Privacy Policy

1. Who We Are

Trans Health & Fitness ("Trans Health & Fitness", "THF", "we", "us", or "our") provides a training app and related services designed for trans and non-binary athletes.

This Privacy Policy explains how we collect, use, and share information when you use:

• Our website at transhealthfitness.com
• Our mobile application
• Any other services that link to this Privacy Policy

Collectively, we call these the "Services."

By using the Services, you agree to this Privacy Policy. If you do not agree, please do not use the Services.

2. Information We Collect

We collect information in two main ways: information you give us, and information from third parties.

2.1 Information You Provide

Account Information

When you create an account or apply for access, you may provide:

• Name or chosen name
• Pronouns
• Email address
• Password or other authentication credentials

Profile and Training Information

Because Trans Health & Fitness is built for trans and non-binary athletes, you may choose to share information that some laws consider "sensitive" personal data, including:

• How you describe your gender or identity
• Whether you use a binder, how often, for how long, and what type
• Whether you are on hormone replacement therapy (HRT), the type (estrogen or testosterone), method of administration (pills, patches, injections, gel), frequency, schedule, and when you started
• General surgery status related to gender-affirming care (for example top surgery, bottom surgery, FFS, orchiectomy), including approximate timing and recovery stage
• Situations that may cause dysphoria (such as mirrors, crowded spaces, certain exercises), and any notes you choose to share about your comfort preferences
• Training experience level and fitness goals
• Equipment you have access to
• Your training environment preference (home, gym, studio, outdoors)

Workout Data

When you use the app, we collect:

• Workouts generated for you and the parameters used to create them
• Workouts you save as favorites, including any notes you add
• Completed workout sessions, including exercises performed, sets, reps, and perceived effort (RPE)
• Exercise modifications or swaps you make
• Pain or discomfort flags you report during workouts

Safety and Personalization Data

To keep you safe and provide relevant workouts, we log which safety rules are applied when generating your workouts. This helps us ensure the rules engine is working correctly and allows us to improve our safety protocols over time.

Payment Information

If we offer paid features in the future, payments will be processed by a third-party provider. That provider would collect your payment card number and billing details. We would receive confirmation of your payment and limited billing information (for example the last four digits of your card and subscription status), but we would not store your full card number on our servers.

Support and Communication

If you contact us by email or through in-app forms, we collect:

• Your contact details
• The content of your messages and any attachments you choose to send
• Metadata such as the date and time of the communication

2.2 Information from Third Parties

We may receive limited information about you from:

• Payment processors (if applicable), which would send us payment confirmations, subscription status, and limited billing details

We treat this information according to this Privacy Policy.

3. How We Use Your Information

We use your information for these purposes:

3.1 To Provide and Personalize the Services

• Create and manage your user account
• Generate workout programs tailored to your profile, preferences, and goals
• Apply safety rules based on the information you voluntarily share about binding, HRT, surgery stages, and dysphoria triggers
• Remember your settings, such as pronouns and equipment
• Save and sync your favorite workouts

3.2 To Support Safety and Quality

• Log which safety rules are applied to your workouts to ensure our safety engine is working correctly
• Monitor for patterns that suggest bugs, misuse, or potential safety issues
• Develop new features that better respect trans and non-binary experiences
• Collect equipment requests (when you tell us about equipment we don't yet support) to improve our exercise library

3.3 To Communicate with You

• Send service-related messages, for example account confirmations, security alerts, and important updates
• Respond to your questions, requests, and feedback
• With your consent where required, send optional product updates and beta invitations

3.4 To Operate, Secure, and Improve the Services

• Understand how people use the app so we can make it more reliable and accessible
• Debug and fix errors, improve performance, and test new designs
• Prevent, detect, and investigate fraud or abuse

3.5 To Comply with Legal Obligations

• Keep appropriate records
• Respond to lawful requests from public authorities where we are legally required to do so

We do not use your sensitive personal information for targeted advertising, and we do not sell your personal data.

4. Legal Bases for Processing (EEA and UK Users)

If you are in the European Economic Area or the United Kingdom, we process your personal data under these legal bases:

• Contract – to provide the Services you sign up for, including account management and personalized workouts
• Consent – especially for processing sensitive information such as gender identity and health-related data, and for certain communications
• Legitimate interests – such as improving the Services, ensuring security, and preventing abuse, where these interests are not overridden by your rights and freedoms
• Legal obligations – when we need to comply with applicable laws and regulations

You can withdraw your consent at any time, though this may limit some features.

5. How We Handle Sensitive Information

Information about your gender identity, HRT status, binder use, surgery stages, dysphoria triggers, and related health details may be considered sensitive or "special category" data.

We:

• Collect this information only when you voluntarily provide it
• Use it primarily to personalize workouts, apply safety rules, and improve relevance
• Restrict internal access to this information to people who need it to do their work
• Do not use this information for targeted advertising
• Do not sell this information to third parties

You can skip or remove some of this information in settings, though that may limit personalization and safety adjustments.

Trans Health & Fitness is not a medical provider and is not a covered entity under HIPAA. We treat your data with care, but the Services are not a substitute for medical care or a medical records system.

6. Local-First Data Storage

Your data stays on your device by default. We designed the app with a local-first architecture, meaning:

• Your profile, workout history, and session data are stored locally on your device
• Cloud sync is optional—you control whether your data is backed up to our servers
• If you enable cloud sync, your data is encrypted in transit and stored securely with our cloud provider (Supabase)
• You can use the app without enabling cloud sync

This means even if you never enable cloud sync, the app will work fully and your sensitive health information never leaves your device.

7. How We Share Your Information

We share your information in limited situations:

7.1 Service Providers

We work with trusted third-party providers who help us run and improve the Services, including:

• Supabase – Cloud hosting, database, and authentication services
• Email providers for account-related communications

They may only use your information to perform services on our behalf and must protect it appropriately.

7.2 Payment Processors

If we offer paid features in the future, your payment would be handled by a third-party payment processor. They would store and process your payment card details. We would receive payment confirmation and limited billing data, but not your full card number.

7.3 Aggregated or De-identified Data

We may use and share data that has been aggregated or de-identified so it cannot reasonably be used to identify you. For example, statistics such as the number of workouts completed or the percentage of users who train while binding.

We do not sell your personal data.

7.4 Legal and Safety

We may disclose information if we believe in good faith that it is reasonably necessary to:

• Comply with applicable law, regulation, legal process, or government request
• Enforce our terms of use or other agreements
• Protect the rights, property, or safety of Trans Health & Fitness, our users, or others

7.5 Business Transfers

If we are involved in a merger, acquisition, financing, or sale of all or part of our business, your information may be transferred as part of that transaction, subject to commitments consistent with this Privacy Policy.

8. Cookies and Similar Technologies

On our website, we may use cookies and similar technologies to:

• Remember your preferences
• Keep you signed in
• Measure traffic and usage patterns

You can control cookies through your browser settings. Some features may not work properly if you disable cookies.

The mobile app does not use cookies. Authentication and preferences are handled through secure local storage.

9. Data Security

We take reasonable technical and organizational measures to protect your personal information, including:

• Using reputable cloud and database providers (Supabase) with encryption in transit (HTTPS/TLS) and encryption at rest
• Storing authentication tokens in your device's secure storage (hardware-backed where available)
• Limiting access to personal data to people who need it to do their job
• Using authentication and access controls (Row Level Security) to protect data
• Requiring email verification for new accounts

However, no method of transmission or storage is completely secure. We cannot guarantee absolute security.

You are responsible for keeping your account credentials confidential and for promptly notifying us if you believe your account has been compromised.

10. Data Retention

We keep personal information for as long as reasonably necessary to provide the Services, operate our business, and comply with legal obligations.

In general:

• Account and profile data are retained while your account is active
• Workout history and session data are retained while your account exists, unless you request deletion
• Local data on your device remains until you delete the app or clear its data

When we no longer need personal information, we will delete or anonymize it, or, if that is not possible, we will securely store it and isolate it from further use until deletion is possible.

11. Your Rights and Choices

Depending on where you live, you may have rights regarding your personal information.

11.1 Access, Correction, and Deletion

You may have the right to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete information
• Request deletion of your personal information

You can often do this in the app via account settings. You can also contact us at taylor@transhealthfitness.com.

We may need to verify your identity before responding, and we may retain certain information where required by law or legitimate business needs.

11.2 Opting Out of Communications

You can opt out of non-essential emails (like newsletters or announcements) by using the unsubscribe link in those messages or contacting us. We may still send service-related messages, such as security alerts.

11.3 Additional Rights (EEA, UK, and Other Regions)

If you are in the EEA, UK, California, or other regions with specific privacy laws, you may have additional rights, such as:

• The right to object to certain processing
• The right to restrict processing in some circumstances
• The right to data portability

You can exercise these rights by contacting us at taylor@transhealthfitness.com. We will respond as required by applicable law.

12. Children's Privacy

Trans Health & Fitness is not intended for children under 16, and we do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information without appropriate consent, please contact us so we can delete it.

13. International Data Transfers

We are based in the United States, and your information may be stored or processed there or in other countries where our service providers operate. These locations may have privacy laws that differ from those in your jurisdiction.

Where required, we use appropriate safeguards (such as standard contractual clauses or similar mechanisms) to protect personal data transferred internationally.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. In some cases, we may provide additional notice (for example in-app or by email).

Your continued use of the Services after a revised Privacy Policy becomes effective means you accept the changes.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, you can contact us at: