Privacy Policy – Kidology, Inc.

This Privacy Policy explains what personal data we collect when you use our mobile applications, websites, and related services (collectively referred to as the “App” or “Service”), and how we use and process that data. It also outlines your choices and rights regarding your personal information.

Last updated: July 24, 2025

By using the Service, you confirm that:

  • You have read, understood, and agreed to this Privacy Policy, including the data processing activities described here; and
  • You are at least 18 years old.

If you do not agree to this Privacy Policy or cannot make the above confirmations, you must not use the Service. In that case, please take the following steps:

  • Delete your account and contact us to request deletion of your personal data.
  • Cancel any active subscriptions via the platform used for purchase— such as Apple (for iOS), Google (for Android), or any other applicable app store. If you purchased directly from our website, you may cancel through your account settings or by contacting us.
  • Remove the App from your device(s).

Please note that translations of this Privacy Policy may be made available for your convenience. However, in the event of any differences in interpretation between the English version and any translated version, the English version will take precedence and be the only legally binding text.

1. Categories of Personal Data We Collect

We collect personal data from the following sources:

  • Information you provide directly (e.g., onboarding, coaching chat, purchases)
  • Information received from third parties (e.g., Apple/Google logins, integrations)
  • Information collected automatically through the App or devices

1.1 Data You Provide Directly

  • Identifiers: Name, email, and contact info for account management and support.
  • Onboarding & Personalized Fitness Data: Age, gender, weight, fitness level, goals, preferences, etc.
  • Workout and Progress Tracking: Exercise data, photos, heart rate, calories, etc.
  • Wellness & Special Category Data: Menstrual cycle, medical dietary needs — only processed with your explicit consent.
  • Store Orders: Shipping details and product preferences for physical purchases.
  • Commercial Information: We don’t store full payment card data. We may get masked payment info from providers.
  • Coach Chat Interactions: Conversations, images, feedback for personalized coaching.
  • Customer Service & Feedback: Anything shared via contact forms or support channels.

1.3 Data We Collect Automatically

  • App Activity: We log your behavior in the app (e.g., workouts completed, skipped items, session time) to personalize your experience.
  • Device & Location Data: We collect technical details (IP, OS, device, time zone). With consent, we may collect location to support features like walk tracking.
  • Advertising Identifiers: We collect IDFA (Apple) or AAID (Google). You can reset or limit these via device settings.

1.4 Cookies and Similar Technologies

We use cookies, SDKs, and APIs to enhance functionality, analytics, and ads. Categories:

  • Strictly Necessary: Login, sync, load workouts
  • Functional: Preferences, language, goals
  • Performance: Track usage, A/B tests
  • Targeting: Show relevant ads, measure campaign success

You can manage cookies via app/browser settings. Refusing cookies may affect experience but not essential functionality.

1.5 On-device Data Collection

Some features (e.g., food recognition) may use on-device machine learning and not transmit data to our servers, helping protect your privacy.

1.6 Payment Processing and Financial Data

Payments are processed through secure third parties. We do not store full card numbers. We may receive:

  • Partial card info (e.g., last 4 digits)
  • Payment tokens
  • Purchase amounts and timestamps
  • Subscription plan details

This helps us manage refunds, invoices, and compliance.

1.7 Aggregated and De-Identified Data

We may anonymize and aggregate your data for:

  • Research with academic institutions
  • Trend analysis
  • Health and fitness studies
  • Improving our services

Aggregated data cannot be used to identify you and is not treated as personal data under privacy law.

2. Purposes and Legal Bases for Processing Your Personal Data

We collect and process your data primarily to:

  • Deliver personalized fitness and wellness services
  • Continuously improve our offerings
  • Communicate with and support you
  • Ensure legal and contractual compliance

Some of the data you provide may qualify as sensitive personal data (e.g., health, dietary needs, menstruation, diabetes). Where required by law, we’ll ask for your explicit consent before processing such data.

⚠️ If you revoke this consent, we may no longer be able to offer the full service experience (e.g., custom nutrition plans or heart rate–based workouts).

PurposeWhat This Means For YouData UsedLegal Basis
Service deliveryPersonalized plans, reminders, and progress syncAll categoriesContract; Consent (for sensitive data)
CommunicationsEmails, push notifications, coach messagesAll categoriesContract; Legitimate interest
Payments & billingSecure payments, transaction recordsIdentifiers, Commercial InfoContract
Service improvementUsage analysis, content suggestionsAll categoriesLegitimate interest; Consent if sensitive
MarketingOffers, tips, program announcementsIdentifiersConsent or Legitimate interest
Ad personalizationTargeted fitness adsOnboarding data, device/location, cookiesConsent or Legitimate interest
Ad performanceMeasuring ad campaign successCookies, advertising IDsConsent or Legitimate interest
Fraud preventionBlock abuse or unauthorized accessAll categoriesLegitimate interest
Legal complianceTax, audit, lawful requestsAll categoriesLegal obligation
Dispute resolutionChargebacks, legal rights defensePurchase and usage logsLegitimate interest; Legal obligation

3. With Whom We Share Your Personal Data

We share your personal data with third parties only as necessary to deliver and improve our Services, meet legal obligations, and support operational efficiency.

1. Service Providers (Processors)

These companies process data on our behalf to power core features:

  • a. Cloud Storage
    Amazon Web Services (AWS) – Our primary hosting provider.
    Stores: account data, workout records, preferences, support logs.
    AWS Privacy Info
  • b. Performance & Error Monitoring
    Google Firebase (Performance, Crash Reporting)
    Sentry – Monitors bugs, device-level crash logs.
  • c. Data Analytics
    Amplitude, AppsFlyer, Google Analytics, Hotjar, Firebase Analytics, Tableau, Amplitude Session Replay
    Used to understand user behavior, feature usage, and optimize experience.
    Opt-out and privacy info are provided in each provider’s respective links (included in the full policy).
  • d. Payment Providers
    Examples: Ebanx, Checkout, Solid, Stripe.
    These gateways process payments securely. We do not store your full card info.
    Providers may vary by region and payment method.
  • e. Communication Tools
    Intercom – In-app chat and support
    Apple Push Notification, Iterable – Notifications
    Amplitude Surveys, SurveyMonkey – Feedback & in-app polls
  • f. Marketing & Ads
    Meta (Facebook/Instagram), Google Ads, Snapchat, Meta Pixel, DoubleClick, Custom Audiences
    Used to serve personalized ads and measure campaign effectiveness.
    You can opt out of targeted ads via: Device settings (iOS/Android); YourAdChoices.com; Facebook/Google/Snapchat ad preference panels

2. Legal Requests and Public Authorities

We may disclose data: To comply with a valid subpoena, law, or court order; To protect users or enforce Terms of Service; As required under financial, tax, or data laws

3. Corporate Transactions

If we are part of a merger, acquisition, sale of assets, or bankruptcy, your data may be shared or transferred accordingly.

4. Affiliates

We may share data across our corporate group (parent, subsidiaries, sister companies) to deliver a consistent service.

4. How You Can Exercise Your Privacy Rights

We empower you to control your data. Depending on your location and applicable privacy laws, you may have the following rights:

Your Rights

  • Access / Review / Correct: View and update your personal data via your profile or by contacting support.
  • Delete: Request erasure of your data. We’ll comply unless legal obligations require us to retain some info (e.g., financial records).
  • Object / Restrict Use: Ask us to stop or limit how we use your data, especially for:
    • Marketing emails (unsubscribe in footer or via support)
    • Non-essential cookies and tracking (manage in app or browser settings)
  • Data Portability: Ask for your data in a structured, machine-readable format (e.g., .json) to transfer to another service.
  • Withdraw Consent (where applicable): Stop consent-based processing (e.g., health data or targeted ads). May affect service availability.
  • Lodge Complaint: If we fail to resolve your concerns, contact your local data protection authority.

How to Exercise These Rights

We will verify your identity by asking for:

  • Email address
  • Account creation date or last activity
  • Subscription details

Authorized Agent?

You may appoint someone to act on your behalf. They must:

  • Show written authorization (e.g., power of attorney)
  • Provide proof of your consent
  • Pass identity verification

5. U.S. States Privacy Notice

This section applies if you reside in states with consumer privacy laws, including:

California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia

This supplements our general policy to address state-specific rights and requirements.

5.1. Categories of Personal Information We Collect

We collect the same categories listed earlier: Identifiers; Health data; Commercial info; Device/location data; Internet activity; Sensitive personal info. We may also create aggregated/de-identified data, which is not considered personal under law.

5.2. What Personal Information We Share

We share information with: Service providers (e.g., analytics, hosting); Advertising and marketing partners (via cookies, pixels, device IDs); Law enforcement (if legally required); Affiliates (e.g., parent or sister companies).

We do not sell personal information for money. However, some data sharing (e.g., for personalized ads) may be considered a “sale” or “share” under some laws.

We do not knowingly sell/share personal info of individuals under 18.

5.3. Your Rights (U.S. State Residents)

  • Know what personal data we collect and why
  • Access specific data we hold
  • Delete your personal data
  • Correct inaccuracies
  • Opt out of: Sale/sharing of your data; Targeted advertising; Use of sensitive data beyond what’s needed; Withdraw consent (if applicable)
  • Appeal our decision if we reject your request

5.4. How to Exercise These Rights

Use in-app tools or email: irina@kidology.app

We may verify your identity (email, activity, etc.) before fulfilling your request. You may also appoint an authorized agent (with proof of authority).

5.5. California “Shine the Light” Law

California residents may request once per year a list of third parties to whom we disclosed personal info for direct marketing. Request via email: irina@kidology.app — Subject: Request for California Shine the Light Information

6. Age Limitations

We do not knowingly collect personal data from anyone under 18 years of age.

If you believe that a child under 18 has provided us with data, please contact us immediately at 📧 irina@kidology.app.

7. International Data Transfers

Your data may be transferred to and processed in countries outside your own, including those that may not have the same level of data protection laws. When doing so, we use appropriate safeguards such as Standard Contractual Clauses approved by data regulators.

8. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If material changes occur, you will be notified via the app or other available methods.

By continuing to use the Service after the changes, you accept the revised terms.

9. Data Retention

We retain your data as long as needed to:

  • Provide the Service
  • Comply with legal obligations
  • Resolve disputes
  • Enforce agreements

Some data (e.g. financial transactions) may be kept even after your account is deleted, due to legal or tax obligations.

10. Personal Data Controller

Kidology, Inc.
📍 131 Continental Dr, Suite 305, Newark, New Castle County, Delaware 19713, USA

Kidology, Inc. is the legal data controller for your personal information.

11. Contact Us

For any questions or concerns about your data or this Privacy Policy: 📧 irina@kidology.app

You may also contact us to request:

  • A copy of your data
  • Deletion or correction of your data
  • Clarification about how we process your data