Privacy Policy

This Privacy Policy describes how IE NAUMOV ALEXEY DMITRIEVICH (hereinafter — "We", "Administration") collects, uses, stores, and protects the personal data of Cloud Fitness service users.

We take your privacy seriously and comply with:

• Russian Federal Law No. 152-FZ "On Personal Data"

• GDPR (General Data Protection Regulation) for EU users

• Other applicable data protection laws

IE NAUMOV ALEXEY DMITRIEVICH

TIN: 772485982884

OGRNIP: 317774600350740

Email: support@cloudfitness.io

Website: cloudfitness.io

We use collected data for:

• Providing service: creating workout programs, nutrition analysis, progress tracking

• AI Coach operation: personalizing recommendations, generating programs, analyzing food photos

• Quality improvement: training AI models (in anonymized form), optimizing algorithms

• Communication: workout notifications, news, Service changes

• User support: answering questions, solving technical issues

• Security: fraud prevention, protection from unauthorized access

• Analytics: understanding user behavior, improving functionality (in aggregated form)

• Legal compliance: fulfilling legal obligations

• Data is stored on Supabase servers (cloud platform based on PostgreSQL)

• Servers are located in data centers with ISO 27001 certification

• Data encryption is used in transit (SSL/TLS) and at rest (AES-256)

• Photos are stored in secure storage with restricted access

• Daily backups are performed

We do not sell your personal data to third parties.

Data may be shared only with:

• OpenAI (GPT-4): for food photo analysis and recommendation generation (without identifying information)

• Telegram: for authorization and payment processing

• Payment systems: for payment processing (minimum necessary data)

• Government authorities: upon official requests in accordance with law

• Service providers: hosting, analytics (with confidentiality obligations)

In accordance with GDPR and Law 152-FZ, you have the right to:

• Access: request a copy of your data

• Rectification: correct inaccurate data

• Erasure: request deletion of your data ("right to be forgotten")

• Export: receive data in machine-readable format

• Restriction: suspend data processing

• Objection: object to data processing

• Withdrawal of consent: withdraw consent to data processing at any time

To exercise your rights, contact: support@cloudfitness.io

• Active accounts: data is stored while you use the Service

• Deleted accounts: most data is deleted within 30 days

• Backups: may be stored up to 90 days

• Legal requirements: some data (transactions) may be stored longer by law

• Anonymized data: may be used indefinitely for analytics and AI improvement

The Service is intended for persons over 18 years old.

We do not knowingly collect data from children under 18.

If you become aware that a child has provided us with their data, contact us for deletion.

We use cookies and similar technologies to improve Service operation.

For more details about cookie types and management, read our Cookie Policy.

We apply technical and organizational measures to protect data:

• Data encryption in transit and at rest

• Access control (authorized personnel only)

• Regular security monitoring

• Audit and testing of protection systems

• Employee training on privacy rules

However, no system can guarantee 100% security. Use the Service at your own risk.

We may update this Privacy Policy from time to time.

You will be notified of significant changes through the Service or by email.

The date of the last update is indicated at the beginning of the document.

Continued use of the Service after changes means acceptance of the new Policy.