Privacy Policy

FitOps Pro LLC — Effective June 5, 2026

FitOps Pro LLC ("FitOps Pro," "we," "us," "our") provides a customer-relationship and client-management platform for fitness coaches and studios. This Privacy Policy explains what information we collect, why we collect it, who we share it with, how long we keep it, and the choices and rights you have — including specific rights under the EU and UK General Data Protection Regulation ("GDPR") and the California Consumer Privacy Act, as amended by the CPRA ("CCPA"). It covers our use of the Meta / Instagram Platform and of health-related data in particular.

1. Who this policy is for, and our role

This policy applies to coaches and businesses who use FitOps Pro ("Customers"); the people those Customers communicate with through Instagram and other channels ("Leads"); and the coaching clients whose fitness and health information is managed in the platform ("Clients").

Controller vs. processor. For information about a coach's Clients and Leads, the coach (or their business) decides why and how it is processed — they are the "controller" under the GDPR and the "business" under the CCPA, and FitOps Pro acts as their "processor" / "service provider," handling that information on the coach's documented instructions to operate the platform. For a coach's own account, billing, and usage information, FitOps Pro is the controller. If you are a Client or Lead, this policy describes our practices, but your coach's own privacy notice also governs how they use your information; you can contact your coach to exercise rights over data they control, or contact us at [email protected] and we will route your request appropriately.

2. Information we collect

We collect this information directly from you, from the coach who manages your Client or Lead record, and from the integrations you choose to connect (such as Apple Health / Health Connect, Instagram via Meta, and our payment processors).

California notice — categories collected. In CCPA terms, the above corresponds to: identifiers; customer-records information (including financial and medical information); commercial information; internet/network activity; audio and visual information (check-in photos and videos, voice recordings); professional/employment information; sensitive personal information (see Section 5); and inferences (such as AI-derived lead scores). We collect these for the business purposes described in Section 3.

3. How we use information, and our legal bases

If you are in the European Economic Area or the United Kingdom, our legal bases under the GDPR are:

4. AI-assisted features

We use AI to analyze conversation content (for example, to extract answers to your qualifying questions and score how engaged a lead is), to turn free-text meal descriptions into nutrition data, to transcribe voice messages and check-in videos, and to generate coaching suggestions. This is done only to power features you use. The content we send to our AI providers (Section 6) is processed solely to provide these features and is not used to train their models.

Automated decisions. AI-derived lead scores and coaching suggestions assist your coach; they do not, by themselves, make decisions that produce legal or similarly significant effects about you. A human coach reviews and acts on them. You can contact us about any such feature.

5. Health & sensitive data

Because FitOps Pro is a coaching platform, it can hold health- and fitness-related information about Clients — such as body weight and measurements, progress photos, activity and sleep data, and anything entered in a coach's check-in or onboarding forms. This is "special-category" data under the GDPR and "sensitive personal information" under the CCPA, and we process it only with the appropriate consent and only to provide the service.

6. How information is shared

We do not sell your information. We share it only with the service providers that operate the platform, under contract and only as needed to deliver the service:

We may also disclose information if required by law or to protect the rights and safety of our users.

7. We do not sell or share your information; cookies

We do not "sell" personal information, and we do not "share" it for cross-context behavioral advertising, as those terms are defined by the CCPA — for money or for any other value. We do not use Instagram data or health data for advertising. Because we do not sell or share personal information (including that of any minor), no "Do Not Sell or Share My Personal Information" action is required, but you may still contact us with any request.

Cookies. We use only the essential cookies needed to log you in and keep your session secure. We do not use third-party advertising or analytics cookies or trackers.

8. International data transfers

We and our service providers operate primarily in the United States. If you access the service from outside the U.S., your information may be transferred to and processed in the U.S. and other countries where we or our providers operate. For transfers from the European Economic Area, the United Kingdom, or Switzerland, we rely on appropriate safeguards — including the EU-U.S. Data Privacy Framework (and its UK Extension and the Swiss-U.S. DPF) where applicable, and/or the European Commission's Standard Contractual Clauses and the UK International Data Transfer Agreement / Addendum. A copy of the relevant safeguards is available on request.

9. Data retention

We keep information for as long as the relevant account is active or as needed to provide the service and meet legal obligations, and then delete or de-identify it. In particular:

When an account or its data is deleted, we remove the associated records as described below.

10. Your privacy rights & how to delete your data

Deleting your Instagram-connected data

You can disconnect Instagram at any time inside FitOps Pro — this stops further access, and your existing conversations are kept until you delete them. You can also remove the FitOps Pro app from your Instagram settings (Settings → Apps and Websites); removing the app automatically deletes the Instagram-derived data we hold for that account — the connected-account record, lead conversations, and messages.

To request deletion of your account or other data, email [email protected] or visit our data deletion page. If you are a Client of a coach, you can also ask your coach, who can remove your data. We verify and process requests and confirm completion.

If you are in the EEA or UK (GDPR)

You may request to access, correct, delete, restrict, or export your personal data, object to certain processing, and withdraw consent at any time. You also have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects. We will respond within one month, which may be extended by up to two further months for complex or numerous requests, in which case we will let you know. You may also lodge a complaint with your local supervisory authority (in the UK, the Information Commissioner's Office). Where we are required to designate a representative under Article 27, we will do so and provide their contact details on request.

If you are a California resident (CCPA/CPRA)

You have the right to: know and access the personal information we collect and the categories of sources and recipients; delete it; correct inaccurate information; opt out of the sale or sharing of personal information (we do not sell or share — see Section 7); limit the use of your sensitive personal information; and not be discriminated against for exercising these rights. We use sensitive personal information (such as health information and the contents of your messages) only to provide the services you and your coach use and for the purposes described in this policy.

To exercise these rights, email [email protected] or use our data deletion page. You may use an authorized agent to submit a request on your behalf, with your written permission; we may verify your identity directly. We will acknowledge your request within 10 business days and respond within 45 calendar days, which may be extended by another 45 days with notice where reasonably necessary.

11. Security

We use industry-standard safeguards — encryption in transit and at rest, access controls, and signed, verified webhooks — to protect your information. No method of transmission or storage is 100% secure, but we work to protect your data and review our practices regularly.

12. Children's & minors' privacy

FitOps Pro is a business tool and is not directed to children under 13, and we do not knowingly collect data from children under 13. Coaches who work with minors are responsible for obtaining any required parental or guardian consent before adding a minor Client's information to the platform. We do not sell or share personal information, including the personal information of minors.

13. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by updating the effective date above.

14. Contact

Questions about this policy or your data, or to exercise any of your rights: FitOps Pro LLC, [email protected].


© 2026 FitOps Pro LLC. All rights reserved.