Compliance Level: GDPR 2026 / HIPAA Compliant
We collect Biometric Data (Recovery scores, heart rate trends), Geolocation Data (for facility check-in verification), and Financial Data (via Stripe).
Your fitness data is processed using the Gemini AI API to provide "personalized fitness engagement and retention services." This includes the generation of workout plans and churn risk analysis.
In compliance with GDPR, users may request the deletion of their profile at any time. This will trigger a permanent wipe of the Member Profile and anonymize all historical check-in records.
All health-related data is encrypted at rest using industry-standard AES-256 encryption within the Google Cloud Platform.