Privacy Policy

FitPlans collects the minimum data needed to build and deliver your plan. We don’t sell your data, we don’t use it to train any model, and you can ask us to delete it at any time.

What we collect

• Email address. The only identifier we keep — used to send your plan link and to look up your plans later via /my-plans.
• Onboarding inputs. Goal, dates, age, height, weight, optional body-composition data, gym setup, training history, injuries, wearable data, training preferences, diet approach, and location text. Used as the prompt to generate your plan.
• Generated plan JSON. Stored so you can re-open your plan link and re-receive it by email.
• Stripe payment metadata. Stripe receives your email and card details directly; we never see card numbers. We store the Stripe Checkout Session id alongside your plan so we can verify payment was completed.

Why we collect it

• To generate, deliver, and re-deliver your plan.
• To verify your payment with Stripe (Stripe’s own privacy policy applies to their handling of your card).
• To respond to your support requests and, very rarely, to investigate abuse (e.g. payment disputes).

We do not use your data for advertising, profiling, or to train AI models. We do not sell or share it with third parties except the processors listed below, which are necessary to operate the Service.

Where it lives

• Convex — primary database for your plan and onboarding inputs. Hosted in the United States.
• Cloudflare Workers — serves the website and forwards requests to Convex. Cloudflare may log IP addresses for abuse prevention; standard log retention applies.
• Stripe — processes payment. Receives your email and card details. See Stripe’s privacy policy.
• Anthropic — generates the plan from your inputs. Per Anthropic’s API data policy, prompts and responses are not used for model training and are retained only briefly for abuse-detection purposes.
• Resend — delivers your plan email. Receives your email address and the email body.

How long we keep it

Plans and onboarding inputs are retained indefinitely so the /my-plans recovery flow keeps working. Abandoned checkout records (where you didn’t complete payment) are automatically deleted after 24 hours.

Deletion and access requests

You can ask us to:

• Send you a copy of all data tied to your email.
• Permanently delete all data tied to your email.

Email privacy@fitplans.app from the address you used at checkout and we’ll action it within 30 days. Deletion is permanent and irreversible — your plans will no longer be retrievable.

Cookies and tracking

FitPlans doesn’t set advertising or analytics cookies. We use browser localStorage on your own device to (a) hold your onboarding draft so you can resume mid-flow, and (b) remember which workouts you’ve marked done inside the generated plan app. This data never leaves your device.

Your rights under GDPR / UK GDPR

If you’re in the EU or UK you have the right to access, correct, delete, export, and restrict processing of your personal data, and to complain to your local supervisory authority. We process your data on the lawful basis of contract (we need it to deliver the plan you paid for) and legitimate interest (operating and securing the Service).

Children

FitPlans is not intended for users under 16. We do not knowingly accept payments or generate plans for children. If you believe a child has paid for a plan, contact us and we’ll delete the data and refund the charge.

Changes to this policy

Material changes will be reflected in the “Last updated” date above. For substantial changes affecting existing users, we’ll email everyone with a plan on file.

Contact

Privacy questions, data requests, or anything else: privacy@fitplans.app.