Sign Up
Login

Privacy Policy

Effective Date: September 2, 2025Entity Responsible: TFC LLC (“The FitCorp”)

1. Introduction

TFC LLC (“The Fit Corp,” “we,” “us,” or “our”) operates a mobile fitness application (the “App”) designed for employees of participating companies to record activities, participate in wellness challenges, and foster team engagement.
This Privacy Policy explains how we collect, use, share, and protect information when you use the App. It applies to all users, including employees, HR administrators, and coaches, whose companies have subscribed to our services.
We do not provide medical services, and we are not a “covered entity” or “business associate” under HIPAA. Our services are intended for general wellness, not medical diagnosis or treatment.
By using the App, you agree to this Privacy Policy.

2. Information We Collect

We collect the following categories of personal information:

  • Account Information: Name, email address, department, profile photo.
  • Authentication: Password (encrypted), with multi-factor authentication enabled.
  • Activity Data: Steps, GPS-based activity, workouts, and manual entries.
  • Device & Diagnostics: Device type, operating system, crash logs, app version.
  • Location Data: Precise GPS location when enabled by the user.
  • Support Data: Helpdesk tickets, chat logs, and related communications.
  • Marketing Data: Newsletter opt-ins, referral link participation.
  • Website/SDK Data: Analytics and usage information from Google Analytics, Mixpanel, and similar tools.
  • Integrations: Data accessed from Apple Health and Google Fit, only with your explicit consent. We do not collect sensitive health data such as medical conditions, weight, pregnancy information, or tax identifiers.
3. How We Use Information

We process data to:

  • Deliver the App’s core services (activity tracking, challenges, leaderboards).
  • Sync with Apple Health and Google Fit, with your consent.
  • Provide challenge results and reports to your employer, including both individual and aggregated insights.
  • Operate social features such as leaderboards and coworker visibility.
  • Maintain and improve the App, including diagnostics and crash analysis.
  • Provide customer support and respond to inquiries.
  • Communicate with you about service updates and, with your consent, send marketing communications.
4. Legal Bases for Processing (GDPR/UK GDPR/EEA)

For users in the EU, EEA, and UK, our processing is based on:

  • Contract: To deliver the App to you as part of your employer’s subscription.
  • Legitimate Interests: For security, analytics, and aggregated reporting.
  • Consent: For Apple Health/Google Fit integrations, GPS location data, and marketing emails.
5. Sharing of Information

We may share your data as follows:

  • With Employers: Individual and aggregated challenge data are made available to your company.
  • With Coworkers: Other participants may see your name, profile photo, and challenge results in leaderboards and social features.
  • With Vendors and Service Providers: We use Supabase and AWS (data hosting in the US and Canada) and analytics services (Google Analytics, Mixpanel). These vendors process data only on our instructions.
  • With Legal Authorities: We may disclose information where required by law or valid legal request. When permitted, we will notify affected users or employers.

We do not sell personal information or health-related data.

6. International Data Transfers

Data may be stored or processed in the United States and Canada. 
Where required, we use Standard Contractual Clauses (SCCs) or equivalent safeguards for cross-border transfers from the EU/UK.

7. Data Security

We use strong security measures to protect your information, including:

  • AES-256 encryption at rest and TLS encryption in transit.
  • Multi-factor authentication (MFA) for access.
  • Application-level encryption for sensitive tokens and keys.
  • Access restricted to authorized personnel under role-based controls.

Despite these safeguards, no system is 100% secure.

8. Data Retention

We retain:

  • Activity data, support logs, and diagnostics for 1 year.
  • Account data for as long as your employer maintains a subscription or until you request deletion.
  • Backups are deleted in line with the same retention schedule.
9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and obtain a copy of your personal data.
  • Request correction or deletion of your data.
  • Download/export your activity data.
  • Withdraw consent for Apple Health/Google Fit integration or GPS location.
  • Opt out of leaderboards or coworker visibility.
  • Object to or restrict processing.
  • Opt out of marketing emails at any time.

To exercise your rights, contact us at: privacy@thefitcorp.com

10. Children’s Privacy

The App is not intended for individuals under the age of 16. We do not knowingly collect personal data from minors.

11. Updates to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email and in-app notification, with at least 30 days’ notice before they take effect.

12. Contact Us

For questions about this Privacy Policy or your data:

Email: legal@thefitcorp.com
Mailing Address:
TFC LLC
440 Monticello Avenue, STE 1802, 377892
Norfolk, Virginia 23510, USA

Scroll to Top