Privacy Policy
Effective date: September 1, 2025
This Privacy Policy describes how FaceFit (“we”, “us”, or “our”) collects, uses, and protects information in the FaceFit mobile and web applications for gym owners, staff, and members. By using FaceFit, you agree to this Policy.
1) What We Collect
- Account & Member Data: name, phone number, date of birth, gender, membership plan and dates, gym association.
- Biometric Data: face embeddings/face vectors used only for identity verification during attendance. We do not store raw camera frames for recognition.
- Media: optional profile photos uploaded by owners/staff.
- Device & Usage: app version, device model, crash/diagnostic logs, interaction events.
2) How We Use Data
- Verify member identity and mark attendance.
- Manage memberships, renewals, and expiry reminders.
- Display dashboards and generate reports for authorized gym staff/owners.
- Maintain security, prevent abuse, and improve features.
3) Legal Bases
We process data based on your consent, our legitimate interests in providing the service, and to fulfill contracts with gyms using FaceFit.
4) Data Sharing
- We do not sell personal data.
- Data is visible to authorized gym owners/staff for their members only.
- We may disclose information to comply with laws or protect rights, safety, and security.
- Service providers (e.g., Google Firebase) process data on our behalf under confidentiality agreements.
5) Storage, Location & Security
FaceFit uses Google Firebase services (Authentication, Firestore, Cloud Storage, Cloud Functions). Data may be stored in Google data centers and may be transferred and processed in other countries subject to appropriate safeguards.
- Transport-layer encryption (HTTPS) and access control rules.
- Least-privilege access for staff; audit logging where applicable.
- Biometric face vectors are encrypted at rest in Firestore/Storage.
6) Data Retention
We keep personal data only as long as needed for the purposes above. On membership termination or upon request, we delete or anonymize data within a reasonable period unless retention is required by law or for legitimate business purposes (e.g., fraud prevention, accounting).
7) Your Choices & Rights
- Access, update, or delete your profile data.
- Withdraw consent for face recognition; we will delete your face vectors and disable biometric attendance for your profile.
- Export your data where technically feasible.
- Members should contact their gym owner/admin; owners can also email us using the contact below.
8) Children
FaceFit is intended for gym members. We do not knowingly collect data from children under 13. If you believe a child has provided data, contact us for prompt removal.
9) App Permissions
- Camera: capture face images locally for liveness/verification and attendance.
- Storage/Photos (optional): upload a profile image.
- Internet: sync with Firebase services.
- Notifications (optional): reminders and updates.
10) Data Safety & Third Parties
We use Firebase Authentication, Firestore, and Cloud Storage to run FaceFit. Their handling of data is governed by Google’s terms and policies. Links to external sites are not operated by us; review their privacy practices.
11) Changes to This Policy
We may update this Policy. Changes take effect when posted on this page with an updated effective date.
12) Contact
FaceFit (Your Legal Entity)
facefit.fit@gmail.com • https://facefit.fit