Back

Privacy Policy

Effective date: 2026-05-23 · DOC 24 ENTERPRISES, LLC

DOC 24 ENTERPRISES, LLC (“Company,” “we,” “our”) operates the DOC Fit OS application (the “Service”). This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using the Service you agree to the practices described here.

1. Information we collect

We collect only what we need to run the Service:

  • Account data — email address, password hash (handled by our auth provider), display name, and OAuth identifiers if you sign in with Google or Apple.
  • Fitness and nutrition data — workouts, sets, meals, grocery items, milestones, and AI-generated plans that you create or save.
  • Progress photos — images you upload, stored privately and tied to your account. We do not run facial recognition or biometric identification on these images.
  • AI conversation memory — context the in-app coach retains so its responses stay coherent between sessions.
  • Usage events — counters such as AI requests per day, used for cost control and analytics. These are anonymized when an account is deleted.
  • Device and log data — IP address, browser type, and timestamps collected automatically by our hosting infrastructure for security and abuse prevention.

We do not collect precise location, contacts, microphone, or background sensor data. We do not use cookies for advertising or cross-site tracking.

2. How we use your information

  • To operate the Service — store and display your workouts, meals, plans, and photos.
  • To power AI features — your prompts and recent context are sent to our AI provider to generate the response. AI providers process this data on our behalf and are contractually prohibited from using it to train their models.
  • To authenticate you, prevent abuse, and meet legal obligations.
  • To communicate with you about your account or material changes to the Service.

We do not sell or rent your personal information. We do not share your data with third parties for their own marketing.

3. Third-party processors

We rely on the following processors to deliver the Service:

  • Supabase — authentication, database, and file storage.
  • Vercel — application hosting and edge delivery.
  • Google — optional OAuth sign-in.
  • Apple — optional Sign in with Apple.
  • Vercel AI Gateway — routing requests to underlying AI model providers (e.g. OpenAI, Anthropic) that we use to power the in-app coach and analyses.

Each processor handles data under its own privacy terms and contractual data-processing agreements.

4. Data retention

We retain your data for as long as your account is active. When you delete your account (Settings → Danger zone → Delete account, or by emailing us), we permanently remove your authentication record, profile, workouts, meals, photos, plans, and AI memory. Aggregated and anonymized usage counters may be retained for cost analytics. Server logs are retained for up to 90 days.

5. Your rights

Depending on where you live (including the EU/EEA under GDPR and California under CCPA/CPRA), you have the right to:

  • Access the personal data we hold about you.
  • Export your data in a portable format — available in Settings as “Export data as JSON.”
  • Correct inaccurate data — update your profile in the app.
  • Delete your account and all associated data — available in Settings as “Delete account.”
  • Object to or restrict certain processing.
  • Withdraw consent at any time by deleting your account.
  • Lodge a complaint with your local supervisory authority.

To exercise any of these rights, email doc24business@icloud.com. We will respond within 30 days.

6. Children

The Service is not directed to children under 13 (or under 16 in the EU/EEA). We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.

7. Security

We use industry-standard safeguards including TLS for data in transit, encryption at rest, access controls, row-level security on user data, and least-privilege server credentials. No system is perfectly secure, however, and we cannot guarantee absolute protection.

8. International transfers

The Service is operated from the United States. If you access it from outside the US, your data will be transferred to and processed in the US under standard contractual safeguards.

9. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Effective date” above and, where appropriate, ask you to re-accept the updated policy on next sign-in.

10. Contact

DOC 24 ENTERPRISES, LLC
Aventura, Florida, USA
Email: doc24business@icloud.com

Educational use only — not medical or professional fitness advice. Consult a doctor, registered dietitian, or certified trainer before starting any program.

Privacy·Terms·Support