Effective Date: February 14, 2026
Last Updated: February 14, 2026
PDF Fit ("we", "us", "our") operates the PDF Fit mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App. Please read this policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.
This policy complies with the Australian Privacy Act 1988, the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), the Virginia Consumer Data Protection Act (VCDPA), and other applicable global privacy laws.
1. Information We Collect
1.1 Information You Provide
- Account Information: Email address and password when you create an account.
- Workout Data: Exercise logs, set and rep data, weights, workout sessions, rest times, and program progress.
- Testing Data: Strength test results, cardio test results, and bodyweight test results that you choose to log.
- Fasting Data: Intermittent fasting logs and preset configurations.
- Program Data: Custom training programs you create or upload via PDF.
- Profile Preferences: Unit preferences (metric/imperial), theme preferences, and notification settings.
1.2 Information Collected Automatically
- Device Information: Device type, operating system version, and unique device identifiers for app functionality.
- Usage Data: App interaction data such as features used, session duration, and screens viewed, collected to improve the App experience.
- Crash and Performance Data: Technical logs to diagnose issues and improve app stability.
1.3 Information We Do Not Collect
- We do not collect precise geolocation data.
- We do not access your contacts, photos, or camera unless you explicitly initiate a feature requiring it (e.g., uploading a PDF).
- We do not collect health data from Apple HealthKit, Google Fit, or other health platforms unless you explicitly enable such integration.
- We do not track you across other apps or websites for advertising purposes.
2. How We Use Your Information
| Purpose |
Data Used |
Legal Basis (GDPR) |
| Provide and maintain the App |
Account info, workout data |
Contract performance |
| Track workout progress and history |
Workout, testing, and fasting data |
Contract performance |
| Authenticate your identity |
Email, password (hashed) |
Contract performance |
| Send password reset emails |
Email address |
Contract performance |
| Parse uploaded PDF programs |
PDF content (processed, not stored raw) |
Consent |
| Improve app performance and stability |
Usage and crash data |
Legitimate interest |
| Comply with legal obligations |
As required by law |
Legal obligation |
3. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information. We may share your data only in these limited circumstances:
- Service Providers: We use third-party services to operate the App, including cloud hosting (for data storage), email delivery services (for password reset emails), and AI services (for PDF program parsing). These providers process data on our behalf and are contractually obligated to protect it.
- Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request.
- Safety and Rights: We may disclose information to protect the rights, property, or safety of PDF Fit, our users, or the public.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your data is subject to a different privacy policy.
We do not share your data with advertising networks or data brokers.
4. Data Storage and Security
- Your data is stored on secure servers with industry-standard encryption in transit (TLS/SSL) and at rest.
- Passwords are cryptographically hashed and never stored in plain text.
- We implement access controls, regular security audits, and monitoring to protect your data.
- Guest mode data is stored locally on your device and is not transmitted to our servers unless you create an account.
While we take reasonable measures to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
5. Data Retention
- Active Accounts: We retain your data for as long as your account is active and as needed to provide you with the App's services.
- Deleted Accounts: When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.
- Guest Data: Guest mode data is stored only on your device and is deleted when you clear the app data or uninstall the App.
- Backup Retention: Encrypted backups may retain your data for up to 90 days after account deletion for disaster recovery purposes, after which it is permanently deleted.
6. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
6.1 All Users
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate personal data.
- Deletion: Request deletion of your account and associated data.
- Data Portability: Request your data in a structured, machine-readable format.
- Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
6.2 EU/EEA/UK Residents (GDPR)
- Right to restrict processing of your personal data.
- Right to object to processing based on legitimate interests.
- Right to lodge a complaint with your local data protection authority.
6.3 Australian Residents
- You have rights under the Privacy Act 1988, including access to and correction of your personal information.
- You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).
6.4 California Residents (CCPA/CPRA)
- Right to know what personal information is collected and how it is used.
- Right to request deletion of your personal information.
- Right to opt-out of the sale or sharing of personal information. Note: We do not sell or share your personal information.
- Right to non-discrimination for exercising your privacy rights.
To exercise any of these rights, please contact us at the email address listed below.
7. Account Deletion
You can request deletion of your account and all associated data at any time by contacting us via email. Upon receiving a verified deletion request:
- Your account and personal profile will be deleted within 30 days.
- All workout logs, test results, fasting logs, and program data associated with your account will be permanently deleted.
- Any active subscriptions should be cancelled through your app store (Apple App Store or Google Play Store) before requesting account deletion.
- We will confirm deletion via email once complete.
8. Third-Party Services
The App uses the following categories of third-party services:
| Service Category |
Purpose |
Data Processed |
| Cloud Hosting |
Data storage and app hosting |
All user data (encrypted) |
| Email Delivery |
Password reset emails |
Email address |
| AI Processing |
PDF program parsing |
Uploaded PDF text content |
Each third-party service provider is bound by data processing agreements and is required to protect your data in accordance with applicable laws.
9. Children's Privacy
The App is not intended for use by children under the age of 16 (or 13 in jurisdictions where a lower age threshold applies). We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us immediately.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer your data internationally, we ensure appropriate safeguards are in place, including:
- Standard contractual clauses approved by the European Commission.
- Data processing agreements with all service providers.
- Compliance with applicable cross-border data transfer regulations.
11. Biometric Data
The App supports optional biometric authentication (Face ID/Touch ID) for convenient login. Biometric data is processed entirely on your device using your device's built-in security framework (Apple Face ID/Touch ID or Android BiometricPrompt). We never receive, transmit, or store your biometric data on our servers.
12. Push Notifications
You may opt in to receive push notifications for workout reminders and other updates. You can disable push notifications at any time through your device settings. We do not use push notification tokens for tracking or advertising.
13. Cookies and Tracking
The App does not use cookies. We do not use any third-party tracking, analytics, or advertising SDKs that track you across apps or websites. We do not participate in cross-app tracking or targeted advertising.
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page.
- Notify you via email or in-app notification for significant changes.
- Obtain your consent where required by applicable law.
We encourage you to review this policy periodically for any changes.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
We will respond to all privacy-related inquiries within 30 days (or sooner where required by applicable law).