Policy

Privacy Policy

Effective date: 12 August 2025

Data Controller Information

Data controller: BREATHE FRESH LTD (Company No. 15954655)

Registered office: Dept 6157 43 Owston Road, Carcroft, Doncaster, United Kingdom, DN6 8DA

Contact (Privacy / Support): info@aifitworld.co.uk • +44 7418604319

Service: https://www.aifitworld.co.uk

1. Introduction

We respect your privacy. This Privacy Policy explains what personal data we collect, how we use it, how long we keep it, with whom we share it, "and how you can exercise your rights. It applies when you use the AIFitWorld website, app and services (the "Service").

2. Data we collect

We only collect the personal data reasonably necessary to operate and improve the Service.

Identity & contact: name, email address; postal/billing address and phone number (where required for invoicing or support).

Account data: login email, hashed password, profile details, preferences, marketing choices, consent records.

Transactions & tokens: order references, token top-ups/redemptions, payment metadata (processor reference, amounts, dates). We do not store full card numbers or CVV.

Service usage: plan previews and generations, exports/downloads, access logs, device/session identifiers.

Fitness inputs you provide: training goals, constraints (time/equipment), experience level, and optional self-reported information (e.g., injuries, conditions, pregnancy status).

Technical data: IP address, device type, operating system, browser/user-agent, timestamps, diagnostic/error logs.

Support: emails and chat transcripts, attachments you send (screenshots, files, export IDs).

Special category data (health). We do not require medical data. If you choose to share health-related information to tailor your plan, we process that limited data only with your explicit consent and you can withdraw consent at any time (see §7).

3. Why we use your data & legal bases

We process personal data for the following purposes under UK GDPR:

Provide and operate the Service (create/manage accounts, token balance, deliver plan previews/exports, maintain history).
Legal basis: performance of a contract.

Payments, fraud prevention, and compliance (reconciliation, chargeback handling, record keeping, tax/VAT).
Legal basis: legal obligation & legitimate interests (protect users and our business).

Support, complaints and refunds (identify you, investigate, resolve).
Legal basis: performance of a contract & legitimate interests.

Improve reliability and security (metrics, diagnostics, abuse detection, rate-limiting).
Legal basis: legitimate interests (we balance against your rights).

Marketing (newsletters, offers) where you opt in.
Legal basis: consent (you can withdraw at any time).

Fitness personalisation that may include health hints you provide.
Legal basis: explicit consent for any health-related details you choose to submit.

We do not sell personal data.

4. AI personalisation & automated decisions

We use AI to help generate and tailor fitness plans based on your inputs. This is profiling for personalisation only and does not produce legal or similarly significant effects on you. You can opt out of marketing profiling at any time and you may use the Service without providing any health information (you will still receive general plans).

5. Sharing and international transfers

We share data with trusted service providers strictly as needed to run the Service, for example:

  • payment processors, fraud-prevention and chargeback services;
  • cloud hosting, databases, storage and content delivery;
  • email and customer-support tools;
  • analytics and crash-reporting (limited, privacy-respecting where feasible);
  • professional advisers (legal, accounting, audit).

Some providers are outside the UK/EEA. Where we transfer data internationally, we use appropriate safeguards: UK adequacy decisions, Standard Contractual Clauses (SCCs), and additional measures where necessary, ensuring an adequate level of protection.

6. Cookies and similar technologies

We use cookies and similar technologies (e.g., localStorage, sessionStorage, pixels) to operate core functions (authentication, security), remember preferences, measure performance and—where you consent—enable analytics/marketing. Essential cookies do not require consent. For details and choices, see our Cookie Policy.

7. How long we keep your data (retention)

We retain data only as long as necessary for the purposes above and to meet legal, regulatory and accounting obligations.

Orders/payments/tokens (including checkout evidence): at least 24 months, and up to 6 years for compliance or disputed/enterprise transactions.

Account profile & access logs: while the account is active and for a reasonable period after closure for security/fraud prevention and legal compliance.

Support records: for the time needed to resolve the issue and a reasonable period thereafter.

Health-related details (if any): stored minimally and only as long as needed for the chosen plan; deleted or anonymised on withdrawal of consent or when no longer required.

When retention ends, we delete or anonymise data unless a longer period is required by law.

8. Your rights

Under UK data protection law you may have the right to:

• Access your personal data;

• Rectify inaccurate or incomplete data;

• Erase data (in certain circumstances);

• Restrict processing;

• Data portability (for data you provided, where technically feasible);

• Object to processing based on legitimate interests or to direct marketing;

• Withdraw consent at any time (e.g., marketing or health-related inputs).

To exercise your rights, contact info@aifitworld.co.uk. We may need to verify your identity. We respond within statutory timeframes (normally one month). Some rights may be limited by law (e.g., where we must retain records).

9. Security

We implement reasonable technical and organisational measures, including encryption in transit, access controls, least-privilege policies, secure backups, logging and vulnerability management. No system is completely secure; we cannot guarantee absolute security.

10. Children

The Service is intended for adults (18+). We do not knowingly collect data from children under 18. If you believe a child has provided data, contact info@aifitworld.co.uk and we will delete it.

11. Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email to registered users and/or a prominent notice in the Service. The effective date above will be updated.

12. Contact & complaints

Questions or requests: info@aifitworld.co.uk • +44 7418604319 • BREATHE FRESH LTD, Dept 6157 43 Owston Road, Carcroft, Doncaster, United Kingdom, DN6 8DA.