Datenschutz

1. Introduction

QoFast (“we”, “our”, or “us”) is operated by Qorinx. This Privacy Policy explains how we collect, use, and protect your personal data when you use the QoFast mobile application and website (collectively, the “Service”).

2. Data We Collect

Account information

When you create an account, we collect your email address and authentication credentials (via Apple Sign-In, Google Sign-In, or email/password).

Health and fasting data

We collect fasting session data (start times, end times, fasting method, duration), water intake records, mood entries, and notes you create within the app. This data is stored in our cloud database (Firebase Firestore) when you are signed in.

Device and notification data

If you enable push notifications, we store your Firebase Cloud Messaging (FCM) token to deliver fasting reminders and milestone alerts. We also collect your device platform and notification preferences.

Usage data

We collect anonymous usage data including app interactions, feature usage, and crash reports to improve the Service.

3. How We Use Your Data

• To provide fasting tracking, milestone tracking, and analytics features
• To sync your fasting data across your devices
• To manage your subscription and account
• To send fasting reminders, milestone alerts, and phase transition notifications
• To improve the Service, fix bugs, and develop new features
• To generate anonymous, aggregated insights about fasting patterns

4. Data Storage & Security

Your fasting data is stored in Google Cloud (Firebase Firestore) servers when you are signed in. All data is encrypted in transit (TLS) and at rest. Blog image assets are stored on Cloudflare R2.

5. Apple HealthKit & Google Health Connect

QoFast integrates with Apple HealthKit on iOS and Google Health Connect on Android. These integrations are entirely optional and only become active after you grant explicit permission through the operating system’s permission dialog. You can review or revoke any permission at any time from the Apple Health app (iOS) or the Health Connect app / system settings (Android).

Data we read

With your permission, QoFast reads the following from your device’s health store to power the Insights screen, the home-screen health strip, the end-of-fast summary, and personalised recommendations during onboarding:

• Body weight
• Water intake (hydration)
• Step count
• Active energy burned
• Heart rate
• Sleep analysis

Data we write

When you log entries inside QoFast, we can write the corresponding records back to Apple Health / Health Connect so your data stays consistent across apps:

• Water intake you log in QoFast (and remove the same record when you undo it)
• Body weight you enter via the Goal weight sheet

How this data is used

Health data read from HealthKit or Health Connect never leaves your device. All insights, charts, and summaries are computed locally on your phone. We do not transmit, store, or back up HealthKit or Health Connect data on our servers, and we do not sync it to Firebase or any other cloud service.

In line with Apple’s and Google’s policies, we will never:

• Use HealthKit or Health Connect data for advertising, marketing, or similar services
• Sell HealthKit or Health Connect data to third parties or data brokers
• Disclose HealthKit or Health Connect data to third parties without your explicit consent
• Use HealthKit or Health Connect data for any purpose other than providing health and fitness features inside QoFast

You can disable the integration at any time from Settings → Apple Health (iOS) or Settings → Health Connect (Android) inside QoFast, or by revoking permission directly in the system. Doing so stops all reads and writes immediately. Records previously written by QoFast into the platform health store are owned by you and remain there until you delete them through Apple Health or Health Connect.

6. Third-Party Services

We use the following third-party services:

• Firebase (Google): Authentication, Cloud Firestore database, Cloud Messaging (push notifications), Crashlytics, and Analytics
• RevenueCat: Subscription management and receipt validation
• Sentry: Error tracking and performance monitoring
• Cloudflare: Content delivery and blog image storage
• Mailgun: Contact form email delivery (website only)
• Google Tag Manager: Analytics event tracking on the website

7. Your Rights (GDPR)

Under the GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Delete your account and all associated data
• Export your data in a portable format
• Restrict processing of your data
• Object to processing of your data

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. Data Retention

We retain your account and fasting data for as long as your account is active. If you delete your account, all associated data is permanently removed from our servers within 30 days. Anonymous, aggregated analytics data may be retained indefinitely.

9. Children’s Privacy

QoFast is not intended for children under 18. We do not knowingly collect personal data from minors. Fasting should only be practiced by adults, and we encourage parental guidance.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes via the app or email. Continued use of the Service after changes constitutes acceptance.

11. Contact

If you have questions about this Privacy Policy or your data, contact us at:

Qorinx
Email: [email protected]