Privacy Policy

Zen2fit processes your data to help you improve your health, while taking care of the security of your data. 

As a data controller, Zen2fit is committed to giving the utmost attention to the security and protection of your privacy. 

Since there is no single regulation governing data protection in the U.S., Zen2Fit ensures compliance with the highest standards of privacy protection, including the European General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and applicable U.S. privacy laws.

Our Privacy Policy explains how we process your personal data when you use our Services. The services are composed of various software applications (including mobile and web applications, cloud-based Services) that gather, store and process data to provide you insights and services to help you lead a healthier life. Here we describe the privacy practices for our devices, applications, software, websites, APIs, products, and services (the “Services”). 

What information do we collect and when?

What information?

The data below will be collected by Zen2fit:

Identity data is data which can directly identify you, such as your advertising identifier, age, email address, gender, location, name, profile photo, timezone, and username.

Some information is required to create an account on our Services, such as your name, email address, password, date of birth, gender, height, weight, and in some cases your mobile telephone number. You may also choose to provide other types of information, such as a profile photo, biography, country information, and community username.

Activity data is data used to improve fitness and health management. It contains health data, which is a special category of data in meaning of the GDPR. As you perform or log activities (articles, meals, meditations, weigh-ins, workouts) in our Services, we track when you performed those activities, duration, estimated calories burned, and estimated distance, as relevant. You have the option of sharing your workout and meal data collected by our Services into Apple Health Kit. This only happens if you explicitly opt-in to allow this data sharing. In addition, you have the option of sharing your data from Apple’s CoreMotion and / or Google’s Google Fit applications to our Services to sync your steps taken, and the time of the steps taken. This only happens if you explicitly opt-in to allow this data sharing.

To help improve your experience or enable certain features of the Services, you may choose to provide us with additional information, like your logs for food, weight, sleep, water, or female health tracking, an alarm and messages on discussion boards or to your friends on the Services.

Technical data is necessary to provide use of and maintain reliability of the Services, such as IP address, cellular carrier, device ID, advertising ID, instance ID (of your app), information about your device and operating system, language, app version, technical debug information, and technical logs. 

Your device collects data to estimate a variety of metrics like the number of steps you take, your distance traveled, calories burned, weight, heart rate, sleep stages, active minutes, and location. The data collected varies depending on which device you use. When your device syncs with our applications or software, data recorded on your device is transferred from your device to our servers.

The Services include features that use precise geolocation data, including GPS signals, device sensors, Wi-Fi access points, and cell tower IDs. We collect this type of data if you grant us access to your location. You can always remove our access using mobile device settings. We may also derive your approximate location from your IP address.

Behavior data is data that contains additionally to the technical data information about your usage behavior and your interaction within the software application, such as clicks on buttons/links/advertising, viewed elements, usage time and duration, first start, last activity, and the conclusion of predefined events.

Additional data is other data that can be used. You may also connect with friends on the Services or invite friends who have not yet joined by providing their email addresses, accessing social networking accounts, or using the contact list on your mobile device. We do not store your contact list and delete it after it is used for adding contacts as friends.

If you contact us or participate in a survey, contest, or promotion, we collect the information you submit such as your name, contact information, and message.

Payment and card information – Some devices support payments and transactions with third parties. If you activate this feature, you must provide certain information for identification and verification, such as your name, credit, debit or other card number, card expiration date, and CVV code. This information is encrypted and sent to your card network, which upon approval sends back to your device a token, which is a set of random digits for engaging in transactions without exposing your card number. For your convenience, we store the last four digits of your card number and your card issuer’s name and contact information. You can remove the token from your account using your account settings. We do not store your transaction history.

If you purchase Zen2fit merchandise on our website, you provide your payment information, including your name, credit or debit card number, card expiration date, CVV code, and billing address. We do not store this payment information. We store your shipping address to fulfill your order. Note that third-party payment processors may retain this information in accordance with their own privacy policies and terms.

Information received from third parties – If you choose to connect your account on our Services to your account on another service, we may receive information from the other service. For example, if you connect to Facebook or Google, we may receive information like your name, profile picture, age range, language, email address, and friend list. You may also choose to grant us access to your exercise or activity data from another service. You can stop sharing the information from the other service with us by removing our access to that other service.

We may partner with third parties, such as employers and insurance companies that offer Zen2fit Services to their employees and customers. In such cases, those companies may provide us with your name, email address, or similar information (like a telephone number or subscriber ID) so that we can invite you to participate or determine your eligibility for particular benefits, such as discounts or free services.

When?

When you create an Zen2fit account, you provide certain identity data. Your Zen2fit account is a core component of the Services, as it allows you to access and control your personal data. When creating an Zen2fit account, you also have the option of connecting your account with Apple, Facebook, or Google for log in, in which your identity data will also be shared. This only happens if you explicitly opt-in to allow this data sharing.

When you use our Services, your activity data and technical data is collected to help you monitor your health, and to ensure reliability of the Services. Additionally, technical and behavior data is collected to improve our Services and to measure performance, create usage profiles, display personalized advertising and measure the effectiveness of marketing campaigns, if you have given your consent.

When you choose to share your data with other applications, we exchange data with partners via an API (Application Programming Interface). You may discontinue this connection at any time by logging in and managing the sharing preferences under your Zen2fit account. On the mobile application, navigate to the Profile tab -> Settings -> Account -> Integrations.

When you contact our customer support, your personal data under your Zen2fit account are available to our teams to help resolve your problem.

How do we use your Personal data?

The data collected through the Services of Zen2fit is processed by Zen2fit for the following specific purposes. Different purposes may apply simultaneously.

Providing Services. Personal data processed by Zen2fit are stored on your Zen2fit account and accessible on the application. Personal data may be indicated as raw data (number of steps, weight, etc.), or as a result of specific processing (personalized recommendations, workout and meal plans). 

We also use your information to make inferences and show you more relevant content. Here are some examples:

Information like your height, weight, gender, and age allows us to improve the accuracy of your daily exercise and activity statistics like the number of calories you burned and the distance you traveled.

Based on your sleep data, we may make inferences about your sleeping patterns and provide you with customized insights to help you improve your sleep.

We may personalize exercise and activity goals for you based on the goals you previously set and your historical exercise or activity data.

Accounts. Use of our Services requires the creation of a Zen2fit account. This account also allows you to manage your content, preferences, and personal data. Communicating with you. When you contact customer support (help@zen2fit.com) to solve a problem that you have reported, our team members may be required to process your personal data to help you.

Marketing, research and recommendations. Your personal data may be used to help us communicate with you, for example to offer you surveys, contests, coupons or events in which you are free to participate. We may provide you with information about our Services, such as alerts, changes, new features, sales offers from us or our partners, or to announce new services to you. You may be invited to participate in the research by receiving questionnaires. Zen2fit is constantly improving the accuracy of its Services thanks to its community of participants, always ensuring that your consent is obtained. You can manage your notification preferences by clicking on the unsubscribe link at the bottom of the emails you receive or by contacting customer support (help@zen2fit.com). 

Improving our Services. We may use your aggregated personal data, including behavior data, to improve our Services, customer support, and to correct or modify software settings. In addition, your health data might be anonymised, i.e not allowed to identify an individual or to be linked to an account to conduct studies and analyses in the field of health.

Performance measurement, usage profiles, personalized advertising, effectiveness of marketing campaigns: Your technical and behavior data may be used to measure the performance of our software applications, e.g. how often and how long you use the application, to create user profiles, e.g. which features do you like and which advertising you have clicked, to display personalized advertising and measure the effectiveness of marketing campaigns, e.g. which ways you got to our Services and measure conversions and leads. We use cookies and similar technologies for the purposes described above. For more information, please read our Cookie Use statement.

What is the legal basis for processing?

Zen2fit processes your personal data on the following legal basis:

Contract: We process your data on basis of the user agreement for our Services, e.g. the creation of the user account, providing the Services, the support and communication, which does not include the processing of health data. Legal basis is Art. 6 (1) (b) GDPR.

Consent: The most data we process with your given consent, e.g. for processing health data, sharing activity data, marketing activities, measure performance, create usage profiles, display personalized advertising, measure the effectiveness of marketing campaigns. Legal basis is Art. 6 (1) (a) GDPR, and also Art. 9 (2) (a) GDPR, if health data is processed.

Legitimate Interests: Some data we process to fulfill our legitimate interests, e.g. for improving our Services. Legal basis is Art. 6 (1) (f) GDPR.

Do we share your Personal data?

Your personal data will not be distributed, communicated, exchanged or transferred to third parties, on any medium whatsoever. 

Zen2fit’s affiliates and authorized third parties. We transfer information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research, and surveys.

Transfer of personal data. Our Services are provided by hosts located in US East (N. Virginia) by AWS.

Mandatory disclosure. We may be compelled by the law to disclose your personal data to some authorities or other third parties, such as the law enforcement or legal authorities. In this case, we challenge such requests for disclosure and only provide the minimum amount of information permissible when responding to a request for disclosure. Our policy is to notify you of legal process seeking access to your information, such as search warrants, court orders, or subpoenas, unless we are prohibited by law from doing so. In cases where a court order specifies a non-disclosure period, we provide delayed notice after the expiration of the non-disclosure period. Exceptions to our notice policy include exigent or counterproductive circumstances, for example, when there is an emergency involving a danger of death or serious physical injury to a person.

We may share non-personal information that is aggregated or de-identified so that it cannot reasonably be used to identify an individual. We may disclose such information publicly and to third parties, for example, in public reports about exercise and activity, to partners under agreement with us, or as part of the community benchmarking information we provide to users of our subscription services.

How do we protect your Personal data?

We make every effort to ensure the security of your personal data.

How do we ensure the respect of children’s privacy? Zen2fit’s Services are made for the general public. Zen2fit does not collect information from children under the age of 18 without the prior consent of their parents or legal guardians.

How do we ensure the quality of your data? We recommend you regularly log on your Zen2fit account and confirm that your personal data are accurate and up-to-date. If you have a doubt on the accuracy of data, please inform us and we will implement means to correct or erase inaccurate data.

What action do we take to protect your personal data? The protection of your privacy and security is crucial in the way we create and supply our Services. We apply our Policy through a selection of appropriate activities such as the proactive management of risks. We take appropriate measures to guarantee online safety, physical safety, and remove risks of data loss. We limit the access to our database to employees that have a justified need to access this information.

How do we use cookies and web beacons? Zen2fit uses cookies, local storage, web beacons, JavaScript, and other technologies, which access or store information on the device, to run and improve our website. We also use such technologies to personalize, measure performance, create user profiles, display personalized advertisements, and measure the effectiveness of marketing campaigns. For more information on the way Zen2fit uses technologies and on their deactivation through your browser’s settings or our consent banner, see our Cookie Policy.

How can I stop marketing emails? You can unsubscribe from marketing and ask that we stop processing your data for marketing means. We will still be able to send you security critical alerts.

What are your rights? You have a right of access, rectification and erasure or restriction of processing on each of your personal data. Also, you have the right to withdraw your given consent and to object to specific processing. 

Right to object. You have the right to object processing on grounds relating to your particular situation. Zen2fit no longer processes the data unless Zen2fit demonstrates compelling legitimate grounds for the processing. If Zen2fit processes data for direct marketing purposes, e.g. marketing emails, you have the right to object to such processing at any time.

Right to withdraw your consent. You have the right to withdraw your given consent at any time. Then, we do not process your data based on your consent anymore. Your withdrawal does not affect the lawfulness of processing based on consent before your withdrawal. Your consent for the processing of technical and behavior data, which you give in our consent banner, you can withdraw easily in this banner.

Where can I enforce my rights? If you wish to exercise your rights or object to a processing operation carried out by Zen2fit, the requests must be sent to support@zen2fit.com with proof of identity. 

Modification of the present Policy. Zen2fit may modify the present Policy. If the present Policy had to be largely modified, Zen2fit would publish a notice on this page or send an email to its users. 

International operations and data transfer. We operate internationally and transfer information to the United States and other countries for the purposes described in this policy. Please note that the countries where we operate may have privacy and data protection laws that differ from, and are potentially less protective than, the laws of your country. For a list of the locations where we have offices, please contact us.

How long do we keep your personal data?

In order for you to use our Services, your data is stored until you request its deletion. For your information, account deletion will result in the deletion of your data.

If you wish to delete your data and your account, on the mobile application, navigate to the Profile tab -> Settings -> Account -> Delete my account or, contact customer support (support@zen2fit.com).

In the event of a deletion request, all your data will be permanently deleted within 30 days of your request.

However, if you have deleted your account and wish to use our Services again, simply create a new account.

If you use your Fitbit devices and services with a Google Account, then your data will be handled as described in the Google Privacy Policy

We will notify you before we make material changes to this policy and give you an opportunity to review the revised policy before deciding if you would like to continue to use the Services.

If you have questions about this policy, or need help exercising your privacy rights, please contact our Data Protection Officer at support@zen2fit.com

We are proud of the trust that you share with us. 

Last modified date: September 2024