🔒 TOASTED HEALTH PRIVACY POLICY

1. 📊 INFORMATION WE COLLECT

We collect the following types of information to provide and improve our services:

Personal Information

• Account information: Name, email address, age
• Profile data: Profile pictures, preferences, settings
• Contact information: For customer support and communication

Fitness and Health Data

• Workout data: Exercise routines, sets, reps, weights, duration
• Progress tracking: Weight changes, measurements, fitness goals
• Activity data: Workout completion, streaks, achievements

Usage Data

• App interactions: Features used, time spent, navigation patterns
• Preferences: Settings, customizations, notification preferences
• Performance data: App crashes, errors, loading times

Device Information

• Device type: iPhone, iPad, Android device model
• Operating system: iOS/Android version
• App version: Current version of Toasted Health installed
• Device identifiers: For analytics and crash reporting

2. 🎯 HOW WE USE YOUR INFORMATION

We use your information for the following purposes:

Service Provision

• Provide and maintain the Toasted Health app
• Create and manage your user account
• Deliver personalized workout plans and recommendations
• Track your fitness progress and achievements

Communication

• Send important updates about the app
• Provide customer support and respond to inquiries
• Send workout reminders and motivational notifications
• Communicate about subscription and billing matters

Improvement and Analytics

• Analyze app usage to improve features and performance
• Understand user preferences to enhance the experience
• Conduct research and development for new features
• Monitor and analyze app performance and stability

Legal and Safety

• Comply with legal obligations and regulations
• Protect against fraud, abuse, and security threats
• Enforce our Terms of Service and policies

3. 🤝 INFORMATION SHARING

We do not sell your personal information. We may share your data in the following limited circumstances:

Service Providers

• Firebase: For app infrastructure, authentication, and database services
• Analytics providers: For app performance and usage analytics
• Cloud storage: For secure data backup and synchronization
• Payment processors: For subscription and billing management

Legal Requirements

• When required by law, regulation, or legal process
• To protect the rights, property, or safety of Toasted Health, our users, or others
• In connection with legal proceedings or investigations

Business Partners

• With your explicit consent for specific integrations or features
• For joint marketing or promotional activities (with your permission)

Business Transfers

• In the event of a merger, acquisition, or sale of assets (with notice to users)

4. 🛡️ DATA SECURITY

We implement comprehensive security measures to protect your data:

Technical Safeguards

• Encryption in transit: All data transmitted using TLS/SSL encryption
• Encryption at rest: Sensitive data encrypted in our databases
• Secure authentication: Multi-factor authentication and secure login processes
• Access controls: Strict access controls and permission systems

Operational Security

• Regular security audits: Periodic security assessments and penetration testing
• Employee training: Security awareness training for all team members
• Incident response: Procedures for detecting and responding to security incidents
• Data minimization: We only collect and retain data necessary for our services

Infrastructure Security

• Secure hosting: Data hosted on secure, certified cloud infrastructure
• Network security: Firewalls, intrusion detection, and monitoring systems
• Backup and recovery: Regular backups and disaster recovery procedures

5. ✋ YOUR RIGHTS

You have the following rights regarding your personal data:

Access and Portability

• Access your data: Request a copy of all personal data we hold about you
• Data portability: Export your data in a machine-readable format
• Account dashboard: View and manage your data through the app

Correction and Updates

• Correct inaccurate data: Update or correct any inaccurate personal information
• Profile management: Update your profile, preferences, and settings
• Data accuracy: Ensure your information is current and accurate

Deletion and Erasure

• Delete your account: Permanently delete your account and associated data
• Selective deletion: Remove specific types of data or information
• Right to be forgotten: Request erasure of your personal data

Control and Consent

• Opt out of communications: Unsubscribe from marketing emails and notifications
• Withdraw consent: Revoke consent for data processing where applicable
• Privacy settings: Control what data is collected and how it's used

How to Exercise Your Rights

• In-app settings: Use the privacy and account settings in the app
• Contact us: Email us at privacy@toastedhealth.com
• Response time: We will respond to requests within 30 days

6. 📅 DATA RETENTION

We retain your data according to the following policies:

Active Accounts

• Account data: Retained while your account is active
• Workout data: Retained to provide continuous service and progress tracking
• Usage data: Retained for analytics and service improvement

Inactive Accounts

• Account deletion: Accounts inactive for 3 years may be deleted
• Data archival: Some data may be archived for legal or business purposes
• User notification: We will notify you before deleting inactive accounts

Legal Requirements

• Legal holds: Data may be retained longer if required by law
• Dispute resolution: Data retained as necessary for legal proceedings
• Regulatory compliance: Retention periods may vary by jurisdiction

Deletion Process

• Immediate deletion: Some data deleted immediately upon request
• Backup systems: Complete removal from backups may take up to 90 days
• Anonymization: Some data may be anonymized rather than deleted

7. 👶 CHILDREN'S PRIVACY

We are committed to protecting children's privacy:

Age Requirements

• Minimum age: Users must be at least 13 years old
• Age verification: We verify age during account creation
• Parental consent: Users under 18 may require parental consent in some jurisdictions

Special Protections

• Limited data collection: We collect minimal data from users under 18
• No targeted advertising: No behavioral advertising to minors
• Enhanced security: Additional security measures for younger users

Compliance

• COPPA compliance: Full compliance with Children's Online Privacy Protection Act
• GDPR compliance: Compliance with EU regulations regarding children's data
• Regular review: Ongoing review of children's privacy practices

Discovery and Response

If we discover we have collected data from a child under 13 without proper consent:

• We will delete the information immediately
• We will terminate the account
• We will notify parents/guardians if contact information is available

8. 🌍 INTERNATIONAL TRANSFERS

Your data may be transferred and processed internationally:

Data Transfers

• Global infrastructure: Our services use global cloud infrastructure
• Cross-border transfers: Data may be transferred to countries outside your residence
• Service providers: Our service providers may be located in different countries

Safeguards

• Adequacy decisions: Transfers to countries with adequate privacy protections
• Standard contractual clauses: Use of EU-approved data transfer mechanisms
• Certification programs: Participation in recognized privacy frameworks
• Data processing agreements: Contracts ensuring appropriate data protection

Your Rights

• Transfer notification: We will inform you of significant changes to data transfers
• Objection rights: You may object to certain international transfers
• Local laws: We comply with local data protection laws in all jurisdictions

9. 🔄 POLICY UPDATES

We may update this privacy policy from time to time:

Notification of Changes

• App notifications: Important changes communicated through the app
• Email notifications: Significant changes sent to your registered email
• Website updates: Latest version always available on our website

Types of Changes

• Legal requirements: Updates to comply with new laws or regulations
• Service changes: Updates reflecting new features or services
• Security improvements: Changes to enhance data protection

Your Choices

• Continued use: Continued use of the app constitutes acceptance of updates
• Account deletion: You may delete your account if you disagree with changes
• Contact us: Reach out with questions about policy changes

10. 📞 CONTACT US

If you have questions about this privacy policy or our data practices:

Contact Information

• Email: privacy@toastedhealth.com
• Support: support@toastedhealth.com
• Legal: legal@toastedhealth.com

Response Times

• General inquiries: We respond within 48 hours
• Privacy requests: We respond within 30 days
• Urgent matters: We prioritize security and safety concerns

Mailing Address

Toasted Health
Privacy Department
[Your Business Address]
[City, State, ZIP Code]
[Country]