Privacy Policy

Last updated: January 2026

This Privacy Policy describes how FitGlue ("we", "us", or "our") collects, uses, and protects information about you when you use our website and services. We are committed to protecting your privacy and being transparent about our data practices.

Our Commitment to You

We will never sell, rent, or trade your personal data to anyone. Your fitness data belongs to you, and we only access it with your explicit permission to provide the services you have requested.

Information We Collect

We collect information you provide directly to us, such as when you create an account, connect a fitness platform, or contact us for support.

• Account Information: Email address and authentication credentials
• Fitness Data: Workout data from connected platforms (Hevy, Fitbit, Strava, etc.) that you explicitly authorize us to access
• Usage Data: Basic information about how you use our service to help us improve

How We Use Your Information

We use the information we collect solely to:

• Provide, maintain, and improve our services
• Process and sync your fitness data between the platforms you connect
• Send you essential technical notices and support messages
• Respond to your comments and questions

We do not use your data for advertising, profiling, or any purpose beyond providing the service.

Data Sharing & Third Parties

We share your fitness data only with the platforms you explicitly connect and authorize through FitGlue. We do not:

• Sell your personal information to anyone, ever
• Share your data with advertisers
• Use your data for marketing purposes without consent
• Access your data beyond what is necessary to provide the service

Data Security

We implement appropriate technical and organizational measures to protect your data:

• All data is encrypted in transit using TLS/SSL
• All data is encrypted at rest
• We use secure authentication through Firebase Authentication
• Access to systems is strictly controlled and monitored

Data Retention

We retain your data only for as long as necessary to provide our services. When you disconnect an integration or delete your account, we remove the associated data from our systems within 30 days.

Your Rights (GDPR & Data Protection)

If you are in the European Economic Area (EEA) or United Kingdom, you have specific rights under GDPR:

• Right of Access: You can request a copy of all personal data we hold about you (Subject Access Request)
• Right to Rectification: You can request correction of inaccurate data
• Right to Erasure (Right to be Forgotten): You can request deletion of your personal data at any time
• Right to Data Portability: You can request your data in a machine-readable format
• Right to Restrict Processing: You can request we limit how we use your data
• Right to Object: You can object to certain types of processing

To exercise any of these rights, please contact us at privacy@fitglue.tech. We will respond to all requests within 30 days.

Account Deletion

You can disconnect any integration and delete your account at any time from within the application. Upon account deletion:

• All associated fitness data is permanently deleted
• All integration tokens are revoked
• Your account information is removed from our systems

Children's Privacy

FitGlue is not intended for children under 16 years of age. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or have concerns about how we handle your data, please contact us at privacy@fitglue.tech.