Privacy Policy

MagFit Inc. ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy outlines the types of personal data we collect, how we use it, and how we keep it safe. By using our app, Rate My Physique (the "App"), you agree to the terms of this Privacy Policy.

1. Information We Collect

We collect the following types of information when you use the App:

Personal Information:

• Email Address: We collect your email address through your Apple ID and during account creation to manage your account and communicate with you.
• Birthday: We collect your birthday to personalize your experience within the App and offer age-specific features.
• Gender: We collect your gender to provide gender-specific content and improve your experience with the App.
• Language: We collect information about the language you speak to tailor content to your language preferences.

Legal Basis: The legal basis for collecting this information is your explicit consent, which is required before any data processing occurs.

User-Generated Content:

• Images: We collect images that you upload to the App, which are necessary for the core functionality of the App.

2. How We Use Your Information

We use your data for the following purposes:

Account Management:

• To create, manage, and authenticate your account.

Communication:

• To send you essential communications, such as updates to the App or changes to our Privacy Policy.

Personalized Features:

• To enable the core functionality of the App, such as processing and displaying your uploaded images.

Subscription and Payment Management:

• To manage your subscription and payments via RevenueCat.

AI-Powered Coaching:

• To provide AI-powered coaching and image analysis using services such as Anthropic (Claude), OpenAI, and Replicate.com. This processing is performed based on user consent and legitimate interests, ensuring compliance with GDPR.

3. Data Sharing

We do not share your personal information or user-generated content with third parties, except for the following:

Service Providers:

• We may share information with third-party service providers that help us operate and improve the App, including hosting providers, analytics services, AI-based processing providers (e.g., Anthropic, OpenAI, and Replicate.com), payment processing, and subscription management (e.g., RevenueCat). These providers are required to maintain the confidentiality of your data and comply with GDPR and applicable data protection laws.

Legal Requirements:

• We may disclose your information if required by law, legal process, or government request, or to protect our rights, property, and safety, or the rights of others.

3A. Refunds and Apple Server Notifications

If you request a refund for an in-app purchase, we may share information about your use of that purchase with Apple to assist in determining the appropriate resolution. By agreeing to this Privacy Policy, you consent to the transmission of this usage data to Apple solely for the purpose of refund resolution. This process complies with Apple's Server to Server Notifications feature and relevant data protection regulations.

3B. Advertising and App Install Attribution

We may use third-party advertising partners, such as Meta (Facebook/Instagram), to measure app installs and ad campaign effectiveness.

iOS: We use Apple's SKAdNetwork for anonymized, aggregated install attribution. We also use the Meta SDK, which may collect certain device signals (such as IP address and device type) to measure app installs and ad campaign effectiveness. This data does not include your name or directly identifying information, and advertising ID collection is disabled. For more information, see Meta's Data Policy.

Android: The App may collect your Google Advertising ID (GAID) and a Facebook Anonymous ID to measure ad performance and app install attribution. These identifiers do not directly identify you. You can reset or opt out of GAID-based tracking through your device settings.

4. Data Retention

We retain your personal data for 12 months after account deletion, unless legally required to retain it longer. Once your data is no longer needed, it will be deleted or anonymized.

5. Data Security

We take data security seriously and implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. Data is stored securely on Firebase and encrypted using industry-standard methods. However, no method of electronic transmission or storage is completely secure, so while we strive to protect your personal data, we cannot guarantee its absolute security.

6. Your Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal data:

Access and Correction:

• You have the right to request access to the personal data we hold about you and to correct any inaccuracies.

Data Deletion:

• You can request that we delete your account and personal data. You may do so through the App or by contacting us directly.

Data Portability:

• You have the right to receive a copy of your data in a structured, commonly used, and machine-readable format, and the right to transmit it to another service.

Objection and Restriction:

• You can object to our processing of your data or request that we limit how we use your data.

Withdraw Consent:

• You have the right to withdraw consent at any time, without affecting the lawfulness of processing before its withdrawal.

Opt-out of Communications:

• You can opt-out of receiving marketing communications by following the unsubscribe instructions in our emails or by contacting us.

Lodge a Complaint:

• If you believe we are processing your data unlawfully, you have the right to lodge a complaint with your local data protection authority.

If you wish to exercise any of these rights, please contact us using the information provided below.

7. Children's Privacy

The App is not intended for use by children under the age of 13. We do not knowingly collect or solicit personal data from children under 13. If we become aware that we have inadvertently collected personal data from a child under 13, we will take steps to delete that information as soon as possible.

8. Legal Compliance

We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) for users in the European Union and the California Consumer Privacy Act (CCPA) for California residents.

For EU Residents (GDPR):

• Legal Basis for Processing: We process your personal data based on your consent, the necessity for contract performance (providing the App), and our legitimate interests in improving the App.
• Data Transfers: If you are located in the European Economic Area (EEA), please be aware that your data may be transferred outside of the EEA for processing, and we ensure appropriate safeguards are in place.

For California Residents (CCPA):

• You have the right to request the categories and specific pieces of personal information we have collected about you, the purposes for which we use that information, and the third parties with whom we share it.
• You can also request that we delete your personal information. To make a request, please contact us at the email address provided below.

9. Data Transfers & Third-Party Processing

We use third-party services, including Firebase (Google), Anthropic (Claude), OpenAI, RevenueCat, and Apple Payments. These providers comply with GDPR, and data processing agreements (DPAs) are in place where required.

Your data is stored in Firebase, located in the Pacific region (U.S.). Appropriate safeguards, including Standard Contractual Clauses, are implemented for international data transfers.

10. Automated Decision-Making

We use AI-powered features (via Anthropic's Claude) to provide personalized physique coaching based on images and data you provide. This processing is based on your consent and is not used to make legally binding decisions about you.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you via email or through a notification in the App. The updated Privacy Policy will be posted on this page, and the "Effective Date" will be updated accordingly.

12. Contact Us

If you have any questions or concerns about this Privacy Policy, or if you wish to exercise your rights, please contact us at:

• Email: mobileappmagfit@gmail.com
• Support: info@ratemyphysiques.com
• Privacy Concerns (DPO): We do not have an official Data Protection Officer (DPO), but for privacy concerns, you can contact Jacob at jacob@ratemyphysiques.com.

By using Rate My Physique, you acknowledge that you have read, understood, and agree to this Privacy Policy.