Privacy Policy for Repit Fitness AB

    Last Updated: 2025-12-07

    1. Introduction

    Repit Fitness AB (Corp. Reg. No. 559519-4357). This Privacy Policy ("Policy") describes how we collect, use, store, and protect your personal data when you use our service, including the application "Repit Fitness" and related digital training solutions ("the Service").

    We offer the Service based on a "Freemium Model," meaning some parts are free while others require a paid subscription ("Repit Plus"). We comply with applicable data protection laws, including the EU General Data Protection Regulation (GDPR, 2016/679) and the Swedish Data Protection Act (2018:218).

    By using the Service, you consent to the processing of your data according to this Policy. For questions, please contact us at hello@repitfitness.se.

    2. Definitions

    Personal Data: Information that can identify you, such as name and email address.

    The Service: The Repit Fitness app (both the free version and Premium Services) and related digital solutions. The Premium Service is called "Repit Plus".

    User: You, the person using the Service.

    Third Party: External providers such as Apple, Google, and analytics partners that support our service.

    3. What Personal Data We Collect

    We collect the following types of Personal Data to deliver and administer both free and premium services:

    3.1 Data You Provide:

    Name, email address, date of birth, height, weight, body measurements, and other training data (weight, reps, sets for various exercises).

    3.2 Purchase and Subscription Information (New):

    To manage your Premium access, trial periods, and discounts, we process:

    • Subscription Status: Information on whether you have an active subscription, the type of subscription (monthly/yearly), and its validity period.
    • Transaction History: Information regarding purchases, renewals, use of free trials, and any discount codes.

    IMPORTANT NOTE ON PAYMENT DETAILS: Repit Fitness AB does not collect, store, or process your card details (card number, CVC codes). All payment transactions are handled entirely by the Apple App Store or Google Play Store. They are the data controllers for your financial information.

    3.3 Automatically Collected Data:

    • Device Information: Device ID, operating system, IP address, and language settings.
    • Usage Data: How you interact with the app, which features you use, and times of activity.
    • Location Data: Only if you give explicit permission within the app.

    3.4 User-Generated Content:

    Images, text, or other contributions you upload in the app.

    4. Purposes and Legal Basis for Processing

    We process your Personal Data for the following purposes and based on the specified legal grounds:

    • Providing the Service (Basic): For logging workouts and providing recommendations via our AI. Legal Basis: Performance of a Contract (GDPR Art. 6.1.b).
    • Managing Subscriptions and Payments (Repit Plus): To activate Premium features, manage automatic renewals, verify Free Trials, and apply discount codes. Legal Basis: Performance of a Contract (GDPR Art. 6.1.b).
    • Improving the Service: Analyzing usage patterns to optimize functionality and user experience. Legal Basis: Legitimate Interest (GDPR Art. 6.1.f).
    • Communication: Sending operational information, welcome emails, or responding to support inquiries. Legal Basis: Contract or Legitimate Interest (GDPR Art. 6.1.b, 6.1.f).
    • Marketing: Displaying relevant offers or advertisements based on usage patterns (if you have consented). Legal Basis: Consent or Legitimate Interest (GDPR Art. 6.1.a, 6.1.f).
    • Legal Obligations: Complying with legal requirements, e.g., accounting for transactions (Swedish Accounting Act). Legal Basis: Legal Obligation (GDPR Art. 6.1.c).

    5. How We Collect Your Personal Data

    • Directly from You: When you create an account, log training, or enter a discount code.
    • From Third Parties (App Store / Google Play): We receive automatic updates on your subscription status (e.g., "Renewed," "Cancelled," "Trial Started") from Apple and Google.
    • Automatically: Via tools like Mixpanel and cookies when using the Service.

    6. Storage of Personal Data

    Storage Period (General): We store your Personal Data for a maximum of two (2) years from your last activity in the Service. If you are inactive for over two years, we automatically delete your Personal Data.

    Storage Period (Transactions): Information about purchases and subscription history may be stored for up to seven (7) years in accordance with the Swedish Accounting Act, even if you close your account earlier.

    Location: Your data is securely stored via Firebase, with servers within the EU or in countries with an adequate level of protection.

    Security: We use encryption and strict access controls to protect your data.

    7. Sharing of Personal Data

    We never sell your Personal Data. We only share it with the following categories of recipients:

    App Stores (Payment Intermediaries):

    Apple (App Store) & Google (Play Store): We share necessary identifiers with these parties to validate your subscription and handle payments. These parties are independently data controllers for payment data.

    Service Providers (Third-Parties):

    We use providers for operation and analytics:

    • Firebase (Google Cloud): Storage and authentication.
    • Mixpanel: Analysis of user behavior.
    • Gemini (Google): For AI-driven analysis and training recommendations.

    Advertising and Attribution Services:

    (e.g., TikTok SDK, Meta SDK, Google Ads SDK) for marketing and measuring the effectiveness of campaigns.

    Legal Requirements:

    We may share Personal Data if required by law or official decision.

    8. Your Rights

    You have full control over your data under GDPR:

    • Right of Access: Obtain an extract of all data we hold about you.
    • Right to Rectification: Correct inaccurate data.
    • Right to Erasure ("Right to be Forgotten"): Request that we delete your account and data.

    Note: Deleting the account in the app does not automatically cancel the payment handled by Apple/Google. You must cancel the subscription yourself in your App Store settings.

    • Right to Withdraw Consent: For example, for location data or marketing.

    Contact us at hello@repitfitness.se to exercise these rights.

    9. User-Generated Content

    You are responsible for content you upload. We assume no responsibility for the nature of the content.

    10. Cookies and Tracking Technologies

    We use cookies and similar technologies (e.g., IDFA/GAID) to analyze usage and, with your consent, deliver relevant marketing. You can control this in your device settings.

    11. Children and Minors

    The Service is not intended for children under 13 years of age. For the purchase of Premium Services, you must be at least 18 years old or have parental consent, as this involves a legal payment agreement.

    12. Transfer of Data Outside the EU/EEA

    Some of our providers (e.g., Mixpanel, Google) may have servers in the USA. We ensure protection through the European Commission's Standard Contractual Clauses (SCCs) and other security measures.

    13. Changes to the Privacy Policy

    We may update this Policy, for example, with new features or pricing models. In the event of material changes, we will notify you via the app or email. Continued use implies acceptance of the changes.

    14. Contact Information

    Repit Fitness AB

    Träringen 34 E

    416 79 Gothenburg, Sweden

    Email: hello@repitfitness.se

    Website: www.repitfitness.se

    If you believe that we are handling your data incorrectly, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY).

    15. Miscellaneous

    This Policy applies in conjunction with our Terms and Conditions. Consumer law regulations (e.g., regarding the right of withdrawal for digital services) apply in addition to this Policy.