Privacy Policy
Adptiv — AI Fitness & Nutrition Coach. Operated by AdptivAI Inc.
Effective date: June 26, 2026 · Last updated: June 26, 2026
1. Introduction
AdptivAI Inc. ("Adptiv," "we," "us," or "our") provides an AI-powered personal fitness and nutrition coaching application available on iOS and Android (the "App") and through our website (together, the "Services"). The App helps you build and continuously adapt personalized meal and training plans based on your body metrics, goals, preferences, and progress.
We take your privacy seriously. Because the Services involve health and fitness information, which is sensitive personal information, we are committed to handling your data transparently, lawfully, and with strong safeguards.
This Privacy Policy explains what personal information we collect, why we collect it, how we use and share it, how we protect it, and the choices and rights available to you. It is written to comply with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), Quebec's Law 25, and substantially similar provincial privacy legislation in British Columbia and Alberta.
By creating an account or using the Services, you confirm that you have read and understood this Privacy Policy.
2. Important notice: Adptiv is not a medical service
Adptiv provides fitness and nutrition guidance for general wellness purposes. Our plans are generated using principles of exercise science and standards from the National Academy of Sports Medicine (NASM), but:
- Adptiv does not provide medical advice, diagnosis, or treatment.
- We are not a healthcare provider, and our coaching is not a substitute for advice from a qualified physician, dietitian, or other healthcare professional.
- You should consult a healthcare professional before starting any new diet or exercise program, particularly if you have a medical condition, injury, are pregnant, or take medication.
The health and fitness data you provide is used to personalize your experience, not to deliver clinical care.
3. Who this policy applies to
This policy applies to all users of the Services. You must be at least 16 years old to use Adptiv. The Services are not directed to, and we do not knowingly collect personal information from, anyone under 16. See Section 13 for details.
4. Information we collect
We collect the following categories of personal information.
4.1 Information you provide directly
Account and identity information
- Name or display name
- Email address
- Password (stored in hashed form by our authentication provider) or, where you use Sign in with Apple or another single sign-on option, the authentication identifier returned by that provider
Health, fitness, and profile information (sensitive)
- Body metrics: height, weight, age, sex, and (where you choose to provide them) body composition figures such as body-fat percentage
- Fitness goals (for example, weight loss, muscle gain, maintenance)
- Constraints and preferences: training location (gym vs. home), available equipment, schedule and availability
- Dietary preferences, food likes and dislikes, and food allergies or restrictions
- Injuries, physical limitations, or other constraints you disclose so we can adapt your plan
Activity and progress information
- Logged meals and nutrition entries
- Logged workouts, exercises, sets, reps, and weights
- Progress data we derive over time, such as weight trend, strength progression, plan adherence, and fatigue indicators
- Photos of food or barcodes you capture using the in-app camera for food scanning and logging
Communications and support
- Messages you exchange with our AI coach
- Messages exchanged with a human trainer, where you choose to use trainer or chat features
- Correspondence with our support team, feedback, and survey responses
4.2 Information we collect automatically
When you use the App, we and our service providers automatically collect:
- Device and technical data: device type and model, operating system and version, app version, language and locale settings, time zone, and general device identifiers
- Usage and analytics data: features used, screens viewed, actions taken, session timing, and similar product-analytics events, together with feature-flag assignments
- Diagnostic data: crash reports and performance logs used to keep the App stable
4.3 Information from third parties
- Sign-in providers (such as Apple) provide the authentication details described above when you choose to sign in through them.
- Food databases (OpenFoodFacts and USDA FoodData Central) supply nutritional information about foods you search for or scan. These lookups are about food items, not about you.
We do not purchase personal information about you from data brokers, and we do not collect precise GPS location.
5. How and why we use your information
We use your personal information for the following purposes:
| Purpose | Examples |
|---|---|
| Provide the core Service | Generate and continuously adapt your personalized meal and workout plans; track and visualize your progress; sync your data across your devices |
| Personalize your experience | Adjust calorie targets and training volume when your schedule, adherence, or progress changes, with an explanation and your permission |
| Power AI features | Generate plans, recommendations, and coach responses using AI models (see Section 7) |
| Food logging | Look up nutritional data and process food photos or barcodes you scan |
| Account management | Create and secure your account, authenticate you, and provide customer support |
| Communications | Send you service-related messages, plan updates, reminders, and push notifications you have enabled |
| Improve and develop the Services | Understand how features are used, fix bugs, test improvements, and develop new features through analytics and feature flags |
| Safety, security, and fraud prevention | Detect, prevent, and respond to security incidents, abuse, and technical issues |
| Legal and compliance | Comply with applicable laws, respond to lawful requests, and enforce our terms |
We do not sell your personal information, and we do not use your health and fitness information for third-party advertising.
6. Consent and your control over it
Under PIPEDA and Quebec's Law 25, we rely on your consent to collect, use, and disclose your personal information.
- Express consent for sensitive data. Health and fitness information is sensitive. We obtain your express, opt-in consent before collecting and using it to build your plans. You provide this when you enter your information and confirm your agreement during onboarding.
- Consent for analytics and optional features. Where required, we ask for your consent to non-essential analytics and to features such as push notifications, and you can decline or change your mind.
- Separate purposes. We seek consent for each distinct purpose and will ask again if we want to use your information for a materially new purpose.
- Withdrawing consent. You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. Because health data is central to how Adptiv works, withdrawing consent for its use may mean we can no longer provide some or all of the Services. To withdraw consent, adjust the relevant settings in the App or contact us using the details in Section 16.
7. Artificial intelligence and automated processing
Adptiv uses artificial intelligence to generate and adapt your plans and to power the in-app coach.
- What the AI uses. To generate relevant output, we send relevant profile, goal, and progress information to our AI processing layer and to third-party large language model (LLM) providers — currently Microsoft Azure OpenAI Service (Azure AI Foundry), which hosts the models we primarily use, with Google (Gemini) as a fallback provider. We minimize what we send to what is needed for the feature.
- Decision support, not automated decisions with legal effect. AI recommendations are coaching suggestions. They do not produce legal or similarly significant effects about you, and proposed changes to your plan are presented with an explanation and applied with your permission.
- Human and provider handling. Our LLM providers process your inputs to return a response. We use providers under terms intended to prevent your inputs from being used to train their public models, though you should review the relevant provider's practices where you have concerns.
- Your choice. You can choose not to use AI chat features, though core plan generation relies on AI processing.
8. How we share your information
We do not sell your personal information. We share it only as described below.
8.1 Service providers (processors)
We use trusted third parties to operate the Services. They may process your information only on our instructions and to provide services to us. Key providers include:
| Provider | Role | Data involved |
|---|---|---|
| Supabase | Cloud authentication, database, real-time sync, trainer/chat, and serverless (edge) functions | Account data, health and fitness data, logs, messages |
| Expo (Expo Application Services / Expo Push) | App delivery framework and push-notification delivery | Device push tokens, notification content |
| PostHog | Product analytics and feature flags | Usage, device, and diagnostic data |
| Microsoft Azure (Azure OpenAI / AI Foundry), Google (Gemini) | AI model providers for plan generation and coach responses | The profile, goal, and message content sent for a given AI request |
| OpenFoodFacts, USDA FoodData Central | Food and nutrition databases | Food search terms and scanned items (information about foods, not about you) |
| Apple, Google | App distribution (App Store, Google Play) and platform sign-in services | Account/purchase and platform identifiers as governed by their own policies |
We review providers for appropriate privacy and security protections and put contractual safeguards in place.
8.2 Human trainers
If you choose to connect with or message a human trainer through the Services, the information you share in that context (including relevant plan and progress data) is disclosed to that trainer so they can support you.
8.3 Legal and protective disclosures
We may disclose personal information where required or permitted by law: to comply with a valid legal process, to enforce our terms, to protect the rights, safety, and property of Adptiv, our users, or others, or to investigate fraud or security issues.
8.4 Business transfers
If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, personal information may be transferred as part of that transaction. We will require the recipient to honour this Privacy Policy or notify you of any material change, as required by law.
9. Local-first storage and data on your device
Adptiv is designed to be local-first. Much of your data — including your plans, workout and meal logs, and app state — is stored in a database on your device, protected by your device's operating-system-level encryption (such as iOS Data Protection and Android file-based encryption) when a device passcode or biometric lock is set. Authentication tokens are kept in your device's dedicated secure storage (iOS Keychain / Android Keystore). This data is synchronized to our cloud (Supabase) so that your information is backed up and available across your devices. If you delete the App, locally stored data on that device is removed, but data already synced to the cloud remains until you delete your account or request deletion.
10. International data transfers
We are based in Canada, but some of our service providers (including cloud hosting, AI providers, and analytics) may store or process personal information outside of Canada, including in the United States and other countries. As a result, your information may be subject to the laws of those jurisdictions, including lawful access requests by foreign courts, law enforcement, and government authorities.
We take reasonable contractual, technical, and organizational measures to ensure a comparable level of protection for your information when it is transferred and processed outside Canada. By using the Services, you acknowledge this cross-border processing. You may contact us for more information about our transfer safeguards.
11. How long we keep your information
We retain personal information only as long as necessary for the purposes described in this policy, or as required by law:
- Active accounts: We keep your profile, plans, and logs for as long as your account is active so the Service can function and track your progress over time.
- After deletion: When you delete your account, we delete or de-identify your personal information from our active systems within a reasonable period, except where we must retain certain data to meet legal, accounting, security, or dispute-resolution obligations.
- Backups: Residual copies may persist in secure backups for a limited period before being overwritten.
- Analytics and diagnostics: Usage and diagnostic data is retained for a limited period needed to operate and improve the Services.
12. How we protect your information
We use technical and organizational safeguards appropriate to the sensitivity of the information, including:
- Encryption of data in transit (TLS); encryption at rest for cloud storage, and reliance on operating-system-level device encryption (iOS Data Protection / Android file-based encryption) for on-device data
- Secure credential storage and hashed passwords
- Database access controls and row-level security so that users can access only their own data
- Keeping secrets and third-party credentials server-side, off your device, through our edge-function layer
- Access limited to personnel who need it, under confidentiality obligations
- Monitoring, logging, and routine review of our security practices
No method of transmission or storage is completely secure. If we become aware of a security breach affecting your personal information that creates a real risk of significant harm, we will notify you and the appropriate authorities as required by PIPEDA, Law 25, and other applicable laws.
13. Children's privacy
The Services are intended for users 16 years of age and older. We do not knowingly collect personal information from anyone under 16. If you are a parent or guardian and believe a person under 16 has provided us with personal information, please contact us at info@adptiv.ca and we will take steps to delete it.
14. Your privacy rights and choices
Subject to applicable law, you have the following rights regarding your personal information:
- Access: Request confirmation of whether we hold personal information about you and obtain a copy of it.
- Correction: Request that we correct inaccurate or incomplete information.
- Deletion: Request deletion of your account and personal information, subject to legal retention requirements.
- Withdraw consent: Withdraw your consent to our use of your information, as described in Section 6.
- Portability: Where Law 25 applies, request that the computerized personal information you provided to us be communicated to you in a structured, commonly used technological format.
- Object or restrict: Ask us to limit certain processing, such as non-essential analytics.
- Withdraw from communications: Turn off push notifications in your device settings and opt out of non-essential messages.
Many of these choices can be exercised directly in the App through your profile and settings (including editing your data, managing notifications, and deleting your account). You may also contact us using the details below. We will respond within the timeframes required by applicable law and may need to verify your identity before acting on a request. We will not discriminate against you for exercising your rights.
15. Cookies and similar technologies
Our website may use cookies and similar technologies for essential functionality and, where applicable, analytics. The App does not rely on browser cookies but uses device identifiers and local storage for the purposes described in this policy. Where required, we obtain your consent for non-essential tracking, and you can manage analytics preferences in the App settings or your browser.
16. How to contact us
If you have questions, concerns, or requests about this Privacy Policy or your personal information, please contact our Privacy Officer:
AdptivAI Inc. — Privacy Officer
Email: info@adptiv.ca
We will acknowledge and respond to your inquiry within a reasonable time and in accordance with applicable law.
Escalation to a regulator
If you are not satisfied with our response, you have the right to contact the relevant privacy regulator:
- Office of the Privacy Commissioner of Canada (OPC) — www.priv.gc.ca
- Commission d'accès à l'information du Québec (CAI) — if you are a Quebec resident
- The Information and Privacy Commissioner in British Columbia or Alberta, if applicable to you
17. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date above and notify you through the App or by email before the changes take effect, where required. Your continued use of the Services after the effective date constitutes acceptance of the updated policy.