FitLite Privacy Policy
FitLite is an offline-first fitness app. We don't collect your personal data. Your training plan, history, body data, and food log all live on your device only. This policy lists every data flow the app touches so you can judge the risk.
1. What we don't collect
- No name, email, phone number, Apple ID, location, or device-unique identifier
- No upload of training plan, records, weight, food, or habit times to any server
- No account system, no cloud sync
- No events sent to third-party analytics platforms (Firebase Analytics, Umeng, etc.)
2. On-device data
FitLite writes the following into the iOS app sandbox (AsyncStorage / SecureStore), readable only by you:
- Profile: gender, age, height, weight, fitness goals, level
- Training plan and workout records
- Daily water, food, and soreness logs
- Locally-scheduled training reminders
- Local cache of subscription / tip status (no payment details)
This data is wiped when you delete the app. The Settings page also has a "Clear all data" button to wipe manually.
3. Coach chat (optional)
The Coach tab uses Google Gemini first, then degrades:
- Primary: when a Gemini API key is configured at build time and the network is available, your typed text is sent to Google's servers to generate a reply. No name, device ID, Apple ID, or other identifier attached. Google's API policy: ai.google.dev/gemini-api/terms
- System fallback (iOS 26+): if Gemini is unavailable, the app calls Apple Intelligence's Foundation Models framework, fully on-device inference; input and output never leave your iPhone.
- Final fallback: if both layers fail, a local rule-based engine generates a templated reply, fully offline.
None of these layers upload your training records, weight, or food logs.
4. Ads (free tier only)
Free users see Google AdMob banner ads during workout rest periods. The SDK's data scope:
- AdMob reads IDFA for personalized ads only after you choose "Allow Tracking" in iOS's ATT dialog
- If you choose "Ask App Not to Track", the app uses non-personalized ads and IDFA is not read
- SKAdNetwork (Apple's privacy-preserving attribution) sends one-time install / conversion reports without personal data
- AdMob policy: policies.google.com/privacy
Subscribing to the ad-free tier disables all ad SDK calls.
5. In-app purchases
All tips and subscriptions go through Apple's App Store IAP. FitLite never touches your payment info — we only receive a boolean "owns active subscription / completed tip" signal from Apple, kept locally.
- Subscriptions auto-renew at the listed price 24h before the period ends
- Cancel anytime in Settings › Apple ID › Subscriptions
- Refunds are handled by Apple at reportaproblem.apple.com
6. Health data (optional)
The "Today's burn" card can read today's step count from the iOS Health app to estimate walking energy. The flow:
- Steps are read only after you tap "Sync from Health" and grant permission in the system dialog
- Read scope is limited to today's steps; no other categories (heart rate, sleep, weight, etc.)
- FitLite never writes to Health and never uploads steps to any server
- Steps stay in the same app sandbox as training records
- If you skip this feature, manual entry works just as well; Health permission is not required
7. Notifications
Workout reminders are scheduled and delivered fully on-device through iOS's notification system. FitLite has no push server and sends no marketing notifications.
8. App update check
On launch (and when you tap "Check for updates" in Settings), the app makes one HTTPS request to Apple's itunes.apple.com/lookup endpoint, sending only the bundle ID (com.fitai.dw.app) to query the current published version. The request carries no user identifier; the recipient is Apple's own service.
9. Children's privacy
FitLite is not intended for children under 13. We don't knowingly collect children's data. If you believe a child is using the app without guardian consent, contact us to delete their local data.
10. Policy changes
When this policy is updated, the "Last updated" date at the top changes. Material changes (e.g., new data uploaded) will also be flagged inside the app.
11. Contact
For privacy questions, email may266166@gmail.com.