Last updated: July 2, 2026

Privacy Policy

This Policy explains how FitRetention AI ("we") collects, uses, shares and protects personal data processed through the Platform. It must be read together with the Terms of Service.

1. Roles

For the professional User's own data, FitRetention AI is the controller.

For client data entered by the User, the User is the controller and FitRetention AI acts as processor, handling data solely on the User's instructions and per these documents.

2. Data collected

We collect, as applicable, the following categories:

  • Professional signup data: name, email, phone, profession, hashed password, preferences.
  • Client data entered by the User: name, contact (WhatsApp, email), sex, birthdate, goals, monthly fee, start date, notes.
  • Check-in answers: perceived sleep, mood, pain, motivation, workout adherence and other configured fields.
  • Usage and telemetry: pages visited, actions taken, error logs, IP address, device and browser type.
  • Financial data: minimum information needed for billing; card data is not stored by us, only by the payment provider.
  • Strictly necessary cookies for authentication and preferences (language, theme).

3. Purposes

  • Provide the contracted features (client management, check-ins, alerts, reports, AI suggestions).
  • Authenticate users and protect account security.
  • Bill, prevent fraud and comply with accounting and legal obligations.
  • Support the User.
  • Improve the Platform using aggregated, anonymized data.
  • Send operational communications (we do not use client data for our own marketing).

4. Legal bases

  • Contract execution — to deliver the service.
  • Compliance with legal or regulatory obligations — for tax and accounting duties.
  • Legitimate interest — for security, fraud prevention and continuous improvement, always respecting data subjects' rights.
  • Consent — when expressly obtained, e.g. for optional communications.

5. Sharing with sub-processors

We share strictly necessary data with sub-processors contractually bound to equivalent security and privacy standards:

  • Cloud infrastructure for hosting and database.
  • AI model providers to generate suggestions and analyses (submitted content is used only to answer the request).
  • Authentication provider, including Google sign-in when chosen by the User.
  • Transactional email provider.
  • Payment and invoicing providers.
  • Public authorities when required by law or judicial order.

We do not sell personal data to third parties.

6. International transfers

Some sub-processors may process data outside Brazil. In such cases we adopt appropriate safeguards, including contractual clauses and adequacy assessments, per applicable data protection law.

7. Retention

We keep data while your account is active and for as long as needed for the described purposes. After termination, data may be retained for the minimum period required by law (e.g. tax obligations) and then safely deleted or anonymized.

8. Security

  • Encryption in transit (TLS) and at rest.
  • Role-based access control and per-account row-level security.
  • Logical data segregation between accounts.
  • Audit logs on sensitive operations.
  • No system is 100% secure; report any suspected incident to suporte@fitretentionai.com.br.

9. Data subject rights

You may request:

  • Confirmation of processing and access to data.
  • Correction of incomplete, inaccurate or outdated data.
  • Anonymization, blocking or deletion of unnecessary data.
  • Portability to another provider.
  • Deletion of data processed based on consent.
  • Information about entities we share data with.
  • Withdrawal of consent when applicable.

Requests may be sent to suporte@fitretentionai.com.br and will be handled within legal deadlines. For client data, the request must be directed first to the User (controller).

10. Account deletion

You can delete your account directly in the Platform (Settings → Delete account). Deletion removes your personal data and the data of clients linked to the account, except for the minimum retained by legal obligation.

11. Cookies

We use only strictly necessary cookies for authentication, preferences (language, theme) and fraud protection. We do not use third-party advertising cookies.

12. Minors

The Platform is not intended for Users under 18. Client data of minors may only be processed with legal guardian authorization, under the User's responsibility.

13. Changes

We may update this Policy at any time. Material changes will be communicated via the Platform or email with reasonable notice.

14. Data protection officer and contact

To exercise your rights or ask questions about this Policy, contact our data protection officer at suporte@fitretentionai.com.br.

Questions? Reach us at suporte@fitretentionai.com.br.