Privacy Policy

SYNAP ("we", "our", or "us") operates the platform available at synapfit.app. We provide AI-powered personal training services, including adaptive diet plans, workout programming, body tracking, and nutrition logging through our AI trainer, Ion.

For questions about this policy, contact us at ion@synapfit.app.

2.1 Information You Provide

• Account data: Name, email address, and password when you register.
• Profile data: Age, gender, height, weight, fitness goals, dietary preferences, and health conditions you choose to share.
• Body measurements: Up to 13 body measurements you log over time.
• Nutrition data: Meals, foods, and calories you log manually or via food photo scan.
• Workout data: Exercise completions, weights, sets, and reps you log.
• Progress photos: Images you voluntarily upload for progress tracking (Elite tier).
• Apple Health data: If you connect Apple Health in the iOS app, we may read steps, active calories, heart rate, and body weight with your permission. You can deny or revoke access in iOS Health settings.
• Communications: Messages you send to Ion, support inquiries, and contact form submissions.
• Payment data: Billing is handled by Lemon Squeezy. We do not store your card details.

2.2 Information Collected Automatically

• Usage data: Pages visited, features used, session duration, and interaction patterns.
• Device data: Browser type, operating system, device type, and IP address.
• Log data: Server logs, error reports, and performance data.

We use your data to:

• Generate and adapt your personalized diet and workout plans.
• Power Ion's AI coaching, responses, and proactive check-ins.
• Track your progress and generate weekly reports (Elite).
• Use Apple Health data you choose to share to improve activity-aware coaching and measurement tracking.
• Process payments and manage your subscription.
• Send transactional emails (trial reminders, plan updates, weekly reports).
• Improve our AI models, product features, and service quality.
• Comply with legal obligations and enforce our Terms of Service.

We do not sell your personal data to third parties. We do not use your data for advertising targeting outside the SYNAP platform.

We share your data only with trusted service providers under strict data processing agreements, and only to the extent necessary to operate and improve the platform. These include:

• AI infrastructure providers: Your messages to Ion are processed by our AI systems to generate coaching responses. Their data processing policies apply.
• Cloud infrastructure and database providers: Your account and fitness data is stored securely on our cloud infrastructure.
• Payment processors: All billing is handled by our payment provider under PCI-DSS compliance. We never see or store your card number.
• Email delivery: Transactional emails are sent via a secure email delivery service.
• Hosting and CDN: Our platform is hosted on enterprise-grade cloud infrastructure.

We may disclose your data if required by law, court order, or to protect the rights and safety of SYNAP and its users.

We retain your account data for as long as your account is active. If you delete your account, we remove your personal data within 30 days, except where we are required by law to retain it longer.

Anonymised, aggregated data (used to improve Ion) may be retained indefinitely.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the data we hold about you.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of your personal data ("right to be forgotten").
• Portability: Receive your data in a machine-readable format.
• Objection: Object to certain types of processing.
• Withdrawal of consent: Withdraw consent at any time where processing is consent-based.

To exercise any of these rights, email us at ion@synapfit.app. We will respond within 30 days.

We implement industry-standard security measures including:

• TLS/HTTPS encryption for all data in transit.
• Encrypted storage for sensitive fields at rest.
• Row-level access controls ensuring users can only access their own data.
• Secure secrets management — credentials are never exposed in client-side code.
• Server-side-only access for privileged operations.

No system is completely secure. If you believe your account has been compromised, contact us immediately at ion@synapfit.app.

We use only essential cookies required for authentication (session tokens) and basic functionality. We do not use advertising cookies or third-party tracking cookies.

SYNAP is not intended for children under 16 years of age. We do not knowingly collect data from minors. If you believe a child has provided us with personal data, please contact us and we will promptly remove it.

Your data may be processed in countries outside your own. We ensure appropriate safeguards are in place for such transfers in accordance with applicable data protection laws, including standard contractual clauses or equivalent mechanisms where required.

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice in the app. Continued use of SYNAP after the effective date of changes constitutes acceptance of the updated policy.

For any privacy-related questions, requests, or concerns:

Email: ion@synapfit.app

Website: synapfit.app