Privacy Policy

Last updated: April 5, 2026

1. Introduction

This Privacy Policy explains how PG Meta Studios ("we," "us," "our") collects, uses, and protects your information when you use the Gritvit mobile application ("App").

By using Gritvit, you agree to the collection and use of information as described in this policy.

2. Information We Collect

2.1 Information You Provide

  • Account information: Email address, password
  • Profile information: Name, date of birth, gender, bio, photos, height, weight
  • Preferences: Age range, distance, sports, training frequency, fitness goals
  • Messages: Text messages exchanged with connected athletes
  • Reports: When you report or block another user

2.2 Health and Fitness Data

With your explicit permission, we read the following data from Apple Health (iOS) or Health Connect (Android):

  • Step count
  • Workout sessions (type, duration)
  • Active energy burned (calories)
  • Heart rate and resting heart rate
  • Walking/running distance

This data is used solely to calculate your Fitness Score and Trust Level. We do not access health data without your permission, and you can revoke access at any time through your device settings.

2.3 Information Collected Automatically

  • Location: GPS coordinates (when in use only) to show nearby athletes. Your location is stored as an approximate geohash, not a precise address.
  • Device information: Device type, operating system version, app version
  • FCM token: A device token for delivering push notifications

3. How We Use Your Information

We use your information to:

  • Create and manage your account
  • Calculate your Fitness Score and Trust Level
  • Show you compatible athletes based on your fitness level and preferences
  • Enable messaging between connected athletes
  • Send push notifications (connection alerts, messages, inactivity reminders)
  • Display leaderboard rankings
  • Generate AI-powered training recommendations
  • Detect and prevent fraud, abuse, and policy violations
  • Improve the App

4. How We Share Your Information

We do not sell, license, or share your personal data or health data for any purpose other than operating the Gritvit App. Your data is never used for advertising, marketing, analytics, data brokering, or any third-party purpose.

We share information only in these limited circumstances:

  • With other athletes: Your profile (name, age, photos, bio, sports, Fitness Score, Trust Level) is visible to other verified athletes as part of the community features.
  • Service providers: We use the following third-party services:
    • Firebase (Google): Authentication, database, cloud functions, push notifications, file storage
    • RevenueCat: Subscription management (receives your anonymous user ID only)
    • OpenAI: AI training recommendations (receives anonymized fitness metrics only, never personal identity)
  • Legal requirements: We may disclose information if required by law, legal process, or government request.

5. Health Data Protection

Your health data receives special protection:

  • Health data is never sold or shared with third parties
  • Health data is never used for advertising
  • Raw health records are processed on your device; only aggregated scores are stored on our servers
  • You can delete all health-derived data by deleting your account

6. Data Storage and Security

Your data is stored in Google Firebase (Cloud Firestore) with the following protections:

  • All data is encrypted in transit (TLS) and at rest
  • Firestore security rules restrict data access to authorized users only
  • Authentication is required for all data operations
  • Passwords are managed by Firebase Authentication and never stored by us in plain text

7. Data Retention

  • Active accounts: Your data is retained as long as your account is active.
  • Deleted accounts: When you delete your account, all your data (profile, messages, connections, fitness data) is permanently deleted from our systems. This cannot be undone.
  • Reports: Reports filed against other users may be retained for safety purposes even after account deletion.

8. Your Rights

You have the right to:

  • Access: View the personal data we hold about you (visible in your profile and settings)
  • Correction: Update your profile information at any time
  • Deletion: Delete your account and all associated data from Settings
  • Withdraw consent: Revoke health data permissions through your device settings
  • Data portability: Request a copy of your data by contacting us

If you are a resident of the European Economic Area (EEA), you have additional rights under GDPR, including the right to lodge a complaint with a data protection authority.

9. Children's Privacy

Gritvit is not intended for anyone under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a user under 18, we will delete their account immediately.

10. Push Notifications

We send push notifications for:

  • New connection requests
  • New messages
  • Inactivity reminders (fitness score decay warnings)

You can disable push notifications in your device settings at any time.

11. Third-Party Links

The App may contain links to third-party services (e.g., Health Connect Play Store listing). We are not responsible for the privacy practices of third-party services.

12. International Data Transfers

Your data is processed and stored on Google Firebase servers. By using the App, you consent to the transfer of your data to servers that may be located outside your country of residence.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App. Continued use after changes constitutes acceptance.

14. Contact

For questions about this Privacy Policy or to exercise your data rights, contact us at:

Email: pgmetastudios@gmail.com

Data Controller: PG Meta Studios, Portugal