Privacy Policy Last Updated: 13 February 2026 FatiFit (“we,” “our,” or “us”) operates the FatiFit mobile application (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. 1. Information We Collect We collect the following categories of information:

A. Personal Information • Name • Email address • Phone number (if provided) • Account login credentials • Subscription and payment status (processed via app store providers) B. Health Data (Sensitive Personal Data) Health Data is provided directly by you within the app and may include: • Body measurements (waist, hips, chest, arms, thighs, etc.) • Weight • Body fat percentage • BMI and calculated health metrics • Fitness or progress tracking data • Health-related notes entered by you We collect Health Data solely to provide the core functionality of the app, including tracking, analytics, progress visualization, and personalized insights. We do NOT: • Sell Health Data • Share Health Data for advertising • Use Health Data for profiling unrelated to app functionality C. Device and Usage Information • IP address • Device type and model • Operating system version • App version • Usage timestamps • Crash logs and diagnostics 2. How We Use Your Information We use collected information to: • Provide and maintain the Service • Process subscriptions • Generate progress charts and analytics • Improve performance and stability • Respond to support requests • Comply with legal obligations Health Data is used strictly for in-app functionality. 3. Legal Basis for Processing (GDPR Compliance) If you are located in the European Economic Area (EEA), we process your data under the following lawful bases: • Consent – when you provide health data voluntarily • Contractual necessity – to provide app services • Legitimate interests – to improve service functionality • Legal obligation – to comply with laws 4. Third-Party Services We use the following third-party providers: • Google Play Services • Google Analytics for Firebase • Firebase Crashlytics These services may collect device-level and usage information. They do not access or use your personal Health Data. Payments and subscriptions are processed by the respective app store (Google Play / Apple App Store). We do not store full payment details. 5. Data Retention We retain Personal Information and Health Data: • While your account remains active • As necessary to provide services • As required by law Upon account deletion, your personal and health data will be permanently deleted within 14 days, except where retention is legally required. 6. Data Sharing and Disclosure We may share limited data: • With service providers acting on our behalf • To comply with legal obligations • To protect rights, safety, or prevent fraud We do NOT sell personal or health information. 7. International Data Transfers Your information may be processed and stored in countries outside your residence. Where required, we implement appropriate safeguards such as standard contractual clauses. 8. Your Privacy Rights Depending on your location, you may have the right to: • Access your data • Correct inaccurate data • Delete your data • Restrict processing • Withdraw consent • Request data portability • Object to processing California Residents (CCPA): We do not sell personal information. You may request disclosure or deletion of your personal data. To exercise rights, contact: info@fatifitapp.com 9. Health Data Protection Statement Health Data is treated as sensitive personal data. It is: • Collected only when entered by you • Used only for app functionality • Not used for advertising • Not transferred to data brokers • Not sold to third parties 10. Security We implement commercially reasonable technical and organizational safeguards, including: • Encryption in transit • Secure storage practices • Access control restrictions • Regular security reviews However, no system is completely secure. 11. Children's Privacy The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If discovered, such data will be deleted promptly. 12. Account Deletion You may delete your account within the app. Upon deletion: • Personal Information will be removed • Health Data will be permanently deleted • Associated content will be erased Deletion may take up to 14 days. Some limited data may be retained for legal or security compliance. 13. Links to Other Websites We are not responsible for third-party websites linked within the app. 14. Changes to This Privacy Policy We may update this Privacy Policy periodically. Updates will be posted with a revised date. 15. Contact Us If you have any questions about this Privacy Policy or your data rights, contact: info@fatifitapp.com