Privacy Policy

Privacy Policy

Effective date: 11 Sep 2025NovaFitLab

This Privacy Policy explains how NovaFitLab (AI Trainer & Nutritionist) collects, uses, and protects your information when you use our services—such as AI coaching, WhatsApp meal logging, PhonePe billing, and FitCoins rewards. If you do not agree with this policy, please do not use our services.

What we collect

  • Account & profile — name, mobile/email, age/height (if provided), goals, dietary preferences, equipment.
  • Logs — meals, workouts, weight/measurements, habit entries, and WhatsApp messages/photos you send us.
  • Payments — subscription status, transaction IDs and amounts from PhonePe (we do not store full card/UPI details).
  • Usage & device — app actions, approximate location (IP-based), browser/device data, cookies similar technologies.

How we use it

  • Personalize coaching, plans, insights, and reminders.
  • Process payments, manage trials, subscriptions, and receipts.
  • Run the rewards program (FitCoins) and prevent abuse/fraud.
  • Improve reliability, safety, and performance; debug issues.
  • Comply with legal obligations and enforce our Terms.

Lawful bases (GDPR)

Where applicable, we process data under one or more of:

  • Contract — to provide the service you requested (e.g., plans, logging, billing).
  • Legitimate Interests — to secure, improve, and measure service usage.
  • Consent — for optional analytics/communications where required; you can withdraw any time.
  • Legal Obligation — to meet applicable laws (e.g., tax, accounting, KYC if required by payment partners).

Sharing & processors

We do not sell your personal data. We share data with the following categories of processors under binding contracts and only as needed to run the service:

  • Cloud hosting & storage (e.g., infrastructure providers).
  • Analytics & error monitoring (aggregate/app diagnostics).
  • WhatsApp integration partners (message/photo ingestion).
  • Payments & billing (e.g., PhonePe) for subscriptions and receipts.
  • Customer support tooling (communications you initiate).

A current list of subprocessors is available upon request at privacy@novafitlab.com.

Data retention

We keep personal data only as long as necessary for the purposes above, including: account lifecycle, legal/operational requirements, or until you delete your account or request deletion. Backups may persist for a limited period.

Security

We use administrative, technical, and organizational measures designed to protect your information (e.g., encryption in transit, access controls, least-privilege). No system can be 100% secure, but we continuously improve our safeguards.

International transfers

We may process data in countries different from where you live. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) to protect your data across borders.

Your rights

You may have rights under data-protection laws (vary by region), including to:

  • Access, correct, update, or delete your personal data.
  • Object to or restrict certain processing; withdraw consent.
  • Port data (receive a copy in a portable format).
  • Opt out of optional analytics/marketing communications.

To exercise these rights, contact us at privacy@novafitlab.com. We may need to verify your identity before responding. If we cannot resolve your concern, you may have the right to contact your local supervisory authority.

Children’s privacy

Our services are not intended for individuals under the age of 16. If you believe a child provided us personal data, please contact us; we will delete it where required by law.

Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version with a new “Effective date” and, where appropriate, notify you via the app or email.

Contact us

Questions or requests? Email privacy@novafitlab.com.

This summary aims to be clear and readable. If any part conflicts with applicable law, the law controls.

Terms of ServiceHomeBack to top