Legal
Privacy Policy
Last updated: June 9, 2026
This Privacy Policy explains how fyzscore collects, uses, stores, and shares information when you use the fyzscore app. fyzscore is operated by an independent app developer based in Ukraine. Privacy is a core design principle of the Service.
Questions or requests? Contact us at support@fyzscore.com.
1. Age requirement (17+)
The Service is intended only for users 17 years of age or older. We do not knowingly collect personal information from anyone under 17. If we learn that we have collected such information, we will delete it. See the Terms of Service.
2. Information we collect
- Account information: your email address and authentication identifiers (managed via Supabase).
- Photos you capture: the body-composition photographs you submit for analysis. These are the most sensitive data we handle and are subject to the protections in Section 4.
- Analysis results: AI-generated estimates (e.g., an estimated body-fat range, a physique score, and a muscle-by-muscle breakdown), trends, and the guidance derived from your photos.
- Onboarding and profile inputs: information you provide such as your goal, experience level, age, height, weight, target weight, and optional details (for example, whether you use GLP-1 medication). Some of this is health-related information that you choose to share.
- Coach conversations: the messages you send to the in-app AI Coach and its replies.
- Subscription data: purchase and entitlement status (via RevenueCat). We do not store full payment-card details; payments are handled by the app stores.
- Device and technical data: app version, device/OS type, push-notification tokens (via Expo), and basic diagnostic logs.
3. How we use information
- To provide the core Service: run AI vision analysis on your photos and show you your estimates, trends, private history, and Coach guidance.
- To operate accounts, authentication, and subscriptions.
- To send transactional and (with your consent where required) reminder push notifications.
- To maintain security, prevent abuse, and comply with legal obligations.
- To improve the Service in aggregate. We do not sell your personal data, and your photos are not used to train AI foundation models.
4. How we handle your photos (privacy by design)
Your photos receive heightened protection:
- Encryption at rest. Photos are encrypted when stored.
- Private storage. Photos are stored in private, access-controlled object storage (Cloudflare R2). They are not publicly accessible and are tied to your account only.
- Automatic deletion. By default, photos are automatically and permanently deleted 90 days after capture. You can change this window or delete your photos sooner from within the app.
- No social feed. There is no public profile and no social or sharing surface. Other users cannot see your photos or results.
- Your face is optional. The Service does not require your face to be in frame, and the on-screen figures used to visualize results are abstract. You can keep your face out of the photos you submit.
- Limited processing. Photos are transmitted to our AI provider (Anthropic) only to generate your estimate, and are processed solely for that purpose.
5. AI analysis — important note
Body-fat estimates, scores, and guidance are produced by automated AI vision analysis. They are estimates only and are not medical advice. See the medical disclaimer in the Terms of Service.
6. Third parties we share data with
We share information only with service providers (“processors”) that help us run the Service, under contractual confidentiality and data-protection obligations:
| Provider | Purpose | Data involved |
|---|---|---|
| Supabase | Authentication and database | Account info, analysis metadata |
| Cloudflare R2 | Encrypted photo storage | Your photos (encrypted) |
| Anthropic | AI vision and Coach analysis | Photos and Coach messages sent for analysis |
| RevenueCat | Subscription management | Purchase/entitlement identifiers |
| Expo | App delivery and push notifications | Device/push tokens, diagnostics |
We may also disclose information if required by law, to protect rights and safety, or in connection with a corporate transaction (with notice as required). We do not sell your personal information.
7. Data retention
- Photos: by default, automatically deleted after 90 days (or sooner if you delete them, or on a different window you choose in the app).
- Account and analysis data: retained while your account is active and deleted upon account deletion, except where retention is required by law.
- Logs: retained for a limited period for security and diagnostics.
8. Your rights and choices
Depending on your jurisdiction (e.g., GDPR, CCPA/CPRA), you may have the right to:
- Access and export your data. The app provides a data-export option.
- Delete your account and all associated data (“right to erasure”). The app provides an in-app deletion option that permanently removes your photos, analysis data, and account. See Delete your account, or email support@fyzscore.com.
- Correct inaccurate personal information.
- Object to or restrict certain processing, and withdraw consent where processing is consent-based.
- Lodge a complaint with a data-protection authority.
To exercise these rights, use the in-app controls or contact us at support@fyzscore.com. We will respond within the timeframe required by applicable law.
9. Security
We use industry-standard safeguards including encryption in transit and at rest, access controls, and the photo-specific protections in Section 4. No method of transmission or storage is 100% secure, but we work to protect your data appropriately given its sensitivity.
10. International transfers
Our providers may process data in countries other than yours, including the United States and the European Union. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for cross-border transfers.
11. Children
The Service is not directed to children under 17 and we do not knowingly collect their data. See Section 1.
12. Changes to this Policy
We may update this Policy from time to time. Material changes will be communicated through the app or by other reasonable means.
13. Contact
Privacy questions or requests: support@fyzscore.com. fyzscore is operated by an independent developer based in Ukraine.