Legal

BetrFitness App Privacy Policy

Effective Date: March 28, 2026

Definitions

For the purposes of this Privacy Policy, the following terms have the meanings set out below:

“BetrFitness,” “we,” “us,” or “our” refers to Crimson Vale, LLC, the entity that owns and operates the BetrFitness application.

“Application” or “App” refers to the BetrFitness mobile and web-based platform, including all associated features, services, and content.

“Personal Data” (or “Personal Information”) means any information that identifies, relates to, describes, or could reasonably be linked to an individual user, either directly or indirectly. This includes, but is not limited to, name, email address, device identifiers, and user activity data.

“Sensitive Personal Data” (or “Sensitive Personal Information”) refers to a subset of Personal Data that is considered more sensitive under applicable laws. In the context of BetrFitness, this may include health-related data such as height, weight, fitness activity, and biometric data collected from connected devices.

“Processing” means any operation performed on Personal Data, whether automated or manual, including collection, storage, use, analysis, modification, disclosure, or deletion.

“User,” “you,” or “your” refers to any individual who accesses or uses the BetrFitness App.

“Account” refers to a registered user profile created to access and use the App’s features.

“Fake Currency” or “Virtual Coins” refers to in-app points used within BetrFitness for gamification purposes. These have no real-world monetary value, cannot be redeemed for cash, and are used solely for entertainment and motivational features.

“Workout Data” refers to information you input or generate within the App relating to your fitness activities, including workouts, goals, performance outcomes, and progress metrics.

“Device Information” refers to technical data collected automatically from your device, including IP address, device type, operating system, and app usage data.

“Third-Party Services” refers to external services, platforms, or providers that integrate with or support BetrFitness, including analytics providers, cloud hosting services, wearable device integrations, and authentication services.

“Data Controller” means the entity that determines the purposes and means of processing Personal Data. For the purposes of this Privacy Policy, Crimson Vale, LLC is the Data Controller.

“Data Processor” means any third party that processes Personal Data on behalf of the Data Controller.

Introduction

Crimson Vale, LLC (“BetrFitness,” “we,” “us” or “our”) offers a fitness-focused application that allows users to record workouts and set personal fitness goals while participating in a social game using fake currency. Users place friendly wagers with virtual coins on the outcomes of their own workouts. The AI-generated odds and gamified challenges are intended for entertainment and motivation, not gambling. BetrFitness does not offer real-money gambling. All in-app currency has no monetary value, cannot be redeemed for cash or prizes, and is used solely for entertainment and motivational purposes. This Privacy Policy explains how we collect, use, share and protect your personal information and describes your rights. BetrFitness operates globally and complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), Personal Information Protection and Electronic Documents Act (PIPEDA) and other relevant privacy laws.

Information We Collect

Information You Provide

When you create a BetrFitness account, you supply personal details such as your name, email address and optional phone number. To help us tailor the experience and comply with legal obligations, we ask for your date of birth, gender, and a bio. The bio may include your height, weight, workout and weight-lifting experience. You may optionally upload a profile picture. The app also lets you set fitness goals (e.g., number of workouts per week), join challenges and track achievements. We record the fake coins you wager and win, your challenge status, the badges you earn and the goals you set or meet. You can choose whether to share contacts from your device or social networks to find friends – this information is stored only to connect you with other users.

Certain information collected by BetrFitness, including height, weight, and workout performance data, may be considered health-related or sensitive personal data under applicable laws. We process such data only with your explicit consent and solely for the purposes described in this policy.

Information From Your Use of the App

BetrFitness automatically collects technical data such as device identifiers (e.g., IP address, device ID), operating system version, time stamps of log-ins, and error logs. We record your interactions within the app: workouts entered, goals set, success status, coins wagered or won, badges or awards earned, and anonymised analytics about app usage. As with other fitness platforms, we may collect location or workout information when you voluntarily grant permission, but this data is used solely to generate workout odds and personalise your experience. We do not collect precise geolocation outside of your consented workout entries.

Information From Other Sources

If you connect a third-party account (e.g., Google or Apple) we receive your basic profile information from that provider. We may also collect information from wearable devices (e.g., heart-rate data or step counts) if you link them; such data is treated as health-related and is encrypted at rest and only used to personalise your experience and improve the AI odds. Biometric and health-related data is processed locally where possible and transmitted to our servers only when necessary for core functionality. We do not share health data with third parties without your explicit permission and never use it for advertising or unrelated purposes. We may receive aggregated analytics from service providers (e.g., crash reports) to improve stability.

How We Use Your Information

We may use your data to analyze behavior and improve user experience; however, such processing does not result in decisions that have legal or similarly significant effects. We process your personal information to:

  • Create and manage your account: We use your name, email, date of birth and other registration details to set up your account and authenticate you. This includes verifying that you meet our minimum age requirements and, where required, obtaining parental consent for minor users.
  • Deliver the services: We use your bio, goals, workout entries and fake currency wagers to provide the core functionality of the app. This includes generating AI‑driven odds for your workouts, tracking progress toward goals, awarding badges and coins, and allowing interaction with friends.
  • Personalise and improve the app: We analyse usage data to understand how users engage with the platform and to develop new features. Strava’s privacy policy notes that companies use aggregated or de‑identified information to improve products; BetrFitness does the same. We may use your feedback to troubleshoot issues or respond to support requests.
  • Communicate with you: We may send service messages (such as updates to this policy), account alerts, or respond to your inquiries. With your consent, we may send you marketing or promotional emails; you can opt out at any time.
  • Ensure security and prevent abuse: We use device information, log files and automated tools to detect suspicious activity, enforce our terms and protect users from fraud or abuse. We may employ AI models to detect anomalies and protect the integrity and security of the service—similar to how Strava uses AI features to detect anomalies on leaderboards.

Automated Decision-Making and AI

We use automated systems, including artificial intelligence models, to generate workout outcome probabilities and gamified odds. These systems are designed for entertainment and motivational purposes and do not produce legal or similarly significant effects on users. Users may request additional information about how such systems function and may opt out of certain automated features where feasible.

Legal Basis for Processing

Under the GDPR and similar laws, BetrFitness must have a valid legal basis to process your personal information. Our primary bases are:

  • Contract: We process your personal data to fulfil our contract with you—the Terms of Service—by providing and maintaining the app. Without this information we cannot create your account or track your fitness progress.
  • Consent: We rely on your consent to process optional data (e.g., biometric data from wearables, profile pictures, marketing communications). You may withdraw your consent at any time; withdrawal does not affect prior processing.
  • Legitimate interests: We may process your information for our legitimate interests, such as improving our services or preventing fraud, provided that our interests do not override your rights and freedoms.
  • Legal obligation: We may process certain data where necessary to comply with legal obligations (e.g., verifying age, responding to law enforcement requests or court orders).

Data Sharing and Disclosure

Service Providers

We use third‑party companies to help operate and improve BetrFitness. These service providers include cloud hosting providers, analytics services, email delivery services, payment processors (for subscriptions to premium features), and customer support platforms. They are given only the information necessary to perform their tasks and must protect it. King’s policy notes that service providers only have access to information necessary to perform specified functions; we follow the same principle. Payment details are processed by PCI‑compliant payment processors; we do not store your full payment card details. All third-party service providers are contractually obligated to process personal data only on our instructions and in compliance with applicable data protection laws.

Partners and Third‑Party Integrations

If you choose to link BetrFitness with a wearable or third‑party fitness platform, the integration may share data both ways. We will only share the minimum information required to operate the integration and will clearly identify the third‑party’s terms. Before connecting any third‑party service, we ask you to review the provider’s privacy policy and data practices. We require partners to implement robust security standards and will enter into data processing agreements where appropriate.

Corporate Affiliates and Transactions

BetrFitness may share your information with our corporate family of companies (e.g., subsidiaries) for purposes consistent with this policy. If we engage in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction, and you will be notified of any material changes.

Legal Requirements and Prevention of Harm

We may preserve or share your information if required by law or if we reasonably believe doing so is necessary to protect our rights or others’ safety. This includes responding to lawful requests from law enforcement or regulatory bodies, preventing fraud or abuse, ensuring the security of our systems, or responding to legal claims. We may retain and disclose your information to comply with our legal obligations or to enforce our Terms of Service.

De‑identified and Aggregated Data

We may aggregate or de‑identify your information so that it can no longer reasonably identify you. We may share de‑identified data with partners for research or statistical analysis, such as improving fitness programs. Such data does not include personal identifiers and is no longer subject to this policy.

International Data Transfers

BetrFitness is headquartered in the United States but operates internationally. Your information may be stored and processed in the United States or other countries where we or our service providers maintain facilities. When we transfer personal data from the European Economic Area (EEA), United Kingdom, Switzerland, Canada or other jurisdictions to the United States or other countries that may not provide the same level of protection, we implement appropriate safeguards. These include reliance on adequacy decisions, Standard Contractual Clauses approved by the European Commission, or other lawful transfer mechanisms. We also follow King’s approach of taking steps to ensure there are adequate safeguards for international transfers, such as using EU model clauses. By using our services, you consent to the transfer of your information to the United States or other jurisdictions as described in this policy. Where required, we conduct transfer impact assessments and implement supplementary safeguards to ensure an equivalent level of data protection.

Security Measures

BetrFitness is committed to protecting your information and uses industry‑standard safeguards:

  • Encryption at rest and in transit: Health and biometric data is encrypted using industry-standard methods both when stored and when transmitted. We implement industry-standard encryption protocols, including AES-256 (or equivalent) for data at rest and TLS 1.2 or higher for data in transit, subject to ongoing updates in line with evolving security standards. Wearable data connections are protected with application‑level end‑to‑end encryption in addition to Bluetooth encryption. Where feasible, such data is processed locally on your device and transmitted only when necessary for core functionality, in accordance with data minimization principles. Encryption keys are stored securely in the platform keychain.
  • Access controls and multi‑factor authentication: We restrict access to personal data to employees and contractors who need it to perform their duties. Multi‑factor authentication for administrative accounts and role‑based access controls reduce unauthorized access.
  • Physical, technical and organisational safeguards: Strava’s policy notes that it maintains administrative, technical and physical safeguards to protect against unauthorized use or disclosure. BetrFitness implements similar measures, including secure data centers, firewalls, intrusion detection, regular vulnerability scanning, and staff training on data protection. We conduct periodic security audits and require our service providers to maintain comparable controls.
  • Secure coding and third‑party reviews: We follow secure software development practices, including code reviews, penetration testing and patch management. Third‑party integrations are assessed for compliance with our security standards and we sign data processing agreements requiring them to protect user information.
  • Data minimization and pseudonymisation: Where possible, we store biometric identifiers separately from personal information and use tokenisation or anonymisation for analytics and AI models. Passwords are hashed and salted with strong algorithms such as SHA‑256.

Data Retention

We keep your information only as long as necessary to fulfil the purposes described in this policy. Under the GDPR, personal data must be stored only for as long as needed and a time limit for erasure or periodic review should be established. King’s policy similarly states that information is kept while the account is active or as necessary for legal obligations. BetrFitness determines retention periods based on the nature of the data, the purpose of processing, legal requirements and our legitimate business needs. For example:

  • Account data (name, email, bio, workouts) is retained for the life of your account and up to 45 days after deletion to ensure logs are removed.
  • Transaction logs and app activity (coins won, badges) are retained while your account is active and for a limited period thereafter for analytics, troubleshooting, and fraud prevention.
  • Health or biometric data from wearables is retained only for the purpose for which it was collected and deleted or de‑identified once no longer required.
  • Backups are retained for a limited period and then securely overwritten.
  • Legal and regulatory obligations may require us to retain certain records for longer; once those obligations expire, the data will be deleted or anonymised.
  • Inactive accounts may be deleted or anonymised after approximately 24 months of inactivity, unless required to retain longer for legal or security purposes.
  • Workout, performance, and gamification data may be retained for up to 12 months after account deletion unless required for legal, security, or fraud prevention purposes.

You may request deletion of your account and personal data at any time, as described in the “Your Rights” section. We will also periodically review and delete or anonymise inactive accounts and outdated data in accordance with our retention policy.

Your Rights and Choices

Depending on your location, you have the following rights regarding your personal information. We will not discriminate against you for exercising these rights.

  • Right to be informed: You have the right to know how we collect and use your data. This policy provides that information.
  • Right of access: You may request a copy of the personal information we hold about you.
  • Right to rectification: You can request correction of inaccurate data.
  • Right to erasure (“right to be forgotten”): You may request deletion of your personal information. We may retain certain data to comply with legal obligations, resolve disputes, or enforce our rights.
  • Right to restriction of processing: In certain cases, you can ask us to limit processing of your data.
  • Right to object: You may object to our processing based on legitimate interests, including direct marketing.
  • Right to data portability: You can request that we transfer your data to another service provider in a structured, commonly used format.
  • Right to withdraw consent: Where we rely on consent, you may withdraw it at any time.
  • Rights under CCPA/CPRA and other US state laws: If you are a resident of California or certain other US states, you have additional rights, including the right to know the categories of information collected, request deletion, opt out of sales or sharing of personal information (we do not sell personal data), limit the use of sensitive personal information, correct inaccurate information, and not be discriminated against for exercising your rights. You may designate an authorised agent to make these requests on your behalf. BetrFitness does not sell personal information as defined under applicable U.S. privacy laws.

To exercise your rights, please contact us using the methods described below. We may need to verify your identity before responding and may ask for additional information (such as account details or identification documents) to do so. We aim to respond within one month, though this period may be extended in complex cases. For California residents, we will respond within 45 days of receiving your request, as required by the CCPA.

Children and Minors

BetrFitness is intended for adults and older teens. Children under 13 (or the age of digital consent in your jurisdiction) may not create an account or use BetrFitness. If we learn that a child under the age limit has provided us with personal information, we will delete it promptly. For teens aged 13 to 17, certain game features (such as placing virtual bets) are restricted, and we may require parental consent to unlock features. Epic Games uses “Cabined Accounts” for minors and collects limited data (date of birth, hashed email, persistent identifiers) with parental consent; similarly, BetrFitness will collect only the necessary information for teens and offer parental controls. We disable in‑app purchases for minors, and we do not use minor users’ information for marketing. Certain features of the app, including virtual wagering mechanics, may be restricted or limited for users under the age of 18.

Parents or legal guardians can review, correct, or delete their child’s information and can refuse further collection by contacting us. We may require verification of identity to confirm that the request is from the parent or guardian. If a minor user contacts us with a request, we will delete their personal information after resolving the inquiry. We comply with COPPA and other youth privacy laws, as summarised in Federal Trade Commission guidance.

Health and Biometric Data

Because BetrFitness may process health‑related information (e.g., height, weight and exercise data) and biometric identifiers (e.g., heart‑rate data from wearables), we treat this information as sensitive. Glance’s data security guidelines emphasise that health and biometric data requires encryption at rest and in transit, proper access controls and tokenisation. We obtain explicit consent before collecting health or biometric data and explain why we need it and how it will be used. We never sell or use this data for advertising or profiling. If you decline to provide health data, you may still use most features of BetrFitness, but some personalised functions may be limited.

Privacy for Residents of Canada

For users in Canada, BetrFitness complies with PIPEDA. Principle 5 of PIPEDA requires limiting use, disclosure and retention of personal information to the purposes for which it was collected, and Principle 7 requires safeguards that consider the sensitivity of the information. We adhere to these principles by only using and sharing your information for the purposes explained in this policy and by employing appropriate physical, technological and organisational safeguards. You have the right to access your personal information and request correction. To file a complaint, you may contact our privacy officer or the Office of the Privacy Commissioner of Canada.

Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable law. When we make material changes, we will post the updated policy on this page and indicate the “Effective Date.” If changes materially affect how we handle your information, we will provide additional notice (e.g., by email or in‑app alert) and, where required by law, obtain your consent. Your continued use of BetrFitness after an update constitutes acceptance of the revised policy. If you disagree with any changes, you should stop using the app and request deletion of your account.

Contact Us

Crimson Vale, LLC
Attn: Data Protection Officer
Email: privacy@betrfitness.com