PRIVACY POLICY

Last Updated: January 26, 2026

Back to Home

1. Introduction

Welcome to LuxMax ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

Your Privacy Matters: We believe in transparency and your right to control your personal data. This policy outlines our practices in clear, straightforward language.

2. Information We Collect

2.1 Information You Provide

Account Information: Email address, username, password (encrypted), and profile details
Profile Data: Avatar, display name, fitness goals, and preferences
Workout Data: Exercise logs, challenge progress, achievements, and performance metrics
Communication Data: Messages with our AI assistant (Chad), support inquiries, and feedback

2.2 Automatically Collected Information

Device Information: Device type, operating system, unique device identifiers
Usage Data: App features used, session duration, interaction patterns
Performance Data: Crash reports, error logs, and diagnostic information
Location Data: Approximate location (if you grant permission) for leaderboard features

2.3 Health and Fitness Data

Step count (via pedometer)
Workout duration and intensity
Challenge completion rates
Streak and consistency metrics

3. How We Use Your Information

We use your information to:

Provide Services: Enable core app functionality, track progress, and deliver personalized experiences
Improve Experience: Analyze usage patterns to enhance features and user interface
Personalization: Customize challenges, recommendations, and AI assistant responses
Communication: Send notifications about achievements, challenges, and important updates
Leaderboards: Display rankings and competitive features (with your consent)
Security: Detect and prevent fraud, abuse, and security incidents
Analytics: Understand app performance and user engagement
Legal Compliance: Meet legal obligations and enforce our terms

4. Data Sharing and Disclosure

4.1 We DO NOT Sell Your Data

We will never sell, rent, or trade your personal information to third parties for marketing purposes.

4.2 Service Providers

We share data with trusted service providers who help us operate our app:

Supabase: Database and authentication services
Google Gemini: AI-powered chat assistant functionality
Cloud Storage: Secure storage for avatars and media
Analytics Services: App performance and usage analytics

All service providers are contractually obligated to protect your data and use it only for specified purposes.

4.3 Public Information

The following information may be visible to other users:

Username and avatar
Leaderboard rankings and scores
Public achievements (if you choose to share)

4.4 Legal Requirements

We may disclose your information if required by law, court order, or to:

Comply with legal processes
Protect our rights and property
Prevent fraud or security threats
Protect user safety

5. Data Security

We implement industry-standard security measures to protect your data:

Encryption: Data is encrypted in transit (TLS/SSL) and at rest
Authentication: Secure password hashing and token-based authentication
Access Controls: Strict access limitations and role-based permissions
Regular Audits: Security assessments and vulnerability testing
Monitoring: Continuous monitoring for suspicious activity

Important: While we use robust security measures, no system is 100% secure. Please use a strong, unique password and enable two-factor authentication when available.

6. Your Rights and Choices

6.1 Access and Control

You have the right to:

Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and data
Export: Download your data in a portable format
Opt-Out: Disable notifications and marketing communications

6.2 Privacy Settings

You can control your privacy through app settings:

Leaderboard visibility (public/private)
Profile information sharing
Notification preferences
Data collection options

6.3 Account Deletion

To delete your account:

Go to Settings → Account → Delete Account
Confirm your decision
Your data will be permanently deleted within 30 days

7. Data Retention

We retain your data for as long as:

Your account is active
Needed to provide services
Required by law or for legitimate business purposes

After account deletion, we may retain anonymized data for analytics and some data for legal compliance (typically 90 days).

8. Children's Privacy

LuxMax is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that we have collected data from a child under 13, we will delete it immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws.

10. Third-Party Links

Our app may contain links to third-party websites or services. We are not responsible for their privacy practices. We encourage you to review their privacy policies before providing any information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through:

In-app notifications
Email (if you've provided one)
Updated "Last Updated" date at the top of this policy

Continued use of the app after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

Email: privacy@luxmax.app
Support: In-app support chat
Response Time: We aim to respond within 48 hours

13. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your data based on:

Consent: You have given clear consent for specific purposes
Contract: Processing is necessary to provide our services
Legal Obligation: We must comply with legal requirements
Legitimate Interests: Processing is necessary for our legitimate business interests

14. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

Right to know what personal information is collected
Right to know if personal information is sold or disclosed
Right to opt-out of the sale of personal information
Right to deletion of personal information
Right to non-discrimination for exercising CCPA rights

Your Trust is Our Priority: We are committed to protecting your privacy and being transparent about our data practices. If you have any concerns, please don't hesitate to reach out.