FitJourney is an all-in-one AI-powered fitness tracking app that lets you log workouts, track meals with photo scanning, monitor body measurements, take progress photos, and connect with a supportive fitness community. It includes AI coaching, workout benchmarks, and achievement badges.

How does AI meal tracking work?

Simply take a photo of your meal and our AI instantly estimates calories, macros (protein, carbs, fat), and nutrients. You can also search our food database or scan barcodes for packaged foods.

Is FitJourney free to use?

FitJourney offers a 7-day free trial with full access to all features. After the trial, plans start at $9.99/month. The social features including posting, commenting, and liking are available to all users.

Can I track both cardio and strength workouts?

Yes! FitJourney supports all workout types including strength training with sets, reps, and weight tracking, cardio with distance and pace tracking, HIIT, flexibility, sports, and more. It automatically tracks personal records and calculates training volume.

Does FitJourney have a social community?

Yes! FitJourney includes a full social fitness community where you can share progress photos, post updates, join challenges, follow friends, and participate in group messaging. All social features are free for all users.

FitJourney - Track Your Fitness, Share Your Progress

Name: FitJourney
Price: 9.99 USD
Author: FitJourney

1. Who We Are

FitJourney ("we," "us," or "our") operates the FitJourney fitness tracking and social platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service. By using FitJourney, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account through our OAuth authentication provider, we receive and store your name, email address, and a unique identifier. We also store your chosen username and profile biography.

2.2 Health and Body Data (Special Category Data)

With your explicit consent, we collect health-related data including: body weight, height, body fat percentage, visceral fat, bone density, lean mass, and body measurements (chest, waist, hips, neck, shoulders, biceps, thighs, calves). We also collect dietary information including meals, calorie intake, macronutrient data (protein, carbohydrates, fat), and food photographs. Under the EU General Data Protection Regulation (GDPR), this constitutes "special category data" under Article 9 and is processed only with your explicit consent.

2.3 Fitness Activity Data

We collect workout information including exercise names, sets, repetitions, weights, duration, and calories burned. This data is used to track your fitness progress and provide personalized recommendations.

2.4 Photos and Images

You may upload progress photos (front, back, left side, right side views), meal photos, profile avatars, and cover images. These images are stored securely in cloud storage (Amazon S3) and are subject to automated content moderation screening.

2.5 Social and Communication Data

If you use our social features, we collect direct messages, feed comments, reactions, follow/block relationships, and content reports. Messages are stored to enable conversation history and moderation.

2.6 AI Coaching Conversations

Conversations with our AI fitness coach are stored to provide contextual coaching and conversation history. These conversations may contain health-related information you share voluntarily. AI coaching is powered by third-party language model APIs.

2.7 Usage and Analytics Data

We use Umami, a privacy-focused analytics service, to collect anonymized usage data including page views and general interaction patterns. This data does not include personal identifiers. Analytics tracking is subject to your cookie consent preferences.

2.8 Payment Data

Payment processing is handled entirely by Stripe. We never receive, store, or process your credit card numbers, CVV, or full payment details. We store only your Stripe customer ID and subscription status to manage your account.

3. How We Use Your Information

We use your personal information for the following purposes:

To provide and maintain the Service, including calorie tracking, workout logging, and progress monitoring
To calculate personalized nutrition targets (BMR, TDEE, macronutrient goals)
To provide AI-powered fitness coaching and meal analysis
To enable social features (profiles, feeds, messaging, following)
To moderate content and enforce community safety guidelines
To process payments and manage subscriptions
To generate shareable progress reports at your request
To send notifications about social interactions and achievements
To improve the Service through anonymized analytics

4. Legal Basis for Processing (GDPR)

Under the GDPR, we process your data on the following legal bases:

Explicit Consent (Art. 9(2)(a)): For processing health and body data, including measurements, dietary information, and progress photos
Contract Performance (Art. 6(1)(b)): For providing the core Service features you signed up for
Legitimate Interest (Art. 6(1)(f)): For content moderation, fraud prevention, and service improvement
Consent (Art. 6(1)(a)): For analytics tracking and optional marketing communications

5. Data Sharing and Third Parties

We share your data with the following categories of service providers (sub-processors):

Provider	Purpose	Data Shared
Stripe	Payment processing	Email, name, payment details (handled directly by Stripe)
Amazon Web Services (S3)	File storage	Uploaded photos and images
Manus AI (Forge API)	AI coaching, food analysis, image moderation	Chat messages, food photos, uploaded images for analysis
Umami Analytics	Privacy-focused usage analytics	Anonymized page views and interactions (no personal identifiers)
Manus OAuth	Authentication	Authentication tokens, name, email

We do not sell your personal data to third parties. We do not share your data for advertising purposes. Data is shared with sub-processors only as necessary to provide the Service.

6. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States. Where data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) or adequacy decisions, as required by GDPR Chapter V.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Specifically:

Account data: Retained until you delete your account
Health and fitness data: Retained until you delete your account or request erasure
Messages and social data: Retained until you delete your account
AI coaching conversations: Retained until you delete your account
Moderation records: May be retained for up to 3 years after account deletion for legal compliance
Payment records: Retained as required by tax and financial regulations (typically 7 years)
Analytics data: Anonymized and retained indefinitely

8. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

8.1 GDPR Rights (EU/EEA/UK Residents)

Right of Access (Art. 15): Request a copy of all personal data we hold about you
Right to Rectification (Art. 16): Correct inaccurate personal data
Right to Erasure (Art. 17): Request deletion of your personal data ("right to be forgotten")
Right to Data Portability (Art. 20): Export your data in a machine-readable format (JSON/CSV)
Right to Restrict Processing (Art. 18): Request limitation of data processing
Right to Object (Art. 21): Object to processing based on legitimate interest
Right to Withdraw Consent (Art. 7(3)): Withdraw consent for health data processing at any time

8.2 CCPA/CPRA Rights (California Residents)

Right to Know: Request disclosure of personal information collected, used, and shared
Right to Delete: Request deletion of personal information
Right to Opt-Out: We do not sell personal information. If this changes, you will be notified
Right to Non-Discrimination: You will not be discriminated against for exercising your rights

8.3 Exercising Your Rights

You can exercise most of these rights directly within the app: use the Data Export feature for portability, the Account Deletion feature in Settings for erasure, and the Settings page to update your information. For other requests, contact us at the address below.

9. Children's Privacy

FitJourney is not intended for children under the age of 13 (or 16 in certain EU jurisdictions). We do not knowingly collect personal information from children under these ages. If we become aware that we have collected data from a child under the applicable minimum age, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including: encrypted data transmission (HTTPS/TLS), secure authentication via OAuth, parameterized database queries to prevent injection attacks, automated content moderation, rate limiting on sensitive endpoints, and regular security reviews. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

11. Cookies and Tracking

We use the following cookies and tracking technologies:

Essential Cookies: Session authentication cookie required for the Service to function. These do not require consent.
Analytics (Umami): Privacy-focused, anonymized usage analytics. Subject to your consent preferences managed through our cookie banner.

You can manage your cookie preferences at any time through the cookie consent banner or your browser settings.

12. Data Breach Notification

In the event of a data breach that affects your personal data, we will notify you within 72 hours of becoming aware of the breach (as required by GDPR Art. 33) and within 60 days (as required by the FTC Health Breach Notification Rule). Notification will include the nature of the breach, the data affected, steps we are taking, and steps you can take to protect yourself.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes affecting how we process health data, we will seek renewed consent. We encourage you to review this policy periodically.

14. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or have concerns about how your data is handled, please contact us through the app's Settings page or by reaching out to our support team. For GDPR-related inquiries, you also have the right to lodge a complaint with your local Data Protection Authority.

15. Data Processing Agreement

For detailed information about our data processing practices, sub-processors, security measures, and international data transfers, please refer to our Data Processing Agreement (DPA). The DPA includes a complete list of authorized sub-processors and their roles in processing your data.

16. Related Policies

This Privacy Policy should be read alongside the following documents:

Terms of Service — Governs your use of the Service
Data Processing Agreement — Sub-processor details and data handling
Data Breach Notification Policy — How we handle security incidents
Security Policy — Technical security measures and responsible disclosure
Accessibility Statement — Our commitment to digital accessibility
Refund Policy — Payment and subscription refund terms
Data Rights Portal — Submit data subject access requests