Legal

Privacy Policy

Last updated: April 2026  ·  Effective immediately

The short version: We collect the health data you give us to power your personal AI coach. We never sell it, never share it with advertisers, and you can delete everything at any time from inside the app.

1. Who we are

Biome Fitness ("we", "us", "our") operates the Biome Fitness web application at app.biome.fitness and the marketing website at biome.fitness.

For questions about this policy or your data, contact us at support@biome.fitness.

2. What data we collect

We collect only what is necessary to provide the service:

  • Account data: Email address and password (stored securely by Supabase Auth)
  • Profile data: Name, age, biological sex, height, weight, and health goal — used to personalise your calorie targets and AI coaching
  • Health tracking data: Meals you log (name, calories, macros), daily step counts, water intake, body measurements, and weight entries
  • AI conversations: Messages you send to the Daily Mentor and the AI's responses — used to provide continuity across sessions
  • Life events: Upcoming events you add (e.g. holidays, weddings) — used to give context-aware coaching advice
  • Habit data: Habits you create and your completion history

We do not collect location data, device identifiers, or any data beyond what you directly provide.

3. How we use your data

  • To calculate personalised daily calorie and nutrition targets
  • To power the AI Daily Mentor — your health data is included in the AI's context so it can give relevant, specific advice
  • To show you your progress over time (charts, history, weekly debrief)
  • To generate your AI profile summary
  • To send you optional notification reminders (if you enable them)

We do not use your data for advertising, profiling for third parties, or any purpose beyond operating the service described above.

4. Third-party services

We use the following third-party services to operate Biome Fitness:

  • Supabase (supabase.com) — database and authentication. Your data is stored in their EU/US infrastructure with row-level security. See Supabase Privacy Policy.
  • Anthropic Claude API — powers the Daily Mentor, meal analysis, habit suggestions, and profile summaries. All AI requests are routed through our own server proxy — your data is sent to Anthropic only to generate a response and is not stored by Anthropic beyond the duration of the request. See Anthropic Privacy Policy.
  • Vercel — hosts the web application and our API proxy. See Vercel Privacy Policy.

No other third parties have access to your personal data.

5. Data storage and security

Your data is stored in Supabase with row-level security enabled — meaning database queries are enforced to only return your own data, even in the event of a misconfiguration. Passwords are hashed and never stored in plain text.

Locally on your device, we use browser storage (localStorage) to cache today's data for faster load times. This data is cleared when you sign out.

6. Your rights

Under GDPR and general data protection principles, you have the right to:

  • Access your data — use the "Export my data" button in Profile → Settings to download a complete JSON copy of all your data
  • Delete your data — use the "Delete account" button in Profile → Settings to permanently and immediately delete your account and all associated data from our systems
  • Correct your data — edit your profile at any time from Profile → Settings
  • Object to processing — contact us at support@biome.fitness and we will respond within 30 days

7. Data retention

We retain your data for as long as your account is active. When you delete your account, all data is permanently deleted from our database immediately — there is no grace period or backup retention of personal data.

8. Children

Biome Fitness is not intended for use by anyone under the age of 16. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us at support@biome.fitness and we will delete the account immediately.

9. Changes to this policy

If we make material changes to this policy, we will update the "Last updated" date at the top of this page. Continued use of the service after changes constitutes acceptance of the updated policy.

10. Contact

For any privacy-related questions, data requests, or concerns:

Email: support@biome.fitness

We aim to respond to all requests within 5 business days.