Privacy Policy

For the “Intermittent Fasting” Product and myfastjourney.com

This Privacy Policy explains what personal data we collect when you use our mobile applications, websites, and related services (collectively referred to as the “App” or “Service”) associated with the Intermittent Fasting product and the website myfastjourney.com, and how we use and process that data. It also outlines your choices and rights regarding your personal information.

By using the Service, you confirm that:

You have read, understood, and agreed to this Privacy Policy, including the data processing activities described here; and

You are at least 18 years old.

If you do not agree to this Privacy Policy or cannot make the above confirmations, you must not use the Service. In that case:

Delete your account and contact us to request deletion of your personal data.

Cancel any active subscriptions via Apple, Google Play, or your app store. If you purchased directly from our website, you may cancel through your account settings or by contacting us.

Remove the App from your device(s).

Note: Translations of this Privacy Policy may be provided for convenience. In the event of differences between the English version (available on myfastjourney.com) and any translated version, the English version will prevail and be the only legally binding text.

1. Categories of personal data we collect

We collect personal data from the following sources:

(i) information you provide directly to us (for example, when setting fasting goals, completing onboarding, or answering quiz questions);

(ii) information received from third parties (such as Apple or Google integrations);

(iii) information automatically collected when you use our app or website.

1.1 Data You Provide Directly

Identifiers

When you register for our Service, make purchases, opt into communications, or contact our support team, you provide basic identification and contact information including your name, email address, and other contact details. We utilize these identifiers for account management, service-related communications, and customer support interactions.

Onboarding & Personalized Fasting / Wellness Data

As part of onboarding or using the Service, you may provide information such as age, sex, weight, height, lifestyle, fasting goals (e.g., weight management, metabolic health), daily routine, eating schedule, and preferred fasting style. We use this data to personalize your fasting plans, guidance, and recommendations, creating a more tailored and effective wellness experience.

Progress Tracking

You may enter or sync details manually or through integrations—like completed fasting windows, eating windows, weight changes, body measurements, or progress notes. This helps us adapt your plan dynamically and track your progress.

Wellness & Special Category Data

Some data, like menstrual cycle information, specific medical conditions related to your fasting (e.g., diabetes management considerations, medication timing), may be considered sensitive under privacy laws. We’ll always request your explicit consent before processing this type of data.

Store Orders

If we offer and you order any additional products or services via our website, we collect the necessary information to fulfill your order and provide access or delivery (as applicable).

Commercial Information

Payment details are processed via secure third-party providers. We do not store your full payment card information, but we may receive limited details such as transaction amount, masked card digits, and payment method.

Customer Communication & Feedback

You may also choose to share certain personal information with us when you contact us through our “Contact Us” or “Support” forms, or by emailing us directly (including via our communication service providers, as described in Section 3). This may include any details or comments you provide when submitting your inquiry.

1.2 Data from Third Parties

Apple ID Sign-In

When you sign in with Apple to register an account in the App, we get personal data from your Apple ID account. This data may include, in particular, your name and verified email address. You may choose to share your real email address or an anonymous one that uses the private email relay service. Apple will show you their detailed privacy information on the sign in with Apple screen. Find more about Sign in with Apple here:

https://support.apple.com/en-ng/HT208650

Facebook Sign-In

When you decide to log in using Facebook, we get personal data from your Facebook account. This includes your name and Facebook ID. Unless you opt out on the Facebook Login screen, we will also collect your email address.

For more information, please refer to the Facebook Permissions Reference and the Facebook Data policy. In addition, Facebook lets you control the choices you made when connecting your Facebook profile to a website on their Apps and Websites page.

Google Sign-In

When you decide to log in using Google, we receive personal data from your Google Account: name, email address, profile picture associated with your Google Account. You can revoke access provided to us on the Apps Permissions page. To know more about how Google processes your data, visit its Privacy Policy.

Apple HealthKit

With your permission, we may read or write health and fitness data from/to Apple HealthKit. This may include step count, distance, calories burned, weight, or workouts. This integration helps ensure continuity across your wellness tracking tools and devices. You can control this access at any time from your device settings. The pieces of data covered by Apple HealthKit scope will be indicated to you by Apple on its native pop-up screens, which we do not control.

For more information on the Apple HealthKit, please see http://www.apple.com/ios/health/.

1.3 Data We Collect Automatically

App Activity Data

We monitor how you use the app—such as your fasting completion rate, time spent in guidance or educational sections, opened notifications, quiz or assessment responses, and engagement with any tips or content. This allows us to dynamically adjust your program, suggest reminders, or recommend challenges.

Device & Integration Data

Where available and with your consent, we may receive data such as step count, heart rate, sleep duration, or activity levels from connected devices or services. This enables more personalized fasting recommendations. We’ll request your consent before syncing device data.

Device and Location Data

We may collect information such as IP address, time zone, device model, operating system, internet provider, and (with your consent) location—for example, to support features such as localized content or time zone–based reminders.

Advertising Identifiers

We collect your Apple Identifier for Advertising (“IDFA”) or Google Advertising ID (“AAID”) (depending on the operating system of your device). You can typically reset these numbers through the settings of your device’s operating system (but we do not control this).

Cookies and Similar Technologies

Our products employ technologies (cookies, SDKs, etc.) to process your data to enhance your user experience, optimize ads, and analyze traffic. These technologies are activated when you interact with our services, visit our website, use our apps, or enable certain features like chats. Disabling these technologies may affect the functionality of certain features, although our products will remain usable.

• Strictly Necessary – Required for core features like loading content, syncing progress, and enabling secure login. By utilizing them, we can (i) remember your preferences as you navigate our products, (ii) ensure swift loading of the content you request, (iii) enhance the security of our products, and (iv) enable other functionalities of our products.
• Functional – Help remember your preferences, language, or active goals. Additionally, they provide you with a more consistent user experience by remembering your settings, keeping you logged in for extended periods, or saving your selections.
• Performance – Count visits and identify traffic sources, analyze how users interact with the app and website, e.g., which features are most popular or where users tend to drop off. Some of these cookies are used strictly for audience measurement and A/B testing and may be exempt from consent under applicable privacy regulations. These cookies are configured to meet strict conditions that limit data collection, ensure user privacy, and prevent cross-site tracking.
• Targeting – Allow us and our partners to show you wellness- and fasting-related ads that may interest you. If these technologies are enabled and you interact with our website or app, you might see ads for our products in your social media feeds. Additionally, they help us measure the effectiveness of advertising campaigns and make advertising more relevant to you.

You can manage your preferences for cookies and tracking in your app or browser settings. Refusing non-essential trackers may reduce personalization but won’t affect basic functionality.

1.4 On-device Data Collection

Certain advanced features of our Service utilize your device's local processing capabilities to enhance functionality and protect your privacy. In these instances, specific data may be stored and processed exclusively on your device, without being transmitted to or accessed by our servers.

For example, if we provide food or meal recognition features, they may use on-device machine learning to analyze images without sending the actual images to our servers. This provides you with the convenience of automated tracking while maintaining enhanced privacy for your personal images.

1.5 Payment Processing and Financial Data

When processing payments through our Services, you provide payment information directly to our authorized third-party payment processors. We do not collect, store, or have access to your complete payment card numbers. However, we may receive limited payment-related information including tokenized payment method identifiers, partial card details such as the last four digits, transaction records with purchase amounts, dates and times, payment method type, and service subscription details. This limited financial information enables us to manage your account, process refunds when appropriate, and maintain necessary transaction records for legal and accounting purposes.

1.6 Aggregated and De-Identified Data

We may aggregate, anonymize, or de-identify your personal data to ensure it cannot reasonably be used to identify you individually. This processed data may be:

• shared with research institutions for academic studies,
• used for statistical analysis and trend identification,
• published in articles, research papers, or industry reports, and
• utilized to improve our Service and develop new features.

For example, we may analyze aggregated wellness metrics, demographic patterns, or fasting trends across our user base to identify common patterns, which helps us enhance our Service offerings and contribute to broader health research initiatives. Such aggregated data no longer constitutes personal information under applicable privacy laws.

2. Purposes and Legal Bases for Processing Your Personal Data

We collect and process your data primarily to: (i) deliver our fasting and wellness services; (ii) enhance service quality through continuous improvement; and (iii) expand our customer base. Below is a comprehensive breakdown of our data processing activities with specific examples.

Important Notice Regarding Sensitive Data:

Certain information we collect during onboarding and through product usage may constitute "special category personal data" or "sensitive personal data" under applicable data protection laws. This includes health-related information (e.g., medical conditions, metrics, or other data relevant to fasting safety and effectiveness). For such sensitive data:

• We will obtain your consent before processing where required by applicable local laws;
• In jurisdictions where consent is mandated by law for sensitive data, and where such data is essential for core service functionality (e.g., personalized fasting guidance, risk flagging), our ability to provide services may be contingent upon processing this data;
• Where consent is the legal basis for processing, you maintain the right to withdraw consent at any time, though this may impact service availability;
• In jurisdictions where alternative legal bases are permitted for processing sensitive data, we may rely on such bases as appropriate.

The App relies on your health-related data to deliver its primary functionality. Should you withdraw your consent to the processing of such data, continued access to the App may not be feasible, and we will assist you in deleting your account accordingly.

Summary Table

PurposeWhat This Means For YouData Categories UsedLawful basisProviding Our Service & Managing Your AccountWe use your data to create your personalized experience, including: • Creating fasting and wellness plans tailored to your specific needs • Addressing technical issues and support requests promptly • Sending essential notifications about account security, payments, and policy updates• All categories• Contract Performance • Consent (for sensitive health data, where required by applicable law)Service-Related CommunicationsWe communicate with you, for example, by push notifications or by emails. These may include reminders or other information about the Service, such as fasting window reminders or feature updates. To opt out of push notifications, change settings on your device. To opt out of emails, click the unsubscribe link in any email.• All categories• Contract Performance • Legitimate Interest (for non-essential communications that support your goals) – our legitimate interest is to encourage consistent, healthy use of the Service aligned with your goals.Processing Your TransactionsWe provide paid products and/or services within the Service. We use third-party services for payment processing. When you make purchases, we process your data to: • Complete your orders securely • Provide confirmation receipts and records • Handle any returns or billing questions. We never store your complete payment card details on our servers.• Identifiers • Commercial information • Device data • Location data • Purchase records• Contract PerformanceService Improvement & AnalysisWe analyze usage patterns to: • Identify which features are most valuable • Discover opportunities for new or improved fasting guidance • Test and refine our service based on real usage• All categories• Legitimate Interest • Consent (when analysis involves sensitive health data, where required) – our legitimate interest is to improve the Service based on actual user behavior to provide a better experience.Marketing CommunicationsWith appropriate legal basis, we'll send you: • Information about special offers and new features • Wellness tips and motivational content. Each marketing email includes an unsubscribe option.• IdentifiersDepending on applicable law: • Consent • Legitimate Interest – our legitimate interest is to promote our Service in a measured and appropriate way, especially where we have an existing relationship with you.Ad PersonalizationTo make advertising more relevant, we may: • Show you ads related to fasting goals similar to yours • Present offers when they’re most relevant to your journey (e.g., after a quiz or challenge). You may see our ads in your social media feed if you’ve used our Service.• Onboarding & wellness data • Device and Location Data • Advertising identifiers • CookiesDepending on applicable law: • Consent • Legitimate Interest – our interest is to promote our Service in a reasonably targeted way, showing content likely to be relevant to your interests.Ad Performance MeasurementWe verify our advertising effectiveness by: • Measuring impression accuracy • Ensuring proper ad placement and quality • Confirming compliance with industry standards.• Identifiers • Device and Location Data • Advertising identifiers • CookiesDepending on applicable law: • Consent • Legitimate Interest – our interest is to ensure accuracy and quality of our advertising campaigns and maintain transparent business practices.Enforcing Terms & Preventing FraudWe protect our service and users by: • Detecting unauthorized access attempts • Identifying potentially fraudulent activities • Preserving information needed in legal proceedings.• All categories• Legitimate Interest – including enforcing our legal rights, preventing and addressing fraud or unauthorized use, and ensuring a secure Service.Compliance with Legal ObligationsWe use data as required by law for: • Tax reporting and financial record-keeping • Data protection compliance • Responding to valid legal requests • Maintaining legally required records.• All categories• Legal ObligationResponding to Payment Disputes & Defending Our Legal RightsWe process relevant transactional and usage data to manage payment disputes, including chargebacks and refund requests. This includes: • Documenting the contractual relationship • Recording your Service interactions to verify service delivery • Maintaining audit trails of user actions • Collecting device information and access patterns to prevent fraud.• All categories (particularly commercial information, service usage data, device information)• Legitimate Interest (protecting our business from fraudulent claims) • Contractual Necessity • Legal Obligation (meeting payment processor requirements)

3. With whom we share your personal data

In some situations, we engage other companies to process your personal data on our behalf. We refer to these companies or service providers as "processors."

Processors are companies that help us run the Services, support our communication with you, or perform other Service-related activities. They process certain personal data on our behalf to accomplish the goals related to the App functions and deliver the Services. We remain responsible for any acts or omissions of our processors, and we enter into data processing contracts with them to the extent required by applicable law.

This cooperation may involve processing your data through their software development kits (SDKs), application programming interfaces (APIs), cookies, or similar technologies. Your information may be transferred to and processed on their servers as necessary to fulfill their contracted responsibilities.

1. Third-party service providers

We process your personal information through the following categories of service providers (and in some instances, their authorized subprocessors):

a. Cloud storage providers

We utilize Amazon Web Services (AWS) as our primary hosting and cloud infrastructure service. You may read more on Amazon’s security practices on its website: https://aws.amazon.com/compliance/data-privacy-faq/

b. App performance and monitoring service providers

We use Firebase Performance Monitoring and Firebase Crash Reporting, monitoring services provided by Google. To learn more, please visit Google’s Privacy policy and Privacy and Security in Firebase.

We use Sentry, a specialized error monitoring platform provided by Functional Software Inc. This service helps us detect, diagnose, and resolve technical issues that may occur within our application. When the app encounters an unexpected error or crash, Sentry collects necessary diagnostic information including device specifications, application version, and technical error details. Sentry processes this technical data in accordance with our data processing agreement and privacy requirements.

d. Data analytics providers

To evaluate marketing effectiveness and understand user acquisition channels, we may utilize AppsFlyer, a mobile attribution and analytics platform. AppsFlyer helps us identify which marketing sources led you to discover our application. Appsflyer allows you to Opt Out. You can read more in its Privacy Policy.

We may also use Amplitude, an advanced behavioral analytics platform that helps us understand user engagement patterns within our Service. More information: Amplitude Privacy Policy.

We also use Firebase Analytics, an analytics service provided by Google. See Google’s partner policy and Firebase privacy documentation for details:

https://policies.google.com/technologies/partner-sites

https://firebase.google.com/support/privacy

To analyse how visitors use our Service and to measure effectiveness of some ads we may use Google Analytics, a web analysis program of Google. Google Analytics places cookies on your device. Google provides an opt-out browser plug-in here: https://tools.google.com/dlpage/gaoptout/ and describes data usage here: https://policies.google.com/technologies/partner-sites

We may use Tableau for interactive data visualization and business intelligence. See: https://www.tableau.com/privacy

We may also use Hotjar, a behavior analytics tool that analyses Service use via heatmaps, session recordings, and surveys. Privacy Policy: https://www.hotjar.com/legal/policies/privacy/

Another behavior analytics tool we may use is Amplitude Session Replay, which helps us analyze usage sessions; identifying where users struggle so we can improve the experience. Amplitude does not record usernames, names, profile images, email addresses, profile locations or bios, or passwords.

To track and analyze behavior of our App’s users (in particular, how they react to changes of the App structure, text or any other component), we may use Firebase Remote Config, an A/B testing and configuration service provided by Google.

e. Gateway service providers and payment processing partners

We engage multiple payment processing and gateway service providers to facilitate secure transactions across various banking networks worldwide. Each processor maintains its own terms and privacy policy that may apply to your transactions. All payment partners are contractually required to implement appropriate security measures and process your payment information solely for authorized transaction purposes.

f. Communication services providers

We may use communication platforms (such as in-app messaging tools, email service providers, or survey tools) to provide support, send notifications, and collect feedback. These providers process necessary identification and communication data to facilitate these services, in accordance with data processing agreements and applicable privacy laws.

g. Marketing service providers

We may use:

• Meta Pixel and other Meta tools to measure ad performance and build audiences (Meta’s data policy: https://www.facebook.com/policy.php).
• Meta Ads Manager and Custom Audiences tools to create audience segments (learn how to opt out here: https://www.facebook.com/business/help/610516375684216).
• Various Google marketing services (Google Ads, DoubleClick, Google Audiences) to deliver targeted advertising and measure conversions. You can manage ad settings at https://adssettings.google.com/ and read Google’s privacy policy at https://policies.google.com/privacy.
• Other ad platforms (such as Snapchat or similar) to measure ad performance and deliver interest-based ads, each with its own opt-out and privacy controls as documented in their respective privacy policies.

2. Law enforcement agencies and other public authorities

We may use and disclose personal data to enforce our Terms and Conditions of Use, to protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others, and to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, or in other cases provided for by law.

3. Third parties as part of a merger or acquisition

As we develop our business, we may buy or sell assets or business offerings. Customers’ information is generally one of the transferred business assets in these types of transactions. We may also share such information with any affiliated entity (e.g. parent company or subsidiary) and may transfer such information in the course of a corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

4. Affiliates

We may share your personal information with our partner organizations that are part of our corporate group – these are companies that are owned by, own, or are jointly-owned with us. These partner organizations will use the information in ways that align with this Privacy Policy.

4. How you can exercise your privacy rights

To be in control of your personal data, you have the following rights (subject to applicable law):

• Accessing / reviewing / updating / correcting your personal data
• You can request a copy of your data or update it where features are available in the App or by contacting us.
• Deleting your personal data
• You may request deletion of your personal data. We will make reasonable efforts to comply within legal timeframes. Some data may be retained when required by law (for example, transaction records).
• Objecting to or restricting the use of your personal data
• You can ask us to stop or limit certain processing.
• Email marketing: unsubscribe via the link in any marketing email or contact support.
• E-privacy settings: we provide privacy settings where available so you can influence tracking and personalized advertising choices.
• Additional means to influence personalized advertising
• iOS: go to Settings → Privacy → Advertising and adjust your preferences.
• Android: open the Google Settings app, tap Ads and enable “Opt out of interest-based ads”.
• To learn even more about advertising choices, visit (as applicable to your region):
• http://optout.networkadvertising.org/
• http://optout.aboutads.info/
• http://youradchoices.ca/choices
• http://www.youronlinechoices.com/
• http://www.aboutads.info/appchoices
• The right to lodge a complaint with a supervisory authority
• You may always file a complaint with the appropriate data protection supervisory authority in your jurisdiction.
• The right to data portability
• You can request a copy of your personal data in a structured, commonly used, machine-readable format, where applicable.

Exercising Your Rights

To exercise any of your privacy rights described above, please submit a request to:

support@myfastjourney.com

We are committed to responding to all legitimate requests in accordance with applicable privacy laws and will process your request as promptly as possible.

Identity Verification

To protect your information, we must verify your identity when you exercise your privacy rights. Depending on your request, we may ask for basic account information such as your email address, subscription date, or recent activity details.

Authorized Agent

You may designate, in writing or through a power of attorney, an authorized agent to exercise these rights on your behalf. Before accepting such a request from an agent, we may require proof that you have authorized them, and may still need you to verify your identity directly.

5. U.S. States Privacy Notice

Applicability

If you reside in a U.S. state that has enacted consumer privacy laws, this section applies to you. This U.S. States Privacy Notice (“Notice”) supplements this Privacy Policy and provides disclosures required by laws in states such as California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia.

This Notice applies to the collection, use, and sharing of your Personal Information through our websites, mobile applications, and other online or offline services (collectively, the “Services”).

For California residents, this also serves as our California Notice at Collection.

“Personal Information” here generally refers to information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

5.1 Categories of Personal Information We Collect

The categories of Personal Information we collect and the purposes for which we use them are described in Section 1 and Section 2 of this Privacy Policy.

We may also process de-identified data, ensuring it cannot reasonably be linked back to you. We commit to maintaining and using de-identified data responsibly and will not attempt to re-identify such data unless required to validate our de-identification measures.

5.2 What Personal Information We Share

Certain state privacy laws require us to disclose the categories of Personal Information that we have shared with third parties for business purposes over the past 12 months. During this period, we may have disclosed all categories of Personal Information outlined in Section 2 for business purposes—for example, sharing IP addresses and device identifiers with service providers that assist us with crash monitoring and reporting.

We do not sell Personal Information for monetary compensation. However, when you visit our websites, we and our advertising partners may collect device data and behavioral insights through cookies, pixels, and similar tracking technologies, which could be interpreted as a “sale” or “sharing” under state laws, even if no money is exchanged.

We do not knowingly engage in sales, sharing, or targeted advertising using the personal information of individuals under 18.

5.3 Your Rights

If you reside in a state with applicable consumer privacy laws, you may have the following rights:

• Right to Data Portability/Access
• Right to Know
• Right to Deletion
• Right to Opt-Out of Sales, Sharing, and Targeted Advertising
• Right to Limit the Use of Sensitive Personal Information (if applicable)
• Right to Withdraw Consent (where processing is based on consent)
• Right to Correct (Rectification)
• Right to Appeal

We will strive to provide a “Your Privacy Choices” link or similar mechanism in the App or on our website to help you exercise certain rights easily, including opting out of certain tracking and targeted advertising.

How to Exercise Your Rights (U.S. States)

To exercise any available privacy rights, please send a request to:

support@myfastjourney.com

Verification and authorized agent procedures are similar to those outlined in Section 4 above.

Non-Discrimination. You have the right to exercise your privacy rights without fear of discrimination or retaliation. However, we may provide different levels of service or pricing based on the value of your personal information, as permitted by applicable law.

California “Shine the Light” Law

California residents have the right to request, once per year, a list of third parties to whom we have disclosed their personal information for direct marketing purposes in the prior calendar year. To obtain this information from us, please send an email to support@myfastjourney.com with “Request for California Shine the Light Privacy Information” in the subject line and your state of residence and email address in the body of your message.

5.4 Data Retention

We retain the categories of personal information listed above as reasonably necessary to fulfill the purposes outlined in this notice, unless a longer retention period is required or permitted by law (for example, to comply with tax or accounting rules, resolve disputes, or enforce our agreements).

6. Age Limitations

We do not knowingly process personal data from persons under 18 years of age. If you learn that anyone younger than 18 has provided us with personal data, please contact us at support@myfastjourney.com.

7. International Data Transfers

We may transfer personal data to countries other than the country in which the data was originally collected in order to provide the Service and for purposes indicated in this Privacy Policy. If these countries do not have the same data protection laws as the country in which you initially provided the information, we deploy appropriate safeguards, such as standard data protection clauses adopted by relevant authorities.

8. Changes to this Privacy Policy

We may modify this Privacy Policy from time to time. If we decide to make material changes to this Privacy Policy, you will be notified through our Service or by other available means and will have an opportunity to review the revised Privacy Policy. By continuing to access or use the Service after those changes become effective, you acknowledge the revised Privacy Policy.

9. Data retention

We will store your personal data for as long as it is reasonably necessary for achieving the purposes set forth in this Privacy Policy and the Terms and Conditions of Use (including providing the Service to you), which includes (but is not limited to) the period during which you have an account with the Service.

We will also retain and use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. For example, under certain accounting and tax laws we may be required to store Commercial Information for long periods of time. Therefore, even if you submit a data deletion request, a small portion of the data that relates to our compliance obligations may be stored even after the request is satisfied.

10. Personal data controller

The controller of your personal data is:

myfastjourney.com (operator of the Intermittent Fasting Service and myfastjourney.com),

with registered address at [insert full legal address here].

(“we”, “us”, “our” in this Privacy Policy).

11. Contact us

You may contact us at any time for details regarding this Privacy Policy, its previous versions, or our information practices.

For any questions concerning your account or your personal data please contact us at:

support@myfastjourney.com

Important: This text is a general informational template and does not constitute legal advice. Before publishing, you should have it reviewed and adapted by a qualified lawyer in your jurisdiction.