2. Information We Collect

By using the Services, we collect different types of information from and about you. The type of data we collect depends on how you use the app, the features you enable, and the choices you make in your privacy settings.

1. Account Data

When you create or manage your account, we collect:

1. Identification details: name, username, and password.

2. Contact details: email address (for login, notifications, and support).

3. Profile details: date of birth, gender, height, weight, and any optional profile photo.

4. Settings and preferences: such as your privacy choices, notification preferences, and app configurations.

2. Fitness & Health Data

When you use our fitness tracking features, we collect:

1. Activity data: steps, distance, pace, speed, cadence, calories burned, and workout history.

2. Biometric/health data: heart rate, sleep patterns, and other fitness indicators (if your device supports them or you have provided us with this information from your wearable fitness tracker).

3. GPS & location data: routes, elevation, and maps of your activities (only if you grant location permissions).

4. Third-party syncs: health and activity data imported from apps and devices like Apple Health, Google Fit, Garmin, or Fitbit (only if you connect them).

Because some of this information is considered “sensitive data” under privacy laws, we only collect and process it with your explicit consent, which you can withdraw at any time.

3. Device & Technical Data

When you interact with the Services, we automatically collect:

1. Device identifiers: device model, operating system, mobile network, browser type, and unique device ID.

2. Usage data: app activity, features used, crash reports, performance logs, and diagnostic data.

3. Network data: IP address, location inferred from IP, and connection information.

4. Cookies & similar technologies: to store preferences, enable certain features, and analyse app usage.

4. User Content

When you engage with the app’s community features, we collect:

1. Photos, notes, and posts you upload to your profile or activity feed.

2. Social interactions: comments, likes, reactions, and kudos.

3. Challenges & leaderboards: your participation and ranking in community events.

4. Messages or invitations sent through the app (if messaging is enabled).

5. Payment & Transaction Data

When you purchase subscriptions or premium features, we collect:

1. Subscription details: plan type, start and end dates, and renewal status.

2. Transaction records: amount paid, currency, and purchase history.

3. Payment method info: limited details such as card type or last four digits (collected by third-party processors).

6. Information from Third Parties

We may also collect information about you from:

1. Social logins (e.g., Apple, Google, Facebook): basic profile data you agree to share.

2. Friends or community members: if they tag or invite you in challenges.

3. Public sources: anonymised or aggregated data used for research and insights.

3. How We Use Your Information

We use the information we collect to operate, improve, and protect our Services, and to provide you with the best possible experience. Specifically, we process your data in order to:

1. Provide and Personalise the Services

   1. Create and manage your account.

   2. Customise your dashboard, activity tracking, Rewards and Third-Party Content (as defined in our Terms of Service), and insights based on your profile and preferences.

   3. Offer tailored workout recommendations, challenges, or content relevant to your fitness goals.

2. Track Fitness Progress and Generate Insights

   1. Record your workouts, steps, distance, speed, calories, heart rate, and other fitness data.

   2. Generate progress reports, trend analyses, and performance summaries.

   3. Help you set and achieve personal goals through analytics and progress tracking.

3. Sync with Third-Party Apps and Devices

   1. Allow you to connect your account with third-party services such as Apple Health, Google Fit, Garmin, Fitbit, or other wearable fitness trackers.

   2. Import or export fitness and health data as you choose.

   3. Maintain interoperability between your devices and our Services.

4. Enable Community and Social Features

   1. Allow you to join challenges, participate in leaderboards, and connect with friends or other users.

   2. Support social sharing features, such as posting activity summaries, achievements, or photos.

   3. Facilitate interactions through likes, comments, and messaging (if enabled).

   4. Provide you with control over your visibility and privacy settings.

5. Process Payments and Subscriptions

   1. Manage premium features, subscription plans, or in-app purchases.

   2. Process payments securely through third-party providers.

   3. Provide billing history, receipts, and customer support for payment issues.

6. Communicate with You

   1. Send important service-related notifications, such as account confirmations, password resets, or policy updates.

   2. Provide motivational or progress-related updates, such as weekly summaries or challenge reminders.

   3. Send marketing or promotional messages (where legally permitted, with opt-out options at any time).

7. Improve App Performance and Security

   1. Monitor system performance, detect and fix errors, and improve usability.

   2. Analyse usage patterns to develop new features and enhance existing ones.

   3. Prevent fraud, abuse, or unauthorised access to your account.

   4. Protect the safety and integrity of our Services and users.

8. Comply with Legal Obligations

   1. Meet requirements under applicable laws and regulations.

   2. Respond to valid requests from regulatory bodies or law enforcement.

   3. Enforce our Terms of Service and protect our legal rights.

4. How We Share Information

We value your trust and want you to know how and when we share your personal information. We do not sell your personal data to third parties. We only share your data in the following limited circumstances:

1. Service Providers (Sub-processors)

We work with trusted third-party vendors to help us provide and improve the Services. These providers may process data on our behalf, but only as necessary to perform their functions. Examples include:

1. Cloud hosting & storage (to securely store and manage your data)

2. Analytics providers (to understand app usage and improve features)

3. Customer support tools (to respond to help requests)

4. Payment processors (to handle subscription payments and in-app purchases)

These providers are contractually required to protect your data and cannot use it for their own purposes.

2. Connected Apps & Devices

You may choose to connect your account with third-party health and fitness services (e.g., Apple Health, Google Fit, Garmin, Fitbit). If you do so, we share only the information necessary to sync your activities or health metrics.

3. Community & Social Sharing

If you choose to make your profile or activities visible to others, certain information (such as your username, workouts, photos, or leaderboard stats) may be shared with:

1. Other users within the app (e.g., friends, followers, challenge participants)

2. The public, if you set your profile or activities to “public” visibility

3. External platforms (if you use our share functions to post to social media)

You can adjust these visibility and sharing options in your privacy settings.

4. Legal Authorities & Safety

We may disclose your information if we believe it is reasonably necessary to:

1. Comply with applicable laws, regulations, or legal processes

2. Respond to valid requests from law enforcement or regulators

3. Protect the rights, property, or safety of our users, the public, or our company

4. Enforce our Terms of Service and prevent fraud, abuse, or security risks 

5. Business Transactions

If our company is involved in a merger, acquisition, restructuring, financing, or sale of assets, your information may be transferred to the new owner or business entity as part of the transaction. We will ensure that any successor is bound by obligations consistent with this Privacy Policy.

6. With Your Consent

In all other situations, we will only share your personal data with third parties if you give us your explicit consent. For example, if you opt in to participate in a research study or promotional partnership.

5. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction that requires it, we are required to explain the legal grounds we rely on when processing your personal data. Depending on the context, we process your data under one or more of the following bases:

1. Consent

We process certain personal data only with your explicit consent. Examples include:

1. Collecting and processing health or biometric data (e.g., heart rate, sleep patterns).

2. Using GPS/location tracking to map your workouts or routes.

3. Sending you marketing communications (emails, push notifications, or promotions).

4. Syncing your account with third-party services (e.g., Apple Health, Google Fit, Garmin).

You may withdraw your consent at any time through your account settings or by contacting us (see Contact Us section). Withdrawing consent does not affect the lawfulness of processing already carried out.

2. Contract

We process data where it is necessary to perform our contract with you. Without this processing, we cannot provide the Services. Examples include:

1. Creating and maintaining your account.

2. Providing core features such as workout tracking, progress insights, and syncing with devices.

3. Processing payments for subscriptions or premium features.

4. Offering customer support and responding to your requests.

3. Legal Obligation

In certain cases, we are legally required to process your personal data. Examples include:

1. Complying with financial, tax, or reporting obligations.

2. Retaining certain payment records for regulatory compliance.

3. Responding to valid requests from courts, regulators, or law enforcement.

4. Legitimate Interests

We may process your data where it is reasonably necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include:

1. Improving our Services, such as analysing usage trends and developing new features.

2. Securing our platform, detecting fraud, and preventing misuse.

3. Personalising your experience, including suggesting relevant challenges, features, or insights.

4. Communicating with you about updates or features relevant to your use of the Services.

5. Conducting research and analytics to better understand fitness trends and user needs.

We always balance our legitimate interests against your privacy rights and provide opt-out mechanisms where required.

6. Your Rights 

We respect your privacy and want to make sure you remain in control of your personal data. Depending on where you live (for example, in the EU/EEA, UK, California, or other regions with privacy laws), you may have certain rights over your information.

1. Right of Access

You have the right to request a copy of the personal data we hold about you. This includes details about what information we collect, how we use it, and with whom we share it.

2. Right of Correction (Rectification)

If any of the information we hold about you is inaccurate or incomplete, you can ask us to correct or update it. For example, you can update your profile details (such as weight or email) directly in the app, or you can contact us for corrections.

3. Right of Deletion (“Right to be Forgotten”)

You may ask us to delete your personal data. We will honor this request unless we are legally required to retain certain information (for example, payment records for tax compliance) or where retention is necessary for the ongoing operation of the Services. Once deletion is complete, your account will be permanently closed.

4. Right to Restrict Processing

You may request that we stop or limit how we process your data. This might apply if you dispute the accuracy of your information, if processing is unlawful, or if you object to us using your data but do not want it deleted.

5. Right to Data Portability

You have the right to request your data in a structured, commonly used, and machine-readable format. This allows you to transfer your information to another service provider if you choose. For example, you may want to export your workout history.

6. Right to Object

You may object to certain types of processing:

1. Direct marketing: You can always opt out of marketing emails, push notifications, or other promotional messages.

2. Legitimate interests: If we process your data for reasons such as product improvement or analytics, you may object if you believe your privacy outweighs our interests.

7. Right to Withdraw Consent

Where we rely on your consent (for example, GPS tracking, syncing with third-party apps, or processing sensitive health data), you can withdraw your consent at any time. Withdrawing consent does not affect the lawfulness of past processing, but it may mean some features of the app will no longer function.

8. Right to Opt-Out of Sale or Sharing (CCPA/CPRA – California Users)

If you are a California resident, you have the right to opt out of any “sale” or “sharing” of your personal information for advertising purposes. While we do not sell your data in exchange for money, we may share limited information with partners for analytics or advertising. You can opt out of this sharing at any time.

How to Exercise Your Rights

To exercise any of the rights above, you can:

• Email us at support@logro.fit 

• Use in-app privacy tools (where available, such as export or deletion functions)

We may need to verify your identity before responding to your request. In some cases, we may not be able to fulfill your request if it conflicts with legal or contractual obligations, but we will explain the reason if this happens.

We aim to respond to all valid requests within the timeframe required by law (usually 30 days under GDPR and 45 days under CCPA/CPRA).

7. Children’s Privacy

Our Services are not directed to, and are not intended for use by, children under the age of 16.

We do not knowingly collect, use, or store personal data from children without appropriate parental or guardian consent. If we discover that we have inadvertently collected personal information from a child without such consent, we will take immediate steps to delete that information.

If you are a parent or legal guardian and believe that your child has provided personal data to us without your consent, you should contact us right away at support@logro.fit, and we will work with you to resolve the issue, including deleting the account if necessary.

We may, in limited circumstances, offer features intended for younger users (such as family accounts or junior tracking features). Where this is the case, we will:

• Clearly indicate the applicable minimum age;

• Obtain verifiable parental consent before collecting any personal data; and

• Provide parents/guardians with tools to review, manage, or delete their child’s information.

We encourage parents and guardians to take an active role in their children’s online activities and to use available parental controls to help supervise app use.

8. Data Security & Retention

1. Data Security

We take the security of your personal data seriously. To help protect it from loss, misuse, and unauthorised access or disclosure, we implement a combination of technical, organisational, and administrative safeguards. These may include:

1. Encryption: Sensitive data (such as health metrics, passwords, and payment details) is encrypted both in transit and at rest.

2. Access Controls: Only authorised employees, contractors, and service providers who need to process your data for legitimate business purposes are granted access.

3. Monitoring & Testing: We regularly review our systems for vulnerabilities, apply security patches, and conduct audits to maintain the integrity of our Services.

4. User Controls: We encourage you to use strong passwords, enable device-level security, and keep your app up to date to further protect your information.

Despite these measures, no method of electronic storage or transmission is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security.

2. Data Retention

We keep your personal information only for as long as it is necessary to provide our Services, fulfill the purposes described in this Privacy Notice, or comply with legal, accounting, or regulatory requirements. In practice:

1. Active Accounts: We retain your information while your account remains active so that we can provide the Services to you.

2. Deleted Accounts: If you choose to delete your account, we will delete or irreversibly anonymise your personal data. Some data may remain in backups for a limited time before being securely erased.

3. Legal & Compliance Needs: Certain data may need to be retained even after account deletion (e.g., transaction records for tax or audit obligations, or data required to resolve disputes or enforce agreements).

4. Aggregated/Non-Identifiable Data: We may retain anonymised or aggregated data that cannot reasonably identify you, for purposes such as analytics, research, and service improvement.

We regularly review our retention policies to ensure that we are not keeping personal data longer than necessary.

9. International Transfers

Our Services may be provided using infrastructure, servers, and service providers located in multiple countries. This means that if you access or use our Services outside of Australia, your personal data may be transferred to, stored, or processed in a country that is different from your country of residence.

These countries may have different data protection laws, which may not provide the same level of protection as the laws in your home country. However, whenever we transfer your personal data internationally, we take steps to ensure that it remains adequately protected.

1. Safeguards We Use

To protect your data during international transfers, we implement appropriate safeguards, such as:

1. Standard Contractual Clauses (SCCs): For transfers from the European Economic Area (EEA), United Kingdom, or Switzerland to countries without an adequacy decision, we rely on SCCs approved by the European Commission or UK authorities.

2. Adequacy Decisions: Where applicable, we transfer data to countries that have been recognised by the European Commission or UK government as providing an adequate level of protection.

3. Service Provider Agreements: We require all third-party vendors and partners who process data on our behalf to comply with strong data protection obligations, including confidentiality, security, and lawful processing.

4. Additional Safeguards: Where necessary, we use technical and organisational measures (such as encryption and minimisation) to protect data during transfer.

2. Your Acknowledgment

By using the Services, you acknowledge that your personal data may be transferred to and processed in countries outside of your residence. In these cases, we will ensure that appropriate legal, technical, and contractual safeguards are in place.

3. Rights & Inquiries

If you would like more details about the safeguards in place for international transfers, or if you wish to request a copy of the applicable Standard Contractual Clauses, you can contact us at support@logro.fit. 

10. Updates to This Policy

We may update this Privacy Notice occasionally. If we make material changes, we’ll notify you via in-app notice, email, or website update.

11. Contact Us

If you have questions or concerns, contact us at:

Logro Pty Ltd

support@logro.fit