Privacy Policy - Beginnity

1. Introduction

Beginnity ("we," "our," or "us") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our AI-powered workout coaching service.

2. Information We Collect

Account Information

Name and email address
Password (encrypted)
Profile preferences (fitness goals, experience level)

Health & Fitness Data

Sleep data (duration, stages, quality scores)
Heart rate and HRV (heart rate variability)
Recovery and readiness scores
Workout history and exercise logs
Biomarker data you choose to upload

Device & Usage Data

Device type and operating system
IP address (anonymized in logs)
App usage patterns and feature interactions

3. How We Use Your Information

Personalization: Generate AI-powered workout recommendations based on your recovery data
Service Delivery: Sync with wearables, track progress, provide insights
Communication: Send workout reminders, product updates, and support responses
Improvement: Analyze aggregate usage patterns to improve the Service
Security: Detect and prevent fraud or abuse

4. Third-Party Integrations

When you connect wearable devices, we receive data from these third-party services:

Whoop - Recovery, strain, sleep data
Oura Ring - Readiness, sleep stages, HRV
Eight Sleep - Sleep performance, temperature data
Apple Health - Sleep, heart rate, workouts

Each provider has their own privacy policy. We only access data you explicitly authorize. You can disconnect integrations anytime in Settings.

5. Data Sharing

We do NOT sell your personal data. We may share data with:

Service Providers: Cloud hosting (Vercel, Neon), email (Resend), analytics (PostHog)
AI Processing: Anonymized data sent to AI providers (Anthropic) for workout generation
Legal Requirements: If required by law, subpoena, or to protect our rights

6. Data Security

We implement industry-standard security measures including:

Encryption of data in transit (HTTPS/TLS)
Encryption of sensitive data at rest
Secure password hashing (Argon2id)
Rate limiting and abuse prevention
Regular security reviews

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or legitimate business purposes.

8. Your Rights

Depending on your location, you may have the right to:

Access: Request a copy of your personal data
Correction: Update inaccurate information
Deletion: Request deletion of your data
Portability: Export your data in a common format
Opt-out: Unsubscribe from marketing emails

To exercise these rights, contact us at hello@beginnity.com

9. Children's Privacy

Beginnity is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately.

10. International Users

Your data may be transferred to and processed in the United States. By using the Service, you consent to this transfer. We comply with applicable data protection laws including GDPR for EU users and CCPA for California residents.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Your continued use of the Service after changes constitutes acceptance.

12. Contact Us

Questions or concerns about this Privacy Policy? Contact us at hello@beginnity.com