Skip to main content

Legal

Privacy Policy

Effective date: 25 April 2026

1. Who we are

This Privacy Policy applies to the 365 Fithub mobile application and website (collectively, the "Service"). The Service is operated by Save Time Technology Limited ("we", "us", "our"), a company registered in England and Wales under company number 09280310. Our registered address is 104 Livingstone Walk, Hemel Hempstead, Hertfordshire, HP2 6AL.

We are registered with the Information Commissioner's Office (ICO) under registration number ZC115093.

For any privacy-related queries, contact our Data Controller at: [email protected]

2. What data we collect

Data you provide directly

  • Account information: name, email address, and password (stored as a salted hash)
  • Profile information: date of birth (for age verification), fitness goals, experience level, and training location preferences
  • Health questionnaire responses (PAR-Q) used to personalise onboarding
  • Workout logs: exercises, sets, reps, weights, rest durations, and session dates

Data collected automatically

  • Device type and operating system version (for compatibility)
  • App version (for support and debugging)
  • Crash reports and error logs (no personally identifiable information)
  • Analytics data (only if you consent) — page views, session duration, and feature usage via Google Analytics 4

Data we do NOT collect

  • Health data from Apple Health or Google Fit (we do not request these permissions)
  • Precise GPS location
  • Payment information (processed entirely by Apple or Google)

3. Our lawful bases for processing

  • Contract (Article 6(1)(b) UK GDPR): Processing your account and workout data to provide the Service you signed up for.
  • Legitimate interests (Article 6(1)(f) UK GDPR): Crash reporting and error logging to maintain security and stability. We have performed a legitimate interests assessment.
  • Consent (Article 6(1)(a) UK GDPR): Analytics cookies and any marketing communications. You may withdraw consent at any time.

4. How we use your data

  • To provide, maintain, and improve the Service
  • To generate AI coaching recommendations based on your workout history
  • To send you transactional emails (account creation, password reset)
  • To respond to support and privacy enquiries
  • To comply with legal obligations

We do not sell your data to third parties. We do not use your data for automated decision-making that produces legal or similarly significant effects.

5. Who we share data with

We share data only with processors necessary to provide the Service:

  • Cloud hosting provider — servers and databases. Data is stored in the UK or EEA.
  • Transactional email provider — for account emails only.
  • Google Analytics 4 — only if you consent to analytics cookies. Data is processed under a Data Processing Agreement with Google Ireland Limited.
  • Apple / Google — for subscription management and payment processing only.

All processors are subject to written data processing agreements. We do not transfer your personal data outside the UK or EEA without appropriate safeguards (Standard Contractual Clauses where applicable).

6. How long we keep your data

  • Account and workout data: retained for as long as your account is active, plus 30 days after deletion request to allow for error correction.
  • Anonymised analytics data: up to 26 months (Google Analytics default).
  • Support correspondence: 3 years from resolution.

7. Your rights under UK GDPR

You have the right to:

  • Access — request a copy of your personal data.
  • Rectification — correct inaccurate or incomplete data.
  • Erasure — request deletion of your data ("right to be forgotten").
  • Restriction — ask us to limit how we use your data.
  • Portability — receive your data in a machine-readable format.
  • Object — object to processing based on legitimate interests.
  • Withdraw consent — at any time, where processing is consent-based.

To exercise any right, email [email protected] or use our online data request form. We will respond within one calendar month. You may also use the in-app Settings → Account → Data & Privacy screen.

You have the right to lodge a complaint with the Information Commissioner's Office (ICO).

8. Cookies

We use cookies on this website. Strictly necessary cookies are required for the site to function. Optional analytics cookies are set only with your consent. See our Cookie Policy for full details. You can change your preferences at any time using the "Cookie Preferences" link in the footer.

9. Security

We implement technical and organisational measures proportionate to the risks of processing, including TLS 1.3 encryption in transit, AES-256 encryption at rest, and access controls limiting data access to authorised personnel.

If you believe your account has been compromised, contact us immediately at [email protected].

10. Children

The Service is intended for users aged 16 and over. We do not knowingly collect personal data from children under 16. If we discover that we have inadvertently done so, we will delete it promptly. If you are a parent or guardian and believe your child has provided us data, contact [email protected].

11. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email (if you have an account) or via an in-app notification at least 30 days before the change takes effect. The "Effective date" at the top of this page records the most recent update.