and other content you choose to submit.

3.2 Data we get from third parties

  • Apple Sign In / similar login providers: information the provider shares (for example, a name and email address, including Apple relay email where used).
  • App stores and payment partners: subscription status, purchase confirmations, receipts, and limited transaction metadata. We do not receive your full payment card number.

3.3 Data collected automatically

When you use the Services, we may collect:

  • Device and app data: device model, OS, language, app version, time zone, IP address, network and device identifiers.
  • Usage data: pages/screens viewed, taps/clicks, feature usage, session times, and related events.
  • Diagnostics and performance data: crash logs, performance metrics, and error reports.
  • Advertising identifiers: IDFA (iOS) and/or AAID (Android) and related attribution identifiers, subject to your device settings and (where required) your consent.
  • Cookies and similar technologies (Website): cookies, pixels, SDKs, and similar tools (see Section 11).

3.4 Special category data (health-related data)

Some data you enter or that is inferred from your inputs may be considered health-related and can be treated as special category data under UK GDPR / EU GDPR.

Examples may include your body measurements, fitness level, and other health-related inputs you provide. Without this information, we cannot provide certain workout and meal plan programs and you may not be able to use some or all of the Services.

Where UK GDPR / EU GDPR applies and our processing involves special category data, we will process it only when we have a valid legal basis, typically your explicit consent. We request this consent in the App (for example, during onboarding or when you enable personalization features). You can withdraw consent at any time (see Section 12). If you withdraw consent, certain personalization features may not work.

4. Why we use your personal data

We use personal data for the following purposes:

  1. Provide the Services (create and manage your account, deliver workouts and meal plans, provide core features).
  2. Personalize your experience (recommend workouts and meal plans based on your inputs and usage).
  3. Customer support (respond to requests, troubleshoot issues, communicate with you).
  4. Security and fraud prevention (protect accounts, prevent misuse, enforce our terms, and maintain system integrity).
  5. Analytics and product improvement (understand performance, fix bugs, improve features and user experience).
  6. Marketing and advertising (send marketing where permitted, measure campaigns, and show ads on platforms where you have provided the required permissions).
  7. Legal compliance (meet legal obligations, respond to lawful requests, and defend legal claims).

5. What we share (and what we do not)

We do not sell your personal data for monetary consideration.

We share personal data only as necessary to achieve the purposes described in this Privacy Policy.

6. Legal bases (UK GDPR / EU GDPR)

If UK GDPR or EU GDPR applies to you, we rely on these legal bases (as appropriate):

  • Contract: to provide the Services you request (for example, account access and delivering workouts/meal plans).
  • Legitimate interests: to improve the Services, maintain security, prevent fraud, and operate our business, where those interests are not overridden by your rights.
  • Consent: for certain marketing communications, certain cookies/pixels/SDKs on the Website, and (where applicable) certain mobile tracking/advertising activities.
  • Explicit consent: where required for processing special category data (health-related data).
  • Legal obligation: to meet legal and regulatory requirements.

Withdrawal of consent. You can withdraw consent at any time (see Section 12). Withdrawal does not affect processing that happened before the withdrawal.

7. Who we share data with

We share personal data with:

  • Service providers that help us operate the Services (for example, hosting, databases, content delivery, analytics, customer support tools, email/push notification providers, and security vendors).
  • App stores and payment partners to process purchases and manage subscriptions.
  • Advertising, marketing, and attribution partners (for example, to measure campaigns and show ads), subject to your settings and, where required, your consent.

Types of third parties. Depending on how you use the Services, we may share personal data with:

  • Technical infrastructure and hosting providers (for example, cloud hosting, servers, storage, databases, and content delivery networks).
  • Analytics, performance, and error monitoring providers (for example, product analytics, crash reporting, and troubleshooting tools).
  • Customer support and communications providers (for example, helpdesk tools and email or push notification delivery).
  • Marketing, advertising, and attribution partners (for example, ad networks, measurement, and fraud prevention), subject to your settings and, where required, your consent.
  • Payments and subscription partners (for example, app stores, payment processors, and billing providers) to process purchases and manage subscriptions.

We require these third parties to protect personal data and to use it only for the services they provide to us.

Legal requests and protection. We may disclose information if we believe in good faith that disclosure is required by law, court order, or valid legal process, or to protect rights, safety, and security.

Business transfers. If we are involved in a merger, acquisition, reorganization, or sale of assets, personal data may be transferred as part of that transaction.

8. International transfers

We may process and store personal data in countries outside the UK/EEA (for example, where we or our service providers operate).

Where UK GDPR / EU GDPR applies and we transfer personal data internationally, we use appropriate safeguards, such as:

  • adequacy regulations/decisions (where available); or
  • Standard Contractual Clauses (and, where required, the UK addendum or International Data Transfer Agreement (IDTA)), plus additional measures as needed.

You can request more information about safeguards by contacting us at support@fit4me.io.

9. Data retention

We keep personal data only as long as needed for the purposes in this Privacy Policy, including:

  • Account and profile data: kept while your account is active, and then deleted or anonymized within a reasonable period, unless we need to keep it for legal, tax, accounting, or dispute purposes.
  • Support communications: kept as long as needed to resolve issues and maintain records.
  • Analytics and diagnostics data: kept for a limited period to improve performance and security.
  • Payment and tax records: kept as required by applicable accounting and tax laws.

Backups. Backups may retain copies for a limited period. We isolate backup data and delete/overwrite it on a rolling basis where feasible.

10. Security

We use technical and organizational measures designed to protect personal data, including access controls and security monitoring. No system is 100% secure, but we work to protect your data against unauthorized access, loss, or misuse.

11. Cookies, pixels, and similar technologies (Website)

We use cookies and similar technologies on the Website for:

  • Essential functions (site operation and security);
  • Analytics (understanding how the Website is used);
  • Marketing (measuring campaigns and showing ads), where enabled.

Your choices.

  • Where required by law (for example, in the UK/EEA), we will ask for your consent before using non-essential cookies/technologies (such as analytics and marketing cookies) and before loading non-essential third-party tags.
  • You can manage your preferences through our cookie banner / preference center and you can also control cookies via your browser settings. You can change your choices at any time.

12. Your choices and controls

12.1 Account settings and communications

  • You can update certain account or profile information in the App (where available).
  • You can opt out of marketing emails using the unsubscribe link in the email.

12.2 Push notifications

You can control push notifications through your device settings.

12.3 Advertising identifiers and app tracking (IDFA/AAID)

  • iOS (IDFA / ATT): If we (or our partners) use the IDFA for tracking as defined by Apple, we will request permission via AppTrackingTransparency (ATT). If you decline, the App will continue to work, but ad personalization and attribution measurement may be limited.
  • Android (AAID): You can reset or limit your advertising ID through your device settings.

12.4 Consent withdrawal (including explicit consent)

Where we rely on consent (including explicit consent for special category data), you can withdraw consent at any time by:

  • adjusting your settings in the App (where available);
  • adjusting cookie choices on the Website (where available);
  • adjusting your device settings (for example, ATT on iOS);
  • contacting us at support@fit4me.io.

13. Automated decision-making

We may use your inputs and usage data to personalize recommendations (workouts and meal plans).

We do not make decisions that produce legal or similarly significant effects solely by automated means, unless we tell you otherwise and have a lawful basis.

14. Your privacy rights (UK GDPR / EU GDPR)

If UK GDPR / EU GDPR applies, you may have the right to:

  • access your personal data;
  • correct inaccurate data;
  • delete your data (with some legal exceptions);
  • restrict processing;
  • object to processing based on legitimate interests;
  • data portability (in certain cases);
  • withdraw consent (where we rely on consent);
  • lodge a complaint with a supervisory authority.

How to exercise rights. Contact support@fit4me.io. We may ask for information to verify your identity.

Complaints (UK/EEA).

  • UK: Information Commissioner's Office (ICO): https://ico.org.uk/
  • EEA: your local data protection authority.

15. California privacy notice (CCPA/CPRA)

This section applies if you are a California resident.

15.1 Categories of personal information we collect

We may collect the following categories (as defined by California law):

  • Identifiers (for example, email address, device identifiers).
  • Internet or other electronic network activity (for example, app/website usage events).
  • Commercial information (for example, subscription status).
  • Geolocation data (approximate location derived from IP address).
  • Inferences (for example, preferences inferred from usage).

15.2 Purposes for collection and use

We use personal information for the purposes described in Sections 4–7.

15.3 Disclosure of personal information

We may disclose personal information to service providers and partners as described in Section 7.

15.4 Sale and sharing

Under California law, certain disclosures for advertising may be considered a "sale" or "sharing" of personal information.

Where required, we provide choices to opt out of such "sale" or "sharing" (for example, through cookie controls on the Website and device/app settings).

15.5 Your California rights

You may have the right to:

  • know the categories and specific pieces of personal information collected;
  • delete personal information (subject to exceptions);
  • correct inaccurate personal information;
  • opt out of sale/sharing (where applicable);
  • limit the use of sensitive personal information (where applicable);
  • not be discriminated against for exercising your rights.

How to submit a request. Contact support@fit4me.io. We will verify your request.

16. Children

The Services are not intended for children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided personal data, contact us at support@fit4me.io.

17. How to delete your account / request deletion

You can request deletion in the App:

  • iOS: Open the Fit4Me app Plan Profile Personal Data Management Delete personal data.
  • Android: Open the Fit4Me app Plan Profile Personal Data Management Request Data Deletion.

If you need help, contact support@fit4me.io.

18. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice through the Services or other appropriate means. The "Last updated" date reflects the latest version.