Privacy Policy

Last Updated: March 18, 2026

Introduction

Simply Practical, LLC ("we," "our," or "us") operates the Fitseum mobile application (the "Service"). This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

How Fitseum Works

Fitseum is a private fitness league platform that lets friends, coworkers, and communities compete and track fitness progress together. The app uses a hybrid architecture:

Personal fitness data (weight, workouts, habits, nutrition) is stored locally on your device first
Social and league features (leagues, leaderboards, posts, comments) require a cloud account and are stored on our servers

Data Collection and Storage

Account Information

To use league and social features, you must create an account. When you sign in, we collect:

Display Name: Your chosen name shown to other league members
Email Address: Used for account identification and recovery
Authentication Identifier: A unique ID provided by your sign-in method (Google, Apple, or email/password)

Profile Information

You may optionally provide additional profile details, including:

Avatar or profile photo
Bio
Fitness goal and activity level
Age and height (used for body composition calculations)
Starting weight and goal weight

Local Data (Stored on Your Device)

The following personal fitness data is stored locally on your device using an on-device database:

Weight Entries: Daily weigh-ins, body composition metrics (BMI, body fat %, muscle mass, water %)
Workout Logs: Exercises, sets, reps, and weights
Habit Tracking: Daily habits (weigh-in, workout, food logging, water intake, sleep, steps) and streaks
Nutrition Entries: Calorie and macro tracking (protein, carbs, fat)
Progress Photos: Stored as image files on your device
App Settings and Preferences: Theme, units, reminders

Cloud Data (Stored on Our Servers)

When you participate in leagues and social features, the following data is stored on our cloud servers:

League and Social Data

League Information: League name, description, competition mode, scoring configuration, season dates, and your membership and role
Activity Logs: Fitness activities you choose to share with your leagues (workout summaries, step counts, weight updates, habit completions)
Leaderboard Entries: Computed scores and rankings within your leagues
Social Posts: Workout cards, milestones, announcements, text posts, and photos you share in the social feed
Comments and Reactions: Your interactions on other members' posts
Invite Codes: League invite codes you create or use

Data Security

Encryption in Transit: All data transmitted between your device and our servers uses HTTPS/TLS encryption
Row-Level Security: Database-level access controls ensure you can only access data you are authorized to see (your own data and data from leagues you belong to)
Authentication Required: All cloud data access requires a valid authenticated session

Automatically Collected Data

The app may automatically collect limited technical data to help improve stability and user experience:

Firebase Analytics

What: Aggregated, anonymized usage statistics (e.g., feature usage counts, session duration)
Purpose: Understand which features are most valuable to improve the product
Processor: Google Firebase Analytics
Data: Device type, OS version, app version, coarse locale/timezone, anonymized app interaction events. No personal fitness data, notes, or user-entered content is included.

Push Notification Tokens

What: A device token used to deliver push notifications
Purpose: Send you league activity updates, reminders, and notifications
Processor: Firebase Cloud Messaging
Data: An anonymous device identifier. No personal content is included in the token itself.

Camera and Photo Access

Fitseum may request access to your device camera and photo library for:

Progress Photos: Taking and storing fitness progress photos
Smart Scale OCR: Photographing your scale display to automatically read weight values using on-device text recognition (Google ML Kit). Scale photos are processed entirely on your device and are not uploaded to any server.
Social Posts: Sharing photos in the league social feed (these are uploaded to our servers when you choose to post them)

Health Platform Integration (Future)

Fitseum may offer optional integration with Apple Health (iOS) and Health Connect (Android) in future updates. If enabled:

Data types may include steps, workouts, heart rate, weight, and body fat percentage
Health data is read only with your explicit permission
Health data is stored locally on your device and is never sent to our servers unless you explicitly share it in a league

Data We Do NOT Collect

Precise location or GPS data
Contacts or phone number
Financial or payment information (no in-app purchases at this time)
Web browsing history
SMS or call logs
Data from other apps on your device

Data Sharing

We do not sell your data. Your data may be shared in the following limited circumstances:

Within Leagues

When you join a league, other league members can see:

Your display name and profile information
Activity logs and scores you share with the league
Posts, comments, and reactions in the league social feed
Your position on leaderboards

You control what data you share by choosing which activities to log and what to post. Personal fitness data stored locally (detailed workout logs, full nutrition entries, progress photos) is never shared unless you explicitly post it.

Service Providers (Processors)

Supabase: Cloud database and authentication provider. Hosts your account information, league data, and social content. Supabase processes data on our behalf under strict data processing agreements.
Google Firebase (Analytics & Cloud Messaging): Anonymous analytics processing and push notification delivery
Google Sign-In / Apple Sign-In: Authentication only; we receive a user identifier, display name, and email address
Google ML Kit: On-device text recognition for smart scale OCR. All processing happens on your device; no data is sent to Google.

Legal Requirements

We may disclose information if required by law or to protect our legal rights.

Data Export and Deletion

Your Data Rights

Export: You can export your local fitness data from within the app
Delete Local Data: Uninstalling the app removes all locally stored data from your device
Delete Account: You can delete your account and all associated cloud data from within the app (Settings). This permanently removes your profile, league memberships, activity logs, posts, and all other cloud-stored data.
Request Deletion: You can also request account deletion by contacting us at [email protected]

Data Portability

Your exported data is in standard JSON format, making it portable to other applications.

Security

Local Security

Device Protection: Your local data security depends on your device's security (lock screen, biometrics)
On-Device Database: Personal fitness data is stored in a local database accessible only to the Fitseum app

Network Security

Secure Connections: All network communications use HTTPS/TLS encryption
Row-Level Security: Server-side access controls enforce that users can only read and write their own data and data from leagues they belong to
Authenticated Access: All API requests require valid authentication tokens

Children's Privacy

Fitseum is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us.

International Users

Data Transfers

Personal fitness data stored locally on your device is not transferred internationally. Cloud-stored data (account information, league data, social content) is hosted on Supabase infrastructure and may be stored in data centers outside your home country. All data in transit is encrypted with TLS.

Regional Compliance

GDPR (EU): We comply with GDPR principles. You have the right to access, correct, export, and delete your data.
CCPA (California): California residents have rights to know, delete, and opt-out, all available through app settings or by contacting us.

Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify users of material changes through:

In-app notification
App Store update notes
Website posting at simplypractical.life

Data Retention

Local Data: Retained on your device until you delete the app or clear data
Account and Cloud Data: Retained while your account is active. Deleted when you delete your account through the app or request deletion.
Analytics Data: Retained according to Firebase's default retention policies
Push Notification Tokens: Retained while your account is active; removed upon account deletion

Third-Party Services

Apple App Store / Google Play Store

When you download or purchase through app stores, their privacy policies apply:

Apple Privacy Policy: https://www.apple.com/privacy/
Google Privacy Policy: https://policies.google.com/privacy

Supabase (Cloud Infrastructure)

Supabase provides the cloud database, authentication, and storage infrastructure for Fitseum:

Supabase Privacy Policy: https://supabase.com/privacy

Google Firebase (Analytics & Messaging)

Firebase provides anonymous analytics and push notification delivery:

Google Privacy Policy: https://policies.google.com/privacy
Firebase Terms: https://firebase.google.com/terms

Contact Information

If you have questions about this Privacy Policy, please contact us:

Simply Practical, LLC
Website: www.simplypractical.life
Email: [email protected]
Address: 971 US HIGHWAY 202N STE N, BRANCHBURG, NJ 08876

Your Consent

By using Fitseum, you consent to this Privacy Policy.

Privacy by Design

Fitseum was built with privacy as a fundamental principle:

Local-First for Personal Data: Your personal fitness data stays on your device; only what you choose to share in leagues is sent to our servers
Minimal Collection: We collect only what's necessary for functionality
User Control: You decide what to share with your leagues and can delete your data at any time
Secure by Default: TLS encryption, row-level security, and authenticated access protect your data
Transparency: This policy explains exactly what we do and don't collect