Back to App
Privacy & Data

Privacy Policy

We believe your personal data belongs to you. Here's exactly what we collect, how we use it, and your rights.

Last updated: March 12, 2026
Section 01

Data We Collect

When you create an account and use AbFit, we collect the following information to provide our fitness coaching service:

  • Account Information: Your name, email address, profile photo, and login credentials used to create and manage your AbFit account.
  • Fitness Profile: Gender, age, height, weight, fitness goals, activity level, and training frequency that you provide during onboarding or profile setup.
  • Workout & Progress Data: Completed workouts, exercise history, duration, calories burned, workout categories chosen, and any progress photos you choose to upload.
  • Booking Information: Coaching session bookings, appointment dates and times, session type (online or in-person), payment confirmations, and cancellation records.
  • Messaging Data: Messages exchanged between you and your coach inside the app's messaging system.
  • Check-In Data: Daily check-in entries including weight logs, energy levels, sleep hours, and notes you submit through the daily check-in feature.
  • Device & Usage Information: Device type, operating system, and basic app usage patterns used for performance monitoring and troubleshooting.
Section 02

How We Use Your Data

Your information is used exclusively to deliver and improve the AbFit experience:

AI Workout Generation Your fitness profile (age, goals, activity level, equipment) powers our AI engine to build personalised weekly workout plans.
Progress Tracking Workout history and check-in data are stored so you can visualise your progress over time through the Progress tab.
Coaching Session Booking Your booking data is used to schedule, confirm, and manage your one-on-one or online sessions with your assigned coach.
Coach Messaging Messages are stored so you and your coach can maintain a full conversation history within the app.
Subscription Management Account and subscription status is used to control access to Premium features and coaching discounts.
Section 03

Payments & Stripe

AbFit uses Stripe — a leading PCI-DSS compliant payment provider — to process all transactions securely.

AbFit does not store your full card number, CVV, or bank account details on its servers at any time. All sensitive payment data is handled exclusively by Stripe under their own privacy and security policies.
  • What we store: Transaction IDs, payment amounts, subscription status, and booking confirmation records — never raw card data.
  • Stripe's policy: You can review Stripe's privacy policy at stripe.com/privacy.
  • Subscriptions: Premium plans are auto-renewable and can be cancelled at any time from your profile settings or via your device's app store.
  • Coaching sessions: Session payments are processed at checkout. Cancellations made 24+ hours in advance are eligible for a full refund.
Section 04

Data Storage & Security

Your data is stored securely in an encrypted PostgreSQL database hosted on Replit's infrastructure with the following safeguards:

  • Workout progress & history are stored persistently so your records are never lost between sessions.
  • Booking records including appointment dates, times, session types, and status are retained in our secure database.
  • Messages exchanged between you and your coach are stored encrypted and visible only to the relevant parties.
  • Check-in entries including weight logs, energy levels, and progress photos are stored securely and accessible only to you and your coach.
  • Passwords are hashed using bcrypt with a strong salt — we never store plain-text passwords.
  • Transport security: All data in transit is encrypted via HTTPS/TLS.
  • Access controls: Only authorised personnel (your assigned coach) can access your profile and training data within the platform.
Section 05

Video Content

Workout tutorial videos shown in the AbFit exercise library and workout player may be streamed from external hosting providers (such as YouTube, Vimeo, or similar video CDNs).

When video content loads, your device may connect to those third-party hosting services. Those providers may set their own cookies and collect viewing data as described in their own privacy policies. AbFit does not control or receive this data.

Where possible, we use privacy-friendly embed modes (e.g. YouTube's no-cookie domain) to minimise third-party data collection during video playback.

Section 06

Data Sharing

We do not sell, trade, or rent your personal information to any third party. Your data is only shared in these limited circumstances:

  • Your assigned coach: Can view your profile, workout history, bookings, and messages in order to provide personalised coaching.
  • Stripe (payments): Payment data is shared only as required to process transactions.
  • SendGrid (email): Your email address is used to send transactional messages (booking confirmations, password resets, notifications). We do not use your email for third-party marketing.
  • Legal requirements: We may disclose data if required by law, court order, or to protect the safety of our users.
Section 07

Your Rights

You have full control over your personal data. At any time you can:

  • Access a copy of the personal data we hold about you by contacting our support team.
  • Correct inaccurate or incomplete information directly in your Profile or Edit Profile screen.
  • Request deletion of your account and all associated data (see Section 8 below).
  • Opt out of non-essential communications by updating your notification preferences in Settings.
  • Export your workout and check-in history — contact support to request a data export.
  • Withdraw consent for data processing at any time by deleting your account.
Section 08

Data Deletion

You have the right to request the deletion of your personal data at any time. To request deletion of your account and all associated data:

Request Account Deletion

Email us from the address linked to your AbFit account with the subject line "Delete My Account" and we will permanently remove your data within 30 days.

support@abfit.app

Upon deletion, we will permanently erase your account, profile, workout history, bookings, messages, check-ins, and progress photos. Payment records may be retained for up to 7 years as required by financial regulations.

Section 09

Children's Privacy

AbFit is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us at support@abfit.app and we will promptly delete it.

Section 10

Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. When we make significant changes, we will:

  • Update the "Last updated" date at the top of this page.
  • Send a notification to the email address linked to your account.
  • Display an in-app notice the next time you open AbFit.

Your continued use of AbFit after any changes constitutes your acceptance of the updated policy.

Section 11

Contact Us

If you have questions, concerns, or requests regarding your privacy or this policy, our team is here to help:

Privacy & Support

We aim to respond to all privacy-related inquiries within 48 hours.

support@abfit.app