TotalFit Connect Inc. · Effective Date: March 12, 2026 · Governing Law: Ontario, Canada (PIPEDA)
TotalFit Connect is operated by TotalFit Connect Inc., a company incorporated in Ontario, Canada. This Privacy Policy applies to our mobile app, website (totalfitconnect.com), and any related services (the “Services”). By using TotalFit Connect, you agree to this policy. If you do not agree, please stop using the Services.
We collect data you give us directly, data generated by your use of the app, and limited data from third-party services you connect.
Name, email address, username, and password (stored as a hashed value — never plain text). Optional profile details include profile photo, bio, date of birth, biological sex, height, weight, and fitness goals.
Training information you log — workouts, exercises, body measurements, and performance data — as well as nutrition and body metric data you choose to track. This is your data. We consider it sensitive and treat it accordingly.
Posts, comments, likes, follows, direct messages, shared workouts, and any other content you publish to your profile or feed.
Subscription status and entitlement data via RevenueCat. Billing is handled entirely by Apple — we never see or store your payment details.
Device model, OS version, and a Vendor Identifier (IDFV) for internal analytics only. App usage data including screens viewed, session length, and crash reports — used only to improve the app. Push notification tokens so we can deliver alerts you have opted into.
We do not collect precise location (GPS) data, access your contacts or address book, use advertising identifiers (IDFA), use cross-app tracking, or use advertising or tracking cookies. We do not integrate with Apple HealthKit at this time — if that changes, we will update this policy and ask for your consent first.
We use your data to run the app, improve it, and keep it safe. We do not use your health or fitness data for advertising, and we do not build advertising profiles. Specifically, we use your data to:
The following vendors process data on our behalf. All are contractually restricted to using your data only for the services they provide to us.
Workout, body measurement, and nutrition data is sensitive personal information. We treat it with heightened care: we do not share it with insurers, employers, or advertisers, and we do not use it to make automated decisions that affect you.
Under GDPR, processing this data is based on your explicit consent, which you provide when you enter it into the app. You can withdraw consent by deleting the data from your profile or deleting your account. Withdrawal does not affect past processing.
Profile fields such as height, weight, and biological sex are optional — the core app works without them.
TotalFit Connect is not a medical service. Nothing in the app constitutes medical advice. Always consult a qualified professional before starting a new exercise or nutrition program.
TotalFit Connect requests only the permissions it needs. All optional permissions can be denied without losing core functionality.
You can delete your account at any time from Settings → Account → Delete Account. Your personal data is deleted or anonymized within 30 days. Backup copies are purged within 90 days. Comments you left on other users’ posts are anonymized (shown as “Deleted User”) to preserve conversation integrity. Anonymized, aggregate analytics data may be retained indefinitely. We may retain specific data longer where required by law or for fraud-prevention purposes.
To request deletion by email, contact privacy@totalfitconnect.com from your registered address. We respond within 30 days and may ask you to verify your identity.
We use industry-standard security measures including TLS encryption in transit, bcrypt password hashing, network-level access controls, and limited production data access. We perform regular security reviews. We will never ask for your password via support email or in-app message. To report a vulnerability, email security@totalfitconnect.com.
No system is 100% secure. If a breach occurs that affects your rights, we will notify you as required by law.
Depending on where you live, you may have rights to access, correct, delete, or export your data, and to withdraw consent or object to certain processing. To exercise any right, email privacy@totalfitconnect.com from your registered address. We respond within 30 days.
Contact the Office of the Privacy Commissioner at www.priv.gc.ca. Quebec residents also have rights under Law 25, including portability and automated decision-making disclosure.
Legal bases for processing: consent (health/body data), contract performance (account services), and legitimate interests (security, fraud prevention). You may lodge a complaint with your local supervisory authority (e.g., the ICO in the UK). As a Canadian-based company, we are monitoring our GDPR Article 27 representative obligations and will appoint one if required.
We do not sell or share personal information for cross-context behavioral advertising. Rights requests may be submitted directly or through an authorized agent with written authorization.
Contact the OAIC at www.oaic.gov.au.
TotalFit Connect is not directed at children under 13 (or 16 in the EEA). We do not knowingly collect data from children under these ages. If you believe a child has created an account, contact privacy@totalfitconnect.com and we will delete it promptly.
TotalFit Connect is based in Ontario, Canada, which has been recognized by the EU as providing adequate data protection. Data processed by our US-based service providers (see Section 5) is protected by Standard Contractual Clauses. UK transfers are covered by the UK IDTA or equivalent mechanisms.
We may update this policy from time to time. For material changes, we will notify you by in-app notification or email at least 14 days before the change takes effect. Continued use after that date means you accept the updated policy.
Questions? Contact us at privacy@totalfitconnect.com or security@totalfitconnect.com.
TotalFit Connect Inc. · Ontario, Canada · © 2026 All rights reserved.