Get the app

Jirdhis — Document 02

Privacy Policy

Effective date: [INSERT EFFECTIVE DATE]
Last updated: [INSERT LAST UPDATED DATE]

1. Introduction

This Privacy Policy explains how [COMPANY LEGAL NAME] ("Jirdhis," "we," "us," or "our") collects, uses, shares, and protects information about you when you use the Jirdhis mobile application (the "App"), the website at [WEBSITE URL] (the "Site"), and any related services we offer (collectively, the "Services").

By using the Services, you agree to the practices described here. If you do not agree, please do not use the Services. This policy is incorporated into our Terms of Service.

Quick summary: We collect the data you give us when you sign up and use Jirdhis (your workouts, goals, and basic account info), plus some technical data your device sends automatically. We use it to make the App work, improve it, and keep your account secure. We do not sell your personal information. You can delete your account and your data at any time from inside the App.

2. Who we are

The data controller responsible for your information is:

[COMPANY LEGAL NAME]
[REGISTERED ADDRESS LINE 1]
[REGISTERED ADDRESS LINE 2]
[CITY, STATE/REGION, POSTAL CODE]
[COUNTRY]

Contact: privacy@[YOUR DOMAIN]

[If you have an EU/UK representative under GDPR, add their name and address here. If you have a Data Protection Officer, add their contact details.]

3. Information we collect

3.1 Information you provide to us

  • Account information. Name, email address, password (hashed), date of birth, gender, country, profile photo (optional), and any other details you add to your profile.
  • Fitness profile. Height, weight, fitness goals, training experience level, equipment available, and preferred workout types.
  • Workout data. Exercises performed, sets, reps, weights lifted, distance, duration, pace, perceived effort, and notes you add to sessions.
  • Health-related inputs. Optional data such as injuries, dietary preferences, sleep notes, and recovery feedback.
  • Communications. Messages you send to our support team, survey responses, and feedback.
  • Payment information. If you subscribe to a paid plan, payment is processed by Apple App Store or Google Play. We do not receive or store your full payment card details. We do receive transaction confirmations, subscription status, and a non-identifying transaction ID.

3.2 Information collected automatically

  • Device information. Device model, operating system and version, unique device identifiers (such as Apple's IDFV or Android's Advertising ID where permitted), language, time zone, and mobile network information.
  • Usage data. Features you use, screens you visit, buttons you tap, session duration, crash reports, and performance diagnostics.
  • Approximate location. Derived from IP address (city-level only) for analytics and to comply with regional law. We do not collect precise GPS location unless you explicitly enable a feature that requires it (such as outdoor run tracking) and grant permission.
  • Cookies and similar technologies on the Site. See our cookie disclosures at the end of this section.

3.3 Information from third parties

  • Health platforms. If you connect Apple Health, Google Fit, or Health Connect, we receive the data you authorize (typically workouts, heart rate, steps, and body measurements). You can disconnect at any time in your device settings.
  • Wearables. If you connect Apple Watch, Wear OS, or another wearable, we receive the workout and biometric data you authorize.
  • Sign-in providers. If you sign in with Apple, Google, or another provider, we receive your name and email address from that provider (subject to your privacy choices with that provider).

3.4 What we do NOT collect

  • We do not collect precise location without your explicit, in-app permission.
  • We do not access your contacts, photos, microphone, or camera unless you grant a feature-specific permission (for example, to set a profile photo).
  • We do not collect government ID numbers, full payment card numbers, or biometric identifiers (such as fingerprints or face scans).

4. How we use your information

We use your information to:

  • Create and maintain your account and provide the Services.
  • Generate personalized training plans, recommendations, and progress insights.
  • Sync your data across your devices and connected platforms (Apple Health, Google Fit, etc.).
  • Process subscriptions, renewals, and refunds via the app stores.
  • Send transactional communications (account confirmations, receipts, security alerts).
  • Send optional product updates, newsletters, and promotional messages where you have opted in. You can opt out at any time.
  • Improve, debug, and develop new features.
  • Detect, prevent, and respond to fraud, abuse, security incidents, and violations of our Terms.
  • Comply with legal obligations and enforce our agreements.

We do not use your personal information to train third-party AI models. Any AI features inside the App operate on de-identified or aggregated data unless you specifically opt in to a feature that requires otherwise.

6. Health and fitness data

Workout, biometric, and fitness data are sensitive. We treat them accordingly:

  • We process health data only with your consent and only for the features you use.
  • We do not share health data with advertisers or data brokers.
  • If you connect Apple Health, Google Fit, or Health Connect, our use of that data complies with the platform's developer terms. We use it only to provide and improve features you have enabled, and we do not use it for advertising.
  • You can revoke health platform access at any time in your device's privacy settings.

Important: Jirdhis is a fitness app, not a medical device. The Services are not intended to diagnose, treat, cure, or prevent any disease. Consult a qualified healthcare professional before starting any exercise program.

7. How we share your information

We share your information only as described below.

  • Service providers. Cloud hosting, analytics, customer support, payment processing, and email delivery vendors who process data on our behalf under contractual confidentiality and security obligations.
  • App stores. Apple App Store and Google Play handle your purchase, subscription, and billing. Their privacy practices are governed by their own policies.
  • Connected services. When you choose to share data with Apple Health, Google Fit, Health Connect, or a wearable, that sharing happens on your instruction.
  • Legal and safety. We may disclose information when required by law, subpoena, court order, or to protect the rights, safety, or property of Jirdhis, our users, or the public.
  • Business transfers. If we merge with, acquire, or are acquired by another company, your information may transfer as part of that transaction. We will notify you and continue to honor this policy or provide notice of changes.
  • With your consent. For any other purpose disclosed to you at the time of collection.

We do not sell your personal information for money. We do not share your personal information for cross-context behavioral advertising as those terms are defined under California law.

8. Third-party services we use

Below is a non-exhaustive list of the categories of third parties we use to operate the Services. Replace with the actual vendors you use before launch.

  • Cloud infrastructure: [e.g., Amazon Web Services, Google Cloud Platform]
  • Analytics: [e.g., a privacy-focused analytics provider]
  • Crash reporting: [e.g., your crash reporting vendor]
  • Email and transactional messaging: [e.g., your email service]
  • Customer support: [e.g., your helpdesk vendor]
  • Payments: Apple App Store and Google Play

9. Data retention

We keep your information for as long as your account is active and as needed to provide the Services. After you delete your account, we delete your personal information within [30/60/90] days, except where we are required to keep it longer for legal, accounting, fraud-prevention, or dispute-resolution reasons. Backup copies are purged on a rolling cycle as part of our standard backup rotation.

De-identified or aggregated data that cannot reasonably be linked back to you may be kept indefinitely.

10. How we protect your information

We apply administrative, technical, and physical safeguards designed to protect your information. These include encryption in transit (TLS), encryption at rest for sensitive data, access controls, regular security review, and incident response procedures.

No system is completely secure. If we become aware of a security incident affecting your personal information, we will notify you and the relevant authorities as required by law.

11. International data transfers

Jirdhis is operated from [YOUR COUNTRY]. If you access the Services from elsewhere, your information will be transferred to, stored, and processed in [COUNTRY/REGIONS] and any country where our service providers operate.

For transfers from the EEA, UK, or Switzerland to a country not deemed adequate by the relevant authority, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses and the UK International Data Transfer Addendum.

12. Your rights and choices

Depending on where you live, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate information
  • Delete your information
  • Restrict or object to processing
  • Port your information to another service
  • Withdraw consent
  • Opt out of marketing communications
  • Lodge a complaint with a data protection authority

To exercise any of these rights, email privacy@[YOUR DOMAIN] or use the controls inside the App. We will respond within the time required by applicable law (typically 30–45 days). We do not discriminate against you for exercising your rights.

13. Account and data deletion

You can delete your Jirdhis account and all associated personal data at any time:

  • From the App: Go to Settings → Account → Delete account. Confirm, and your data is queued for permanent deletion.
  • From the web: Visit [WEBSITE URL]/delete-account and follow the verification steps.
  • By email: Send a request to privacy@[YOUR DOMAIN] from the email associated with your account.

Deletion is permanent. We do not retain deleted accounts beyond the retention window described in Section 9.

14. Children's privacy

The Services are not directed to children under 13 (or 16 in the EEA/UK, or the equivalent age in your country). We do not knowingly collect personal information from children below that age. If we learn that we have collected such information, we will delete it promptly. If you believe a child has provided us with personal information, contact privacy@[YOUR DOMAIN].

15. California residents (CCPA / CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • The right to know what personal information we collect, use, disclose, and share
  • The right to delete personal information we have collected
  • The right to correct inaccurate information
  • The right to opt out of the sale or sharing of personal information (we do not sell or share for cross-context behavioral advertising)
  • The right to limit use of sensitive personal information
  • The right to non-discrimination for exercising your rights

To exercise these rights, email privacy@[YOUR DOMAIN]. We will verify your request by matching the information you provide against the information in your account.

Categories of personal information collected in the past 12 months: identifiers, customer records, commercial information (subscription history), internet activity, geolocation (approximate), inferences, and health-related data you provide.

Sources, purposes, and disclosure recipients: See Sections 3, 4, and 7 above.

16. Other U.S. state residents (Virginia, Colorado, Connecticut, Utah, and others)

If you reside in a U.S. state with a comprehensive consumer privacy law, you may have rights similar to those described in Section 15, including the right to access, correct, delete, and obtain a portable copy of your personal data, and the right to opt out of targeted advertising, the sale of personal data, and certain profiling. To exercise these rights, contact privacy@[YOUR DOMAIN].

You may also appeal a decision we make in response to your rights request. To appeal, reply to our response with the word "Appeal" or email privacy@[YOUR DOMAIN] with "Appeal" in the subject line.

17. EEA, UK, and Swiss residents (GDPR / UK GDPR)

If you are in the EEA, UK, or Switzerland, you have the rights listed in Section 12. You also have the right to lodge a complaint with your local supervisory authority. We list our legal bases in Section 5.

Our representative in the EU (where applicable) is: [EU REPRESENTATIVE NAME AND CONTACT, OR NOTE THAT NONE IS REQUIRED].

Our representative in the UK (where applicable) is: [UK REPRESENTATIVE NAME AND CONTACT, OR NOTE THAT NONE IS REQUIRED].

18. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top. If changes are material, we will notify you through the App or by email before the changes take effect. Your continued use of the Services after the effective date constitutes acceptance of the updated policy.

19. How to contact us

Questions, requests, or complaints? We're happy to help.

Privacy team: privacy@[YOUR DOMAIN]
General support: support@[YOUR DOMAIN]
Postal: [COMPANY LEGAL NAME], [FULL POSTAL ADDRESS]