fitElle

Privacy Policy for the App "fitElle"

1. About Us

We are fitBilling, operated by Karin Schall, c/o Postflex #7152, Emsdettener Str. 10, 48268 Greven, Germany.

In this Privacy Policy:

  • "we"/"us" refers to fitBilling
  • "third party" refers to any natural or legal person other than you or us.

2. About the App

fitElle is a self-tracking app designed for individuals with a menstrual cycle. Users receive personalized information related to cycle phases, nutrition, and symptoms. The app uses AI-powered recommendations based on data voluntarily provided by the user.

We are transparent in informing you that you are interacting with an AI system—the advice and tips provided are generated through artificial intelligence.

The app is intended for use by persons aged 16 and older. If you are under 16, parental or guardian consent is required due to the processing of health-related data (Art. 8 GDPR).

No account is required to use the app. We do not collect directly identifying information such as your name or email address. All entered data is pseudonymized, and no conclusions can be drawn about your identity.

3. What Data We Collect and Why

3.1 When Downloading the App

When you download the app, certain information is processed by the respective app store (Apple App Store or Google Play), in particular your username, email address, account number, download time, and payment information if applicable. We have no influence over this data collection and are not responsible for it – the respective app store is the responsible controller in this context. Please refer to the app store’s privacy policy for more details.

3.2 Automatically Collected Data

When using the app without creating an account, we collect certain technical usage data to ensure the app's functionality and security, including:

  • Operating system and version, manufacturer and model of your device
  • Timestamp of accessing the app and respective functions
  • Device data such as a unique device ID or installation ID
  • IP address and similar technical connection data

3.3 User-Provided Data (App Use)

The app processes the following voluntary inputs you provide:

  • Cycle information: e.g., menstruation start, duration, ovulation, fertility window
  • Symptoms: mood, pain, and other cycle-related states
  • Nutrition & exercise: optional details on diet, physical activity, etc.

These inputs are used exclusively to generate personalized content and AI-based recommendations—for example, insight into your cycle phase or wellness suggestions.

As this data relates to health and sexual life, it qualifies as special category data under Art. 9 GDPR. We process such data only with your explicit consent (Art. 6(1)(a) in conjunction with Art. 9(2)(a) GDPR). By entering this data, you consent to its processing.

Without this consent (or if you choose not to enter data), personalized AI recommendations cannot be provided. You can revoke your consent at any time with future effect (see Section 10.6).

All health-related data is stored pseudonymously in an EU-based database. Your data is saved under a randomly generated user ID—no names or identifiers are attached. We do not currently synchronize with Apple Health or Google Fit. Should this change, you will be informed and asked for consent.

3.4 Payments & Subscriptions (via Superwall)

We use Superwall (Nest22, Inc., 2261 Market Street #4412, San Francisco, CA 94114, USA) to manage in-app purchases and subscriptions.

Superwall provides in-app paywalls and integrates with the native payment systems of Apple and Google:

  • Apple: StoreKit / StoreKit 2
  • Android: Google Play Billing

Payments are processed directly by the app stores. We do not receive any complete payment information (e.g., credit card details). Subscription validation and restoration are handled by Apple/Google.

Superwall Data Processing

To manage subscriptions and personalize paywall displays, Superwall may process:

  • Device information (model, OS, language, app version)
  • Time and type of app usage
  • Subscription status (active/inactive)
  • Events such as paywall interactions

Superwall may also receive pseudonymous user attributes, such as email or internal app IDs, for audience segmentation and personalization. No sensitive health data is transferred to Superwall.

Data Transfers to Third Countries

Superwall is based in the USA. While data may be processed outside the EU, we have concluded Standard Contractual Clauses (SCCs) under Art. 46(2)(c) GDPR with the provider to ensure an adequate level of protection. We monitor legal developments (e.g., Schrems II) and implement additional safeguards such as pseudonymization and strict access controls.

Legal Basis

  • Art. 6(1)(b) GDPR: Contract performance (subscription management)
  • Art. 6(1)(f) GDPR: Legitimate interest (stable and efficient app experience)

3.5 Technology Partners (AI Services: Gemini and Groq)

To provide AI-powered recommendations, the app uses services from Gemini (Google LLC) and Groq (Groq, Inc.). These platforms process only the relevant pseudonymized input data necessary to generate personalized tips for you.

  • Only non-identifying information—such as cycle and symptom data—paired with an anonymous user ID is transmitted.
  • No names, email addresses, or direct identifiers are shared.

The AI processing takes place within the EU, and we have signed Data Processing Agreements (DPAs) with these providers in accordance with Art. 28 GDPR. These contracts ensure that:

  • Processing occurs only according to our instructions
  • Sufficient security measures are in place
  • No unauthorized use or transfer of your data occurs

Although both companies are based in the USA, all processing is performed on EU-hosted infrastructure, ensuring your data remains within EU jurisdiction. Additional safeguards and contractual obligations apply to cover international aspects (see also Section 7).

Legal Basis

  • Art. 6(1)(a) GDPR in conjunction with Art. 9(2)(a) – your explicit consent
  • Alternatively: Art. 6(1)(f) GDPR – our legitimate interest in providing innovative app features

We emphasize: AI-generated recommendations do not constitute medical diagnoses or decisions. There is no fully automated decision-making under Art. 22 GDPR. The choice to act on AI tips is always yours.

3.6 Data Storage (Hosting & Database)

All data collected via the app is stored in our backend using MongoDB Atlas, a cloud-based database service. The database is hosted in the EU (currently Frankfurt am Main, Germany) and operated by MongoDB, Inc. (USA).

  • Data is stored encrypted and pseudonymized
  • No clear-text identifiers (such as names or emails) are recorded
  • Only data required for app functionality is stored

We have signed a Data Processing Agreement with MongoDB in accordance with Art. 28 GDPR. Although MongoDB is a U.S. company, access to EU-hosted data is contractually and technically restricted. We implement safeguards to mitigate risks from international access (see Section 7).

Data security: Communication between your device and our backend is encrypted (HTTPS). Access to stored data is limited to authorized personnel bound by confidentiality.

3.7 Data Protection Impact Assessment & Compliance

Because we process sensitive health data using AI, we have conducted a Data Protection Impact Assessment (DPIA) as required under Art. 35 GDPR.

  • The assessment confirms that risks to your rights and freedoms are minimized
  • Adequate technical and organizational safeguards are in place
  • We monitor developments in AI regulation, especially the EU AI Act
  • Should the AI Act introduce new compliance obligations (e.g., risk classifications, transparency notices), we will implement them accordingly.

4. No User Account Required

fitElle works without requiring user registration. You do not need to provide personal identifiers such as your name or email to use the app.

All data:

  • Is either stored locally on your device
  • Or stored pseudonymously on our servers, without direct link to your identity

Because there is no central account, your data is device-bound. If you uninstall the app or switch devices, data may be lost unless you have created a system backup.

Nevertheless, we treat all information you enter as personal data under GDPR and apply strict security measures.

5. Deleting Your Data

You can delete your personal data stored in the app at any time. To do this, use the "Delete Account" option in the app's Profile or Settings section. Alternatively, you can contact our support team (see Section 11), and we will assist you in deleting your data.

Note: Since we do not use user accounts, identifying which data belongs to you in a support request requires an alternative method—such as a device ID or diagnostic link displayed by the app.

When you initiate deletion:

  • All data you have entered and associated pseudonymous IDs are removed from our backend.
  • Local data (e.g., app settings or cached content) is deleted when you uninstall the app.
  • After deletion, personalized app features will no longer be available unless you enter new data.

We also routinely delete or anonymize personal data when it is no longer needed for the purposes for which it was collected. For data retention periods, see Section 9. Any deletion initiated by you will override those retention periods, unless legal obligations apply.

Important: Deleting your app data does not automatically cancel your paid subscription. This must be done separately in the Apple App Store or Google Play Store. If you delete the app without canceling the subscription, your paid plan may continue, even though no more health data is being processed.

6. Data Disclosure

We do not share your personal data with third parties without your explicit consent, except as explicitly stated in this policy or where legally required.

Specifically:

  • Service Providers: Some data is shared with selected processors necessary for app functionality (e.g., MongoDB for hosting, Gemini & Groq for AI processing). These parties operate under Data Processing Agreements and act only on our behalf, not for their own purposes.
  • Legal Requests: If required by law, or in the case of unlawful app use, we may share personal data with law enforcement or legal advisors—only if necessary and legally justified.
  • Corporate Transactions: In case of corporate restructuring (e.g., acquisition of the app), data may be transferred to the new owner—subject to compliance with data protection regulations and, if required, your consent.

We do not sell your data or use it for advertising purposes. Your health and cycle data are never transferred to advertisers or data brokers—not even in pseudonymized form.

If we ever plan to use your data for research or external purposes, we will first request your informed consent. Without it, only fully anonymized data would be used (with no way to identify you).

7. International Data Transfers

Whenever possible, we process your data within the European Economic Area (EEA). However, some of our trusted partners are based outside the EU—primarily in the United States (e.g., MongoDB, Google/Gemini, Groq, and Superwall).

To ensure GDPR-compliant transfers, we rely on:

  • The EU-U.S. Data Privacy Framework (for certified U.S. organizations)
  • Standard Contractual Clauses (SCCs) under Art. 46(2)(c) GDPR
  • Additional technical and organizational safeguards (e.g., pseudonymization, encryption)

We continuously monitor legal developments and implement measures to minimize risks from cross-border transfers.

Residual risk warning: U.S. authorities may have access to data under certain laws. While this cannot be ruled out entirely, our data is pseudonymized, and we do not store directly identifying information.

If you have concerns or want more information, contact us at the address in Section 11.

8. Processing Your Data for Other Purposes

As a rule, we process your personal data only for the purposes stated in this privacy policy. If we intend to use your data for a purpose other than that for which it was originally collected, we will only do so if legally permitted or if you have given your consent.

If such a purpose change arises (e.g., using your cycle data for scientific research), we will inform you in advance and provide all relevant information, including the new purpose and legal basis. Without this, no further use of your data will occur.

We strictly adhere to the principle of purpose limitation: your data is only used for clearly defined, legitimate purposes.

9. How Long We Store Your Data

We retain your personal data only as long as necessary for the purposes stated in this policy.

General retention

  • As long as you actively use the app and have not deleted your data, we retain it to provide functionality.
  • If you uninstall the app or become inactive (e.g., for over 24 months), we may automatically delete your data after a grace period.
  • You can also request deletion at any time (see Section 5).

Legal retention obligations

  • Some data, such as subscription-related billing records, must be retained for up to 10 years due to tax and commercial laws. During this period, the data will be restricted (not actively used), and deleted as soon as the obligation ends.

We follow the principle: “Delete what you don’t need.” We store data only as long as necessary and prioritize deletion over unnecessary retention.

10. How You Control Your Data – Your Rights

Under the GDPR, you have the following rights regarding your personal data:

10.1 Right of Access (Art. 15 GDPR)

You can request information about what personal data we process, for what purpose, who has received it, and how long we store it. To request access, contact us (see Section 11). We will respond within one month as required by law.

10.2 Right to Rectification (Art. 16 GDPR)

You can ask us to correct inaccurate or incomplete personal data. You can also edit some data directly in the app.

10.3 Right to Erasure (Art. 17 GDPR)

You may request deletion of your data if:

  • It’s no longer needed for the purpose collected
  • You withdraw consent
  • The processing is unlawful
  • You have objected, and there are no overriding reasons to retain it

Some exceptions apply (e.g., legal obligations or defense of legal claims).

10.4 Right to Restriction of Processing (Art. 18 GDPR)

You can request that we limit the use of your data in certain cases—for example, if you contest the accuracy, or if data is no longer needed but you need it for legal claims.

When restricted, the data is “frozen” and not used for other purposes.

10.5 Right to Data Portability (Art. 20 GDPR)

You can receive a copy of the data you’ve provided in a structured, machine-readable format and transmit it to another provider.

10.6 Right to Withdraw Consent (Art. 7(3) GDPR)

You can withdraw consent at any time, effective for the future. Past processing based on consent remains lawful. Withdrawal may limit the app’s functionality.

10.7 Right to Object (Art. 21 GDPR)

You can object to processing based on legitimate interest (Art. 6(1)(f) GDPR), unless we can demonstrate compelling legitimate grounds.

You can always object to processing for marketing purposes (though we do not conduct any in this app).

10.8 Right to Lodge a Complaint (Art. 77 GDPR)

If you believe your data protection rights have been violated, you may file a complaint with a supervisory authority.

Our lead authority is:

  • Bavarian Data Protection Authority (BayLDA)
  • Promenade 18, 91522 Ansbach, Germany
  • Phone: +49 981 531300
  • Email: poststelle@lda.bayern.de

We recommend contacting us first to try to resolve the issue amicably.

11. Contact

Privacy-related inquiries

If you have questions or comments about how we handle your personal data, or if you wish to exercise any of your rights (see Section 10), you can contact us at:

📧 datenschutz@fitelle.app

This is our dedicated contact for privacy matters (which may also reach our data protection officer, if appointed). We take privacy seriously and aim to respond promptly.

Postal address

fitBilling
Karin Schall
c/o Postflex #7152
Emsdettener Str. 10
48268 Greven
Germany

(please add "Data Protection" to the envelope)

For postal inquiries, please allow additional processing time and include an email address for replies.

General support

If you have questions about how to use the app or encounter technical problems, please contact:

📧 info@fitelle.app

Please do not send sensitive data to this address. If your issue involves personal data, we will redirect you to the appropriate privacy-compliant communication channel.

We always welcome feedback – don’t hesitate to reach out.

12. Changes to this Privacy Policy

We keep this privacy policy up to date. If we make material changes (e.g. introducing new features or adapting to new legal requirements), we will inform you within the app (e.g., via pop-up or release notes). Where necessary, we will request your renewed consent.

You can always view the current version of the privacy policy in the app under:

Settings > Privacy Policy

The date of the last update is also displayed there.

Please check this policy from time to time, especially if you notice changes in the app. If you have questions about updates or need access to previous versions, feel free to contact us.

Last updated: August 2025