# Privacy Policy

**Last Updated: 14 January 2026**

**Privacy Officer Contact:**

Email: fighterr.app@gmail.com

Address: Ballarat, Victoria

ABN: 85 907 850 059

---

## 1. Introduction

Fighterr ("we," "our," or "us") is committed to protecting your privacy and complying with the **Privacy Act 1988 (Cth)**, the **Australian Privacy Principles (APPs)**, and the **Health Records Act 2001 (Vic)**.

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information and health information when you use our mobile application.

**By using Fighterr, you consent to the collection, use, and disclosure of your information as described in this Policy.**

## 2. Privacy Laws That Apply to Us

### 2.1 Federal Law

**Privacy Act 1988 (Cth)** and the **Australian Privacy Principles (APPs)**

Because we collect health information (weight data, training metrics), we are regulated under the Privacy Act regardless of our business turnover. Health information is classified as "sensitive information" under APP 3 and requires enhanced protection.

### 2.2 Victorian Law

**Health Records Act 2001 (Vic)**

As a Victorian organization handling health information, we must comply with the Health Privacy Principles (HPPs) set out in this Act.

### 2.3 Regulatory Oversight

We are regulated by the **Office of the Australian Information Commissioner (OAIC)**, which enforces the Privacy Act and investigates privacy complaints.

## 3. What Information We Collect

### 3.1 Personal Information (APP 3)

**Account Information:**

- Full name or username

- Email address

- Password (encrypted and hashed)

- Account preferences and settings

- Role (Fighter or Coach)

**Device Information:**

- Device type, model, and operating system

- Push notification tokens

- App version and settings

- IP address (for security purposes)

### 3.2 Health Information (Sensitive Information - APP 3.3)

**Weight and Body Metrics:**

- Current weight measurements

- Target weight goals

- Weight history and trends

- Body composition data (if provided)

**Training Information:**

- Training session logs

- Exercise intensity and duration

- Performance metrics

- Fight camp schedules

**Fight Week Data:**

- Hydration tracking

- Nutrition logs

- Weigh-in dates and results

**This is "health information" under both the Privacy Act and the Health Records Act and receives special protection.**

### 3.3 Usage Data (APP 3)

**Analytics Information:**

- App features used

- Time spent in the App

- Navigation patterns

- Error logs and crash reports

- User interactions and preferences

### 3.4 Information We Do NOT Collect

- Precise geolocation data

- Payment card details (handled by app stores)

- Health data from other apps or devices (unless you manually input it)

- Contacts or phone numbers

- Social media profiles or connections

- Photos or videos (except profile pictures)

## 4. How We Collect Information (APP 3)

### 4.1 Direct Collection

**From You:**

- During account registration

- When you manually enter data (weight, training logs)

- When you contact customer support

- When you provide feedback or participate in surveys

### 4.2 Automatic Collection

**Through the App:**

- Usage analytics via embedded analytics tools

- Error logs when the App crashes

- Device information for compatibility

### 4.3 Collection Notice

At the time of collection, we will inform you:

- What information we are collecting

- Why we are collecting it

- Who we might disclose it to

- How you can access or correct it

- The consequences if you don't provide it

## 5. Why We Collect and Use Your Information (APP 6)

### 5.1 Primary Purpose - Providing the Service

We use your information to:

- Create and manage your account

- Store your weight tracking and camp data

- Calculate weight cut progress and analytics

- Send reminders and notifications (with your consent)

- Sync data across your devices

- Provide customer support

**Legal Basis:** Necessary for contract performance (providing the service you requested)

### 5.2 Secondary Purposes

**Service Improvement:**

- Analyze usage patterns to enhance features

- Fix bugs and technical issues

- Develop new features based on user needs

- Conduct research and product development

**Legal Basis:** Legitimate interests (improving our service)

**Communications:**

- Send service-related announcements

- Respond to your inquiries

- Send marketing communications (only with your consent - APP 7)

- Notify you of policy changes

**Legal Basis:** Contract performance and consent (for marketing)

**Legal Compliance:**

- Comply with Australian laws and regulations

- Respond to legal requests (court orders, subpoenas)

- Protect our legal rights

- Prevent fraud and abuse

**Legal Basis:** Legal obligation and legitimate interests

### 5.3 Explicit Consent for Health Information

For collecting and using your health information, we obtain your **explicit consent** as required by APP 3.3. You can withdraw consent at any time by contacting privacy@fighterr.com.

## 6. How We Disclose Your Information (APP 6)

### 6.1 We Do NOT Sell Your Information

**We do NOT sell, rent, or trade your personal or health information to third parties for their marketing purposes.**

### 6.2 Service Providers (APP 8.1)

We share information with trusted service providers who help us operate the App:

**Supabase (Database & Authentication):**

- **What they do:** Store your account and app data, provide authentication services

- **Location:** Cloud servers (USA/EU - see Supabase's infrastructure)

- **Privacy Policy:** https://supabase.com/privacy

- **Protections:** Contractual obligations, industry-standard security

**Push Notification Services:**

- **Apple Push Notification Service (APNS)** for iOS devices

- **Expo Push Notifications** for cross-platform delivery

- **Purpose:** Deliver opt-in reminders and notifications

- **Privacy:** Only notification tokens are shared, not health data

**Analytics Providers (if applicable):**

- **What they do:** Help us understand app usage patterns

- **Data shared:** Anonymized usage data where possible

- **Purpose:** Service improvement

**All service providers:**

- Are contractually required to protect your information

- Can only use your information for specified purposes

- Must comply with the APPs or equivalent standards

### 6.3 Legal Disclosures (APP 6.2)

We may disclose information when required or permitted by law:

- Court orders, subpoenas, or warrants

- Requests from law enforcement or regulatory authorities

- To protect against fraud, abuse, or illegal activity

- To enforce our Terms and Conditions

- To protect the safety of users or the public

We will notify you of legal requests unless prohibited by law.

### 6.4 Business Transfers

If Fighterr is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will:

- Notify you before the transfer

- Ensure the receiving party agrees to protect your information

- Give you the option to delete your account before the transfer

### 6.5 With Your Consent

We may share information with other parties with your explicit consent.

## 7. Overseas Disclosure (APP 8)

### 7.1 Cross-Border Data Transfer

Your information may be stored or processed outside Australia, including:

- **United States:** Supabase cloud servers

- **European Union:** Supabase backup servers (if applicable)

### 7.2 Protections for Overseas Transfer

When we disclose information overseas, we ensure:

- The recipient is subject to privacy laws substantially similar to the APPs, OR

- We have contractual agreements requiring APP-equivalent protections, OR

- You have consented to the overseas disclosure

### 7.3 Your Responsibility

Under APP 8.1, if we take reasonable steps to ensure overseas recipients comply with the APPs, you may not be able to seek redress against the overseas recipient under the Privacy Act. However, you can still make a complaint to us or the OAIC.

## 8. Data Quality and Security (APP 10, APP 11)

### 8.1 Data Accuracy (APP 10)

We take reasonable steps to ensure:

- Your information is accurate, up-to-date, and complete

- Information is relevant to the purposes for which it is used

**Your responsibility:** Please keep your information current by updating it in the App settings.

### 8.2 Security Measures (APP 11)

We implement industry-standard security measures to protect your information:

**Technical Security:**

- Encryption of data in transit (TLS/SSL)

- Encryption of sensitive data at rest

- Secure authentication protocols (password hashing)

- Regular security audits and vulnerability assessments

- Intrusion detection and monitoring

**Organizational Security:**

- Access controls (only authorized personnel can access data)

- Staff training on privacy and security

- Secure coding practices

- Incident response procedures

**Physical Security:**

- Secure data centers with access controls

- Environmental protections (fire suppression, backup power)

### 8.3 Data Breach Response

In the event of a data breach likely to result in serious harm, we will:

- Notify affected individuals as soon as practicable

- Notify the OAIC as required by law

- Take steps to mitigate harm

- Investigate and prevent future breaches

### 8.4 Security Limitations

**No system is 100% secure.** While we implement strong security measures, we cannot guarantee absolute security. You use the App at your own risk.

**Your responsibility:** Use a strong, unique password and keep it confidential.

## 9. Data Retention (APP 11)

### 9.1 Retention Periods

**Active Accounts:**

- We retain your information for as long as your account is active

- You can delete your account at any time

**Deleted Accounts:**

- We delete your information within 30 days of account deletion

- Some information may be retained longer if required by law

**Backups:**

- Data may persist in backups for up to 90 days after deletion

- Backups are securely stored and eventually overwritten

**Legal Hold:**

- If information is subject to legal proceedings or regulatory investigation, we may retain it longer as required by law

### 9.2 Anonymized Data

We may retain anonymized, aggregated data indefinitely for analytics and research. This data cannot reasonably identify you.

## 10. Your Privacy Rights (APP 6, APP 12, APP 13)

### 10.1 Access to Your Information (APP 12)

**You have the right to access your personal and health information.**

**How to request access:**

- Email: privacy@fighterr.com

- Include: Your name, email address, and specific information you're requesting

- We will respond within **30 days**

**Access is free** for simple requests. We may charge a reasonable fee for complex requests that require significant time or resources.

**We may deny access** in limited circumstances:

- If it would pose a serious threat to safety

- If it would unlawfully impact others' privacy

- If the request is frivolous or vexatious

- If required or authorized by law

If we deny access, we will explain why and outline your options.

### 10.2 Correction of Information (APP 13)

**You have the right to correct inaccurate, out-of-date, incomplete, or misleading information.**

**How to request correction:**

- Update your profile directly in the App settings, OR

- Email: privacy@fighterr.com with the correction needed

**We will respond within 30 days** and:

- Make the correction if appropriate, OR

- If we refuse, explain why and note your request on the record

### 10.3 Deletion of Information

**You have the right to delete your account and information.**

**How to delete your account:**

- Go to Settings > Account > Delete Account in the App, OR

- Email: privacy@fighterr.com

**Upon deletion:**

- Your account and data will be permanently deleted within 30 days

- Data in backups may persist for up to 90 days

- Some data may be retained if required by law

### 10.4 Export Your Data

**You can export your data in a portable format.**

**How to export:**

- Go to Settings > Data Export in the App (coming soon), OR

- Email: privacy@fighterr.com

We will provide your data in CSV or JSON format within 30 days.

### 10.5 Withdraw Consent

**You can withdraw consent for:**

- Marketing communications (unsubscribe link in emails or in App settings)

- Push notifications (device settings or App settings)

- Collection of health information (requires account deletion, as health data is core to the App's functionality)

### 10.6 Make a Complaint

**You have the right to complain about how we handle your information.**

**Internal Complaint Process:**

**Step 1:** Email privacy@fighterr.com.au with your complaint

**Step 2:** We will acknowledge your complaint within 7 days

**Step 3:** We will investigate and respond within 30 days

**Step 4:** If you're not satisfied, we will inform you of external options

**External Complaint Options:**

**Office of the Australian Information Commissioner (OAIC):**

- **Phone:** 1300 363 992

- **Website:** www.oaic.gov.au

- **Email:** enquiries@oaic.gov.au

- **Mail:** GPO Box 5218, Sydney NSW 2001

The OAIC can investigate complaints and enforce the Privacy Act.

**Health Complaints Commissioner (Victoria):**

For complaints about health information handling:

- **Phone:** 1300 582 113

- **Website:** hcc.vic.gov.au

## 11. Cookies and Tracking

### 11.1 Mobile App

**The mobile app does not use cookies.**

We use local storage on your device to:

- Store your login session

- Cache app data for offline access

- Remember your preferences

You can clear this data by uninstalling the App or clearing app storage in device settings.

### 11.2 Website (if applicable)

If we have a website, we may use cookies for:

- Essential functionality (required cookies)

- Analytics (with consent)

- Marketing (with consent)

You can control cookies through your browser settings.

## 12. Marketing Communications (APP 7)

### 12.1 Direct Marketing

We will only send you marketing communications (promotional emails, offers, feature announcements) if:

- You have consented (opted in), OR

- It's reasonable to expect we would communicate with you (e.g., about new features related to your usage)

### 12.2 Opt-Out

**You can opt out of marketing at any time:**

- Click the unsubscribe link in any marketing email

- Go to Settings > Notifications > Marketing (toggle off)

- Email: privacy@fighterr.com

**You cannot opt out of:**

- Essential service communications (account security, policy changes)

- Transaction confirmations

## 13. Children's Privacy

**Fighterr is NOT intended for users under 18 years of age.**

- We do not knowingly collect information from minors

- If we learn a user is under 18, we will immediately delete their account

- Parents/guardians: Contact us at privacy@fighterr.com if you believe your child has used the App

## 14. Changes to This Privacy Policy

### 14.1 Modification Rights

We may update this Privacy Policy to reflect:

- Changes to our practices

- Changes to Australian privacy laws

- New features or services

### 14.2 Notification

We will notify you of material changes via:

- Email to your registered address

- In-app notification

- Prominent notice on our website

### 14.3 Effective Date

Changes take effect on the "Last Updated" date at the top of this Policy.

**Your continued use** after changes constitutes acceptance. If you don't agree, please stop using the App and delete your account.

## 15. Third-Party Services

### 15.1 App Stores

Your download and use of the App from the Apple App Store or Google Play Store is subject to their respective privacy policies:

- **Apple Privacy Policy:** www.apple.com/legal/privacy

- **Google Privacy Policy:** policies.google.com/privacy

### 15.2 Third-Party Links

The App may contain links to third-party websites or services. We are not responsible for their privacy practices. Please review their privacy policies independently.

## 16. Health Information Special Protections

### 16.1 Enhanced Security

As required by the Health Records Act 2001 (Vic), we apply enhanced security measures to health information:

- Encryption of all health data

- Strict access controls

- Audit logging of health data access

- Regular security assessments

### 16.2 Limited Use

We use your health information only for:

- Providing the App's weight tracking and camp management features

- Generating personalized analytics and insights

- Improving the App's functionality

- Complying with legal obligations

**We do NOT use your health information for:**

- Marketing to third parties

- Insurance underwriting

- Employment screening

- Any purpose unrelated to the App's core functionality

### 16.3 Consent Requirements

Under Victorian law, we must obtain your **informed consent** before collecting health information. This means:

- We tell you what information we're collecting

- We explain why we need it

- We inform you of the consequences if you don't provide it

- You voluntarily agree

**You can withdraw consent** by deleting your account, which will delete your health information.

## 17. Contact Information

### 17.1 Privacy Officer

For privacy-related inquiries, requests, or complaints:

**Email:** fighterr.app@gmail.com

**Phone:**

**Address:** Ballarat, victoria

**ABN:** 85 907 850 059

### 17.2 General Support

**Email:** fighterr.app@gmail.com

**Website:** www.fighterr.framer.com

### 17.3 Regulatory Authority

**Office of the Australian Information Commissioner (OAIC):**

**Phone:** 1300 363 992

**Website:** www.oaic.gov.au

**Email:** enquiries@oaic.gov.au

---

**We are committed to protecting your privacy and handling your information in accordance with Australian privacy laws. Thank you for trusting Fighterr with your information.**