Aphil Fitness

Privacy Policy

Effective date: 12 June 2026 · Last updated: 12 June 2026

Aphil Fitness (“AphilFitness”, “we”, “us”) helps you track meals, workouts, and progress with an AI coach that keeps things calm and realistic. To do that, we handle some of your personal information — including health and fitness data, which we treat with extra care. This policy explains what we collect, why, and the choices you have.

The short version: We collect what we need to run the app and nothing more. We never sell your data. Your health and fitness data is never used to target ads. You can export or delete everything, anytime.

What we collect

Account information. When you sign up, we collect your name and email address through our authentication provider (Google Firebase Authentication). If you sign in with a Google account, we receive the basic profile information you authorise.

Profile and goals. Information you choose to add: age, height, weight, sex, activity level, and your fitness or nutrition goals. This is used solely to personalise your experience — calorie targets, progress tracking, and coaching suggestions.

Health and fitness data you log. Meals and foods (including portion sizes and nutrition estimates), workouts, body measurements, progress photos (if you upload them), and — if you choose to use the feature — menstrual cycle tracking data.

Cycle tracking data is sensitive, and we treat it that way: it is stored with the same encryption as the rest of your data, used only to power the cycle tracking feature for you, never used for advertising or analytics profiling, and never shared with third parties. You can delete your cycle data independently of the rest of your account at any time.

Usage and device data. Standard technical information: device type, browser, IP address, app interactions, and crash logs. We use this to keep the service secure, fix bugs, and understand which features are useful.

AI coaching interactions. Messages you send to the in-app AI coach and the food or workout descriptions you submit for analysis.

How we use your information

  • To provide the service: tracking, progress views, reminders, and personalised targets
  • To power AI features: food recognition, nutrition estimation, and coaching responses are processed using Google Vertex AI on Google Cloud infrastructure. Your data is processed to generate your results; it is not used by us to train general-purpose AI models
  • To maintain and improve the service: debugging, performance, and aggregate (non-identifying) feature analytics
  • To communicate with you: service updates, and — only if you opt in — product news
  • To meet legal obligations

We do not sell your personal information. We do not share your health or fitness data with advertisers or data brokers.

Where your data lives

AphilFitness runs on Google Cloud Platform. Your data is stored in Google Cloud services (Firestore and Cloud Storage) and processed by our backend on Google Cloud Run. Google acts as our data processor under its standard data processing terms. Data may be stored or processed in data centres outside your country of residence; where it is, we rely on recognised transfer safeguards.

Advertising and cookies

Some public pages of our website (such as our blog) may display advertising served by Google AdSense. Third-party vendors, including Google, use cookies to serve ads based on a visitor’s prior visits to this and other websites. Google’s use of advertising cookies (including the DoubleClick cookie) enables it and its partners to serve ads based on your visits to our site and/or other sites on the internet. You can opt out of personalised advertising by visiting Google Ads Settings, or opt out of third-party vendor cookies at aboutads.info.

To be clear: advertising appears only on our public content pages. Your in-app health and fitness data is never used for ad targeting, by us or by anyone else.

Cookies we use

Cookies are small text files stored on your device by your browser. They help websites remember things — like keeping you signed in — and, in the case of advertising cookies, help show ads that are more relevant to you.

Essential cookies (always on). Required for the Service to work — primarily authentication session cookies set by Firebase Authentication to keep you signed in securely, and your cookie-consent preference itself. These can’t be switched off, because the app doesn’t function without them.

Analytics cookies (with your consent). Help us understand how the Service is used in aggregate — which pages are visited and which features matter — so we can improve it. These load only if you accept them in the consent banner.

Advertising cookies (with your consent, public pages only). Our public content pages (such as the blog) may show ads served by Google AdSense, as described above. These cookies are never used on, or fed by, your in-app health and fitness data.

Cookie settings

  • Use the consent banner to accept or decline non-essential cookies; you can change your choice anytime with the button below
  • Opt out of personalised Google ads or third-party vendor cookies via the links in the “Advertising and cookies” section above
  • Block or delete cookies in your browser settings (note: blocking essential cookies will sign you out)

How long we keep your data

We keep your data for as long as your account is active. If you delete your account, your personal data is deleted from our production systems within 30 days, and from backups within 90 days. Some minimal records (such as billing or legal compliance records, if applicable) may be retained where the law requires it.

Your rights and choices

Wherever you are, you can:

  • Access and export your data — request a copy in a portable format
  • Correct anything that’s inaccurate
  • Delete your account and data, in full or in part (including cycle data on its own)
  • Object or restrict certain processing
  • Withdraw consent where processing is based on consent

To exercise any of these, email us at support@aphilfitness.com or use the controls in your account settings. We respond within 30 days.

If you are in Singapore, these rights are provided in line with the Personal Data Protection Act (PDPA); our Data Protection Officer can be reached at support@aphilfitness.com. If you are in the European Economic Area or the UK, the GDPR/UK GDPR applies, and you also have the right to lodge a complaint with your supervisory authority.

Children

AphilFitness is not directed at anyone under 18, and we do not knowingly collect personal data from children. If you believe a child has created an account, contact us and we will delete it.

Security

Data is encrypted in transit (TLS) and at rest. Access to production data is restricted and logged. No system is perfectly secure, but if a breach affects your personal data, we will notify you and the relevant authorities as required by law.

Changes to this policy

If we make material changes, we’ll notify you in the app or by email before they take effect. The “last updated” date at the top always reflects the current version.

Contact

Questions about privacy: support@aphilfitness.com

We use cookies to keep you signed in, and — with your consent — for analytics and to show ads on our public pages. See our Privacy Policy.