Privacy Policy

Last updated: March 30, 2026

Zero Deficit LLC

This Privacy Policy describes how Zero Deficit LLC ("Company", "we", "us", "our") collects, uses, and protects your personal information when you use the Apex Fitness application ("App").

1. Information We Collect

We collect the following types of information when you use Apex Fitness:

Personal Information: Email address, display name, and authentication credentials (password hash, Google ID, Apple ID).
Health & Fitness Data: Age, sex, height, weight, body fat estimates, workout logs, cardio logs, recovery metrics, food diary entries, and biometric calculations (BMR, TDEE, macro targets).
Payment Information: Subscription tier, billing cycle, and payment identifiers. We do NOT store credit card numbers, CVV codes, or bank account details. All payment processing is handled by third-party processors:
- Stripe, Inc. (web purchases) — We store only your Stripe customer ID
- Apple In-App Purchase (iOS) — We store only transaction IDs for verification
Usage Data: App interaction data, feature usage patterns, push notification preferences, and performance metrics.

2. How We Use Your Information

To provide personalized fitness and nutrition tracking
To calculate your BMR, TDEE, and macro targets using the Mifflin-St Jeor equation
To track progressive overload and workout performance
To generate AI-powered workout modifications and meal plans
To process subscription payments via Stripe
To send transactional and notification emails via Resend
To improve app functionality and user experience

3. Data Storage & Security

Your data is stored securely using industry-standard encryption. We use MongoDB with encrypted connections for data persistence. All API communications use HTTPS/TLS. Passwords are hashed using bcrypt and are never stored in plaintext.

4. Third-Party Services

We integrate with the following third-party services:

Stripe, Inc.: Processes web subscription payments ($9.99–$199.99 depending on plan). Subject to Stripe's Privacy Policy. We store only your Stripe customer ID.
Apple In-App Purchase: Processes iOS subscription payments. Subject to Apple's Privacy Policy. We store only transaction IDs for verification.
OpenAI: Powers AI workout editor and meal plan generation. Workout data is sent for processing but is not retained by OpenAI for training.
Resend: Delivers transactional and notification emails. Subject to Resend's Privacy Policy.
OpenFoodFacts: Provides nutritional information for food logging. No personal data is shared.
Google OAuth: If you choose to sign in with Google, we receive your email and profile name only.
Apple Sign In: If you choose to sign in with Apple, we receive your email (or relay email) and name only.

5. Data Retention

We retain your data for as long as your account is active. Upon account deletion, all personal data is permanently removed within 30 days. You may request deletion of all your data at any time through Settings > Danger Zone.

6. Your Rights

Access your personal data (Settings > Export My Data)
Request data correction (Settings > Edit Profile)
Request data deletion (Settings > Delete Account or Delete My Data)
Export your data in machine-readable format (JSON)
Opt out of push notifications
Opt out of non-essential data processing

7. Children's Privacy

Apex Fitness is not intended for users under 16 years of age. We do not knowingly collect data from minors.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or via email.

9. Contact Us

For privacy-related inquiries, contact Zero Deficit LLC at: privacy@apexfitness.ai