Fitenome Fitenome
Support Terms EULA GDPR Delete account
ES
Legal document

Privacy Policy

Version 1.0 Last updated May 20, 2026 Effective date May 20, 2026
Index
  1. Legal definitions
  2. Introduction and scope
  3. Data controller
  4. Categories of data collected
  5. Legal bases for processing (GDPR)
  6. Purposes and automated decisions
  7. Coaching technologies and generative models
  8. Recipients and international transfers
  9. Processors and sub-processors
  10. Retention periods
  11. Your GDPR rights
  12. Multi-jurisdictional compliance
  13. Children
  14. Security measures
  15. Cookies and tracking
  16. App Store and Google Play specifics
  17. Payments and subscriptions
  18. Health data and medical disclaimer
  19. Complaints and supervisory authority
  20. Changes to this policy
  21. Contact and Data Protection Officer

0. Legal definitions

The following expressions have the meanings assigned to them in this document.

"Fitenome", "we", "us", or "the Service"
The Fitenome mobile app (iOS and Android), the website fitenome.com, the associated cloud services, and any interface that provides access to them.
"User" or "you"
The natural person who downloads, installs or uses Fitenome, whether in guest mode, with a personal account, or as part of a Premium subscription.
"Personal data"
Any information relating to an identified or identifiable natural person, as defined in Article 4(1) GDPR.
"Processing"
Any operation performed on personal data: collection, recording, organisation, storage, consultation, disclosure, erasure, etc.
"GDPR"
Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data.
"Periodization model"
Mathematical and pedagogical structure that organises your training season into macrocycles, mesocycles and microcycles. Fitenome uses four models: linear, daily undulating (DUP), ATR and maintenance.
"Anthropometry"
Body measurements such as weight, height, perimeters, estimated body fat and self-declared body composition.

1. Introduction and scope

This Policy describes how Fitenome processes personal data you provide or that the Service collects during use. It forms part — together with the Terms & Conditions and the End-User License Agreement (EULA) — of the contractual framework governing your relationship with us.

This Policy applies to:

  • The Fitenome mobile app for iOS and Android, distributed via App Store and Google Play.
  • The website https://fitenome.com and its subdomains.
  • The cloud services (Cloud Functions, Firestore) backing plan generation, sync and purchase verification.

It does not apply to third-party sites or services we link to. Each of those has its own policy that we recommend you read.

Quick read: Fitenome is an evidence-based strength training app. We process body and workout data only to design and show you a personalised plan. We never sell your data and we never share it with advertisers. Primary servers in the European Union (europe-west1).

2. Data controller

OwnerIván Rojas Manzano (Fitenome project)
Fiscal addressSpain. Available on reasonable request via private channels.
General privacy emailsupport@meetagape.com
Data Protection Officersupport@meetagape.com
Supervisory authoritySpanish Data Protection Agency (AEPD) — aepd.es

3. Categories of data collected

3.1 Account and authentication

  • Email (or Apple Private Relay alias like xxxx@privaterelay.appleid.com).
  • Display name and, if provided to your identity provider, profile photo.
  • Identity provider: Google, Apple, or email + password.
  • Unique identifier (UID) issued by Firebase Authentication.
  • Creation date, last sign-in, email verification status.
  • Device language (ISO code like en, es).

3.2 Sport profile and anthropometry

  • Sex, age, height, weight, estimated body-fat percentage (optional).
  • Activity level and declared goal (hypertrophy, strength, recomp, health, maintenance).
  • Computed macro targets (calories, protein, carbs, fats, fiber).
  • Historical changes of goal with their effective date.

3.3 Training data

  • Plan structure: macrocycle, mesocycles, microcycles and planned sessions.
  • Periodization model picked by the system (linear, undulating, ATR or maintenance) and the textual rationale.
  • Completed sessions: date, title, type, duration, total volume, RPE, subjective fatigue, pain notes, anatomical pain areas, planned exercises, actual per-set logs (reps, weight, RIR).
  • Readiness check-ins: sleep, soreness, mood, pain areas, adjusted load proposed for the day.
  • PRs, exercise swaps requested, deloads applied.

3.4 Nutrition data

  • Food entries by meal (breakfast, pre-workout, lunch, post-workout, snacks, dinner): name, brand, grams, computed macros, source.
  • Dietary preferences: pantry items, likes, allergies, restrictions (vegan, gluten-free, etc.), free-form notes.
  • Meal suggestions generated for you and which ones you accepted or dismissed.

3.5 Usage-derived data

  • Weekly adherence, consecutive-day streak, % of completed sessions per microcycle.
  • Estimated internal load (Foster sRPE), tonnage, distribution per muscle group.
  • Coach state: last readiness date, pending deload proposal, request for next mesocycle.

3.6 Technical data

  • Guest identifier (no-account mode): truncated SHA-256 hash of the inbound IP + the first 120 chars of the User-Agent, prefixed with guest:. Used only to enforce monthly quotas and deduplicate the plan cache; does not identify you directly and is never cross-referenced with a real identity.
  • UID issued by Firebase Authentication for registered users (28-char opaque alphanumeric).
  • Quota counters in the server-only collection usage/{uid}, with per-window fields like generatePlan_2026_05, parseFoodFromImage_2026_05_13, regenerateMicrocycle_2026_W19.
  • IP address and User-Agent received transiently by Cloud Functions during a request — Google Cloud retains these in its operational logs per its default policy (typically 30 days for Cloud Logging) and they are not stored attached to your account in our collections.
  • App and OS version when you report a bug.
  • Camera permission (iOS): requested only when you tap the barcode scanner; the system prompt reads "Fitenome uses the camera to scan food barcodes". Barcode recognition is performed on the device with Google ML Kit (no image is sent to any server).

3.7 What we do NOT collect

Fitenome does NOT access: your calendar, geolocation, microphone, camera roll (unless you explicitly pick a photo from the system picker), biometric sensors, contacts, SMS, calls, Apple Health or Google Fit records. The app ships without any tracking SDK: no Google Analytics, no Facebook Pixel, no Mixpanel, no Amplitude, no PostHog, no Sentry for behavior telemetry. The only system permission declared on Android is android.permission.INTERNET; on iOS, only NSCameraUsageDescription for the scanner. If we ever add any of the above, we will request informed consent and update this Policy.

4. Legal bases for processing (GDPR)

ProcessingLegal basis
Create and maintain your account, cloud sync, training plan and macros generation.Performance of a contract (Art. 6(1)(b) GDPR).
Premium purchase verification on App Store and Google Play and subscription attribution.Performance of a contract (Art. 6(1)(b)).
Operational logs, abuse prevention, quota enforcement, subscription fraud prevention.Legitimate interest (Art. 6(1)(f)).
Handling your rights requests and security communications.Legal obligation (Art. 6(1)(c)).
Processing of sensitive health-related data (weight, declared pain, body fat).Explicit consent (Art. 9(2)(a)), given when you voluntarily enter those data in the anthropometry / readiness flow. Withdrawable any time.
Service communications (password reset, email verification).Performance of a contract.

We do not profile for advertising. We do not process your data to take decisions with legal effects on you.

5. Purposes and automated decisions

  1. Generate your training plan based on your anthropometry, experience, goal and weekly availability.
  2. Adapt the plan to weekly fatigue: readiness check-ins modify the day's proposed load.
  3. Compute macros and meal plans: from weight, height, age, sex, activity and goal (Mifflin-St Jeor model with body-composition corrections).
  4. Show progress: adherence rings, streak, historical anthropometry, PRs.
  5. Comply with contractual and legal obligations.

Some decisions are automated (Article 22 GDPR):

  • The periodization model selection is automatic, based on initial assessment answers (level, goal, days available, peak schedule). You may request human review by writing to support@meetagape.com.
  • The automatic load adjustment after a readiness with high pain or fatigue is a deterministic calculation, not AI (Foster sRPE, RIR/RPE autoregulation).
  • The meal proposals and exercise swaps (Premium) are generated by language models (see §6). You can always ignore or replace any proposal without penalty.

The server functions materialising these decisions are: generatePlan, regenerateMicrocycle, suggestSubstitute, parseFood, parseFoodFromImage, suggestMeals, verifyPremiumPurchase and deleteAccount. All run in Google Cloud's europe-west1 region and are invoked only by the authenticated app or by guest-mode app over Firebase-signed channels.

6. Coaching technologies and generative models

To build your plan, swap an exercise, or suggest meals, Fitenome sends a reduced and anonymised context of your sport profile to a language-model API provided by Google LLC (Google Gemini). Specifically:

  • Model used: gemini-2.5-pro for Premium subscriptions and gemini-2.5-flash-lite for the free plan. The tier is selected server-side based on verified entitlement.
  • What we send: your level, goal, weekly availability, declared anthropometry and — for meals — your dietary preferences. The userContext is truncated to a maximum of 4,000 characters before being forwarded to the model.
  • Opaque account identifier (UID or guest id guest:<hash>) — used only for deterministic cache and quota attribution.

What is not sent: your email, your name, your profile picture, your IP address in clear, or any device identifier.

The API key (GEMINI_API_KEY) lives exclusively in Google Cloud Secret Manager and is never bundled with the app. Calls are made from Cloud Functions in europe-west1. Responses are deterministically cached in planCache/{key}, with key = sha256(SCHEMA_VERSION | tier | model | normalized_userContext) and an automatic TTL of 90 days; this cache is only accessible to our server functions and never exposed to the client.

Google Cloud and Google AI Studio act as processors. See the Google Cloud DPA.

Transparency: the content shown as "plan", "meal suggestion" or "exercise swap" is generated with the assistance of language models and validated by deterministic rules. It must never be interpreted as medical or nutritional advice individualised by a healthcare professional.

7. Recipients and international transfers

RecipientPurposeLocation
Google Ireland Ltd (Firebase / Cloud)Hosting, authentication, Firestore database, Cloud Functions, Cloud Logging.EU (region europe-west1) with global replicas per Google policy.
Google LLC (Gemini API)Plan generation, exercise swap, meal suggestions, food-label parsing.Processed by Google under Google Cloud DPA and applicable SCCs.
RevenueCat Inc.Server-to-server validation of App Store and Google Play receipts and issuance of the Premium entitlement (lookup_key = "pro"). Receives the opaque account id and the purchased product id.RevenueCat Inc., 1100 Alma St, Suite 100, Menlo Park, CA 94025, USA — under SCCs and DPF.
Apple Distribution International LtdiOS payment processing, JWS-signed receipt and subscription customer service.Apple Distribution International Ltd, Hollyhill Industrial Estate, Hollyhill, Cork, Ireland; Apple Inc. (USA) under SCCs and DPF.
Google Commerce LtdAndroid payment processing and purchaseToken on Google Play.Google LLC (USA) under SCCs and DPF.

Whenever data travels outside the EEA we rely on the EU Standard Contractual Clauses (Commission Decision 2021/914) and, where applicable, the EU-US Data Privacy Framework (Apple, Google and RevenueCat are listed as active DPF organisations). None of these recipients receive data for advertising purposes.

8. Processors and sub-processors

  • Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) — Firebase Authentication, Cloud Firestore, Cloud Functions for Firebase, Cloud Logging, Cloud Secret Manager and Cloud Storage.
  • Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) — Google Gemini API (gemini-2.5-pro and gemini-2.5-flash-lite) and Google ML Kit on-device (barcode scanner).
  • RevenueCat Inc. (1100 Alma St, Suite 100, Menlo Park, CA 94025, USA) — subscription verification, entitlement management, purchase event webhooks (renewal, refund, expiration, plan change). Project ID: proj0d5182cb. RevenueCat acts as an intermediary between Fitenome and the Apple App Store Server / Google Play Developer APIs so Fitenome never directly handles store-signed tokens.
  • Apple Distribution International Ltd (Hollyhill, Cork, Ireland) — App Store distribution and iOS payment processing.
  • Google Commerce Ltd (Gordon House, Barrow Street, Dublin 4, Ireland) — Google Play payment processing.

9. Retention periods

CategoryPeriod
Account and profileWhile the account is active. Deleted 30 days after closure request.
Completed sessions and readinessDeleted along with the account or when the user removes them individually.
Sensitive anthropometric dataKept only while explicit consent is in force; withdrawable any time.
Generated-plan cache30 days from last read; auto-purged.
Security and abuse logs90 days default, up to 1 year if an incident is open.
Premium receipts6 years (Spanish accounting obligation, Art. 30 Commercial Code).

10. Your GDPR rights

  • Access (Art. 15): receive a copy of the personal data we process about you.
  • Rectification (Art. 16): correct inaccurate or incomplete data.
  • Erasure / "right to be forgotten" (Art. 17): you can self-serve from Profile → Delete my account or write to us.
  • Restriction (Art. 18): pause processing of specific data.
  • Portability (Art. 20): receive your data in structured (JSON) format and transmit it to another controller.
  • Objection (Art. 21): object to processing based on legitimate interest.
  • Not to be subject to automated decisions (Art. 22).
  • Withdraw consent at any time without retroactive effect.
  • Lodge a complaint with the AEPD (Art. 77).

Write to support@meetagape.com with reasonable proof of identity. We reply within 30 days, extendable by two months on complex requests (we will inform you). Free of charge.

11. Multi-jurisdictional compliance

  • UK GDPR and Data Protection Act 2018 for UK users. ICO as supervisory authority: ico.org.uk.
  • CCPA / CPRA (California): residents may exercise rights to know, delete, correct and opt-out of sale. Fitenome does not sell or share your personal data as defined in CPRA.
  • LGPD (Brazil), PIPEDA (Canada), Privacy Act 1988 (Australia), APPI (Japan) where applicable.

12. Children

Fitenome targets people 16 and older with prior training experience. We do not knowingly collect personal data from children under 14. If you believe a child has shared data with us, please email support@meetagape.com and we will delete it.

13. Security measures

  • In transit: TLS 1.2+ on all client↔server and server↔processor communications.
  • At rest: Google Cloud encrypts Firestore and Cloud Storage by default with managed keys (AES-256).
  • Per-user isolation: Firestore rules (firestore.rules) prevent any user from reading or modifying another user's data (request.auth.uid == uid). The system collections usage/{uid}, planCache/{key} and substituteCache/{key} are not client-accessible (explicit rule allow read, write: if false;).
  • Secrets: GEMINI_API_KEY and REVENUECAT_SECRET_KEY live in Google Cloud Secret Manager and are injected at runtime only into the Cloud Functions that need them. Never bundled with the app.
  • Quotas: per-user limits (daily, weekly, monthly or lifetime, depending on the function) atomically enforced within a Firestore transaction before any model call. Example: 2 plan generations/month on free tier, 5 on Premium.
  • Deterministic cache: model responses are cached in planCache with a 90-day TTL to avoid redundant LLM calls; expired entries are auto-purged by Firestore TTL policy.
  • Minimisation: we only send a reduced (≤ 4,000 chars) and anonymised context to the LLM.
  • Server-side purchase verification: the Premium entitlement is never granted client-side. The verifyPremiumPurchase function queries RevenueCat V2 API with a secret key and mirrors the state into users/{uid}.premium, capturing refunds, billing issues and voluntary cancellations.
  • App Check / Play Integrity (when applicable): optional binary attestation limiting abuse of callable functions.
  • Cascade deletion: deleteAccount walks the sub-collections sessions, readiness, meals, events in batches of 400 docs, deletes the root users/{uid} document, then executes admin.auth().deleteUser(uid). The process is idempotent: if it is interrupted, it resumes cleanly from where it stopped.

14. Cookies and tracking

The website fitenome.com uses only technical cookies (selected language, session state). No analytics or advertising third-party cookies. The mobile app does not use advertising identifiers (IDFA, GAID) or tracking SDKs.

15. App Store and Google Play specifics

  • App Store Connect "App Privacy": contact info (email), identifiers (UID), product interaction, health and fitness, all linked to your account, none used for tracking across apps.
  • Google Play "Data Safety": account info, user content (workouts, meals), app activity. Encrypted in transit; deletable on request.

16. Payments and subscriptions

Premium subscriptions are processed exclusively via App Store (iOS) or Google Play (Android). Fitenome does not receive the card number, the last 4 digits of the PAN, or any billing data. The verification chain is:

  1. The store (Apple or Google) charges the user and issues a signed receipt (JWS on iOS, purchaseToken on Android).
  2. RevenueCat receives that receipt from the app SDK and validates it against Apple App Store Server API or Google Play Developer API. It is responsible for detecting refunds, billing issues, cancellations and plan changes.
  3. The Fitenome function verifyPremiumPurchase queries RevenueCat at GET /v2/projects/proj0d5182cb/customers/{uid}/active_entitlements with the server secret key and checks whether the entitlement "pro" is active.
  4. The canonical state is mirrored into users/{uid}.premium with fields isPro, expiresAt, store and productId so Firestore rules can gate Premium features without round-tripping RevenueCat on every read.

Active product identifiers include, among others, fitenome_pro_yearly (annual subscription). The full list is available on App Store Connect and Google Play Console.

RevenueCat only processes the opaque account id (UID), the purchased product id, start and expiration dates, the country code of purchase, and the entitlement state. It does not receive your email, name or anthropometry.

17. Health data and medical disclaimer

Fitenome is not a medical device and does not replace healthcare advice. Health data you enter (weight, pain, fatigue, estimated body fat) are used only to adapt a general training and nutrition plan.

Important: consult a physician before starting a strength program if you have cardiovascular conditions, musculoskeletal injuries, pregnancy, post-surgical recovery, or any other relevant medical circumstance. Fitenome may adjust load but does not diagnose or treat illness.

18. Complaints and supervisory authority

If you believe the processing of your data violates applicable law, you may lodge a complaint with the Spanish Data Protection Agency. We ask that you first try to resolve it by writing to support@meetagape.com; we reply within 30 days.

19. Changes to this policy

We may modify this Policy to reflect legal, technical or Service changes. For material changes, we will notify you by email (when we have a verified email) and via a prominent in-app banner at least 14 calendar days before the effective date. The current version is always available at fitenome.com/privacy-en.html.

20. Contact and Data Protection Officer

  • General privacy: support@meetagape.com
  • Data Protection Officer: support@meetagape.com
  • Rights center: fitenome.com/gdpr-en.html

Last revision: May 20, 2026.

Fitenome
Home Terms EULA GDPR Español