NWFIT AI
PRIVACY POLICY
1. WHO SHOULD READ THIS PRIVACY POLICY?
If you visit and/or use our website or app, you should read this privacy policy to learn about how we collect, use, and process your personal data.
2. WHO IS THE DATA CONTROLLER?
JMD88 Investments LLC D/B/A Nw Fit
4030 Lakeview dr Sebring fl 33870
4030 Lakeview dr Sebring fl 33870
3. HOW DO WE COLLECT YOUR DATA?
● Data you directly provide to us: When you submit forms on our website or app, contact us, make payments, or participate in tournaments or challenges on our website or app, we collect various data about you.
● Data we automatically collect about you: When you visit our website or app, we use cookies and similar third-party technologies such as SDKs and analytics tools to automatically collect data about you.
4. WHAT TYPES OF DATA DO WE COLLECT ABOUT YOU?
● Basic personal details: We collect your basic personal data such as your name, surname, phone number, and email address.
● Financial details: When you make a payment on our website or app, we collect data such as payment method details, purchase details, and time and date of purchase.
● Data about fitness and health: You provide us with data about your health, your dietary habits, your workout routines, and your fitness goals such as exercises you prefer, how often and how much you exercise, whether you have your target weight. We only collect data about your fitness and health with your explicit consent.
● Data about your usage behavior on our app and website: We use third-party analytics providers, cookies, and SDKs to collect data such as your device information (Device type, device, and browser information), your IP address, referral/exit pages, operating system, geo-location, preferred language, identifiers such as advertising ID, and network information. Furthermore, we also collect engagement information such as your in-app purchases, clicks, your activities.
● Full-body image: You may choose to upload a full-body photo as part of our body scan feature. This image is analyzed by our AI system to estimate metrics such as lean mass, body fat percentage, BMI, and other general body composition data. The photo is processed securely and used solely for this analytical purpose.
● Other information you voluntarily provide: When you provide responses to our quiz questions, you disclose data to us voluntarily.
5. FOR WHAT PURPOSES DO WE COLLECT YOUR DATA?
We collect and process your data for the following purposes:
● To provide our core services to you.
● To provide our AI Fitness Coach services to you.
● To ensure and maintain the security of our website and app.
● To prevent fraud and abuse.
● To enforce our legal rights and third-party rights.
● To comply with legal obligations.
● To analyze user behavior on the website and on the app.
● To improve user experience.
● To develop new services.
● To process payments.
● To send you marketing emails.
● To train and improve our A.I Fitness Model using your given exercise feedback on the app, provided with your explicit consent.
● To contact you about our services.
6. LEGAL BASES WE RELY ON TO COLLECT YOUR DATA (EU & UK USERS ONLY)
The following explains what legal bases we rely on for each purpose:
| Purpose | Legal Basis |
|---|---|
| To provide our AI Fitness Coach Services to you | Consent under Article 6.1.a of the GDPR |
| To analyze user behavior on the website and on the app | Consent under Article 6.1.a of the GDPR |
| To improve user experience | Consent under Article 6.1.a of the GDPR |
| To develop new services | Consent under Article 6.1.a of the GDPR |
| To send you marketing emails | Consent under Article 6.1.a of the GDPR |
| To train and improve our AI Fitness Model using your given feedback to workouts | Consent under Article 6.1.a of the GDPR |
| To provide our AI Fitness Coach Services to you by using your body scan and other health data | Explicit user consent under Article 9 of the GDPR |
| To provide our core services to you | Contractual Necessity under Article 6 of the GDPR |
| To process payments | Contractual Necessity under Article 6 of the GDPR |
| To ensure and maintain the security of our website and app | Legitimate Interests under Article 6 of the GDPR |
| To prevent fraud and abuse | Legitimate Interests under Article 6 of the GDPR |
| To enforce our legal rights and third-party rights | Legitimate Interests under Article 6 of the GDPR |
| To comply with legal obligations | Legal Obligation under Article 6 of the GDPR |
7. INTERNATIONAL DATA TRANSFERS (EU & UK USERS)
When we transfer EU&UK data to a non-adequate jurisdiction, we comply with the EU&UK GDPR data transfer rules and rely on one of the mechanisms enshrined in Article 46 of the EU&UK GDPR.
● Transfers outside the EU & EEA
We rely on Standard Contractual Clauses 2021, issued by the European Commission. Further details can be found at:
● Transfers outside the UK
We rely on the International Data Transfer Agreement and International Data Transfer Addendum issued by the UK ICO.
8. THIRD-PARTY SERVICE PROVIDERS
In providing our services to you and in processing personal data, we use the following categories of third-party service providers:
● Advertising Service Providers
● User data analytics providers
● Payment processors
● Cloud service providers
● Email Marketing Tools
● User Authentication Service Providers
● Location Tracking Service Providers
● Push Notification Service Providers
● Social Sharing Functionality Service Providers
9. THIRD-PARTY SDK TOOLS WE USE TO PROCESS YOUR DATA
When you access and use our mobile app and website, we use the following third-party service providers for the following specified purposes:
| The Service Provider We use | Purpose of Use |
|---|---|
| Company Name: AppsFlyer Ltd, Tool: Appsflyer SDK (appsflyer_sdk) | We use it for tracking user behavior, app installs, daily activity (e.g., Daily Challenges, Custom Challenges, Tournaments), and redos. |
| Company Name: Google LLC, Tool: Firebase Analytics | We use it for tracking user behavior, app installs, daily activity (e.g., Daily Challenges, Custom Challenges, Tournaments), and redos. |
| Company Name: Microsoft Corporation, Tool: Microsoft Clarity | We use it to understand how users use it to interact with our website and improve user experience on our website. |
| Company Name: openapi4j, Tool: App Links (app_links) | It helps us improve user experience and track user engagement. |
| Company Name: Google LLC, Tool: In-App Purchases (in_app_purchase) | Facilitates in-app transactions made through the Google Play Store for Android users, including payments for challenges, subscriptions, and other in-app purchases. |
| Company Name: Apple Inc., Tool: In-App Purchases (in_app_purchase) | Handles in-app transactions made through the Apple App Store for iOS users, including payments for challenges, subscriptions, and other in-app purchases. |
| Company Name: MongoDB, Inc., Tool: MongoDB Atlas Database | Used to securely store data using encryption. |
| Company Name: Amazon Web Services Inc., Tool: Amazon SES | Used to send OTP verification and promotional emails. |
| Publisher: Pravera.me, Tool: Flutter Activity Recognition (flutter_activity_recognition) | We use it to detect user activities (e.g., walking or running) to mark milestones as completed in challenges or tournaments. |
| Company Name: Google LLC, Tool: Firebase Messaging (firebase_messaging) | It helps us deliver and track push notifications. |
| Company Name: The DexterX Developer, Tool: Flutter Local Notifications (flutter_local_notifications) | It helps us handle local notifications directly within the app. |
| Company Name: Social Share, Tool: Social Share Publisher link: https://pub.dev/packages/social_share | It enables users to share app content on social media, which may track user engagement with shared content. |
| Company Name: Flutter Share Me, Tool: Flutter Share Me Available at: https://pub.dev/packages/flutter_share_me/versions | It enables users to share app content on social media, which may track user engagement with shared content. |
| Company Name: Carda.me, Tool: Awesome Notifications (awesome_notifications) Website: https://discord.com/invite/KSXeQG9cCb | It helps us manage notifications, potentially tracking delivery and interaction. |
10. DATA RETENTION
We only retain your personal data for as long as necessary for the purpose we collect it.
In determining the specific data retention period for each data category and processing activity, we take into account criteria such as the sensitivity of data, our legal obligations, and your reasonable expectations.
Below are the specific data retention periods for each category of personal data:
| Category of Personal Data | Retention Period |
|---|---|
| Basic personal data such as your name, surname, phone number, and email address. | 24 months after the date on which your account is closed. |
| Financial details such as payment method details, purchase details, and timestamps of transactions. | Statutory time period set by the applicable law. |
| Data about your fitness and health such as your health, your dietary habits, your workout routines, and your fitness goals such as exercises you prefer, how often and how much you exercise, whether you have your target weight. | So long as your account with us is active and we provide our services to you Maximum 24 months after you delete your account or you/us discontinue your access to and use of services |
| Data about your usage behavior on our app and website such as your device information(Device type, device, and browser information), identifiers such as advertising ID, and network information. Furthermore, we also collect engagement information such as your in-app purchases, clicks, your activities. | 12 months after the date on which such data is collected. |
| Full-body image. | 24 months after the date on which your data is collected. |
| Other information you voluntarily provide when you provide responses to our quiz, you disclose data to us voluntarily | 24 months after the date on which your data is collected. |
11. DISCLOSURE OF YOUR DATA TO THIRD PARTIES
If you sign up on our app and/or website using a referrer's link, the referrer will have access to limited information, including:
This data is shared solely to confirm referral activity. No other personal or sensitive data will be disclosed to the referrer.
● Your name.
● Whether you downloaded the app.
● Whether you signed up.
12. DATA SECURITY
We implement appropriate organizational, contractual, and technical data security measures to ensure and maintain the security of your data.
You may contact us to learn about the specific data security measures we implement.
13. YOUR RIGHTS
You can exercise the following rights, depending on the law that applies to your data:
● Your right to data deletion - You may request us to erase your personal information if certain conditions are met. These conditions are as follows:
● If the data we collected about you is no longer required for the original purpose it was collected for
● If you have withdrawn your consent
● If you have objected to the processing of your data
● If your data was unlawfully processed
● If we have to delete your data to comply with a legal obligation
● If we collected your data in relation to information society services
● Right to access personal data - You may request copies of your personal information.
● Your right to rectification - You may submit a request to rectify personal information you think is inaccurate.
● Your right to restriction of processing - You have the right to ask us to restrict the processing of your data.
● Your right to object to processing - You may submit a request to object to the processing of your data.
● Your right to data portability - You may have the right to ask that we transfer the personal information you gave us to another organisation under the EU & UK GDPR if certain conditions are met:
● We collected your data through consent or a contract,
● Your data is processed automatically and
● The transfer of your data is technically feasible
● Right to opt out of the sale of personal data - You may submit a request to opt out of the sale of your data.
14. HOW TO EXERCISE YOUR RIGHTS
You can exercise your statutory rights under the applicable law by contacting us via one of the following:
Contact email: [email protected]
Business Postal address: 4030 Lakeview dr Sebring fl 33870
15. HOW TO SUBMIT A COMPLAINT TO DATA PROTECTION AUTHORITIES (EU & UK USERS ONLY)
If you reside in the EU or UK, you can submit a complaint to the relevant data protection authority in the country you reside in.
You can check the following Directory to contact the relevant authority:
16. CALIFORNIA RESIDENTS' RIGHTS
If you reside in California and if the CCPA & CPRA apply to the processing of your data, you may exercise the following rights:
You have the right to request that we delete the personal information that we collected from you. Be noted that this right is subject to certain exceptions as listed below:
You may exercise your right to request that we disclose certain information to you and explain how we have collected, used, and shared your personal information over the past 12-month period.
● If we are legally required to keep your data
● If the request is manifestly unfounded or excessive
● If the request conflicts with free speech
● If the request conflicts with the research exception
17. CHANGES TO THIS PRIVACY POLICY
Any changes to this Policy will be notified to Users via email.
18. NOTICE ABOUT GOOGLE ADMOB
We use Google AdMob to display ads to you. AdMob utilizes unique device identifiers and usage data to display relevant ads to you.
You can have a look at Google's Privacy Policy to learn more about what types of data are processed via AdMob:
To opt-out, follow the instructions here:
19. NOTICE ABOUT APPLE PAY
We use Apple Pay to process your payments. When you make a payment through Apple Pay, Apple collects and processes data such as your account details, card number, and transaction information.
When you pay via Apple Pay, your data is secured through various security measures. Firstly, your device account number is stored on a secured chip device and this number is isolated from your iOS and cannot be decrypted even by Apple.
Furthermore, your device communicates through an encrypted channel to protect your data.
For more information, visit the Apple Pay privacy notice at:
20. NOTICE ABOUT GOOGLE PAY
When we use Google Pay, data such as your account card number, card details, address, phone number, and date of birth is processed.
Google Pay applies encryption at rest and in transit to protect the security of your data.
To learn about how Google Pay processes your data and the specific security measures Google implements, visit the following:
21. NOTICE ABOUT GOOGLE ANALYTICS
We use Google Firebase Analytics to track user behavior, app installs, and your daily activity such as Daily Challenges, Custom Challenges, and Tournaments.
You can have a look at Google's Privacy Policy to learn more:
Last Updated on 2 August 2025.