Legal
Privacy Policy
Effective: June 1, 2026 · Last updated: June 1, 2026
1. Who we are
Movement Theory Labs LLC (“Movement Theory,” “we,” “us,” or “our”) is a Florida limited liability company that operates the Movement Theory iOS application (the “App”) and the website at movementtheory.app (the “Site,” together with the App, the “Services”).
- Legal entity: Movement Theory Labs LLC
- State of formation: Florida, United States
- Mailing address: 5510 NW 38th Terrace, Coconut Creek, FL 33073
- Privacy contact: [email protected]
- General support: [email protected]
- EU / UK representative (Art. 27 GDPR): Not required while the Services are offered only in the United States (see Section 2). We will appoint a representative before making the Services available in the EEA or UK.
For purposes of the EU and UK General Data Protection Regulations, Movement Theory Labs LLC is the data controller of the personal information described in this Policy.
This Policy explains what personal information we collect, why we collect it, how we use and share it, and the choices and rights you have. We’ve written it in plain language so dancers, parents, and reviewers can understand what we do.
2. Scope
This Policy applies to personal information we collect:
- Through the Movement Theory iOS App (any version distributed via the Apple App Store);
- Through movementtheory.app and any subdomains we operate;
- Through emails, support tickets, and other communications you send us.
This Policy does not apply to third-party websites, apps, or services that we link to or that integrate with the App. Their privacy practices are governed by their own policies. See Section 8 (Third Parties) for the services we currently use.
Geographic scope. The Services are currently offered only in the United States and are directed to U.S. residents. We do not target, or knowingly make the Services available to, individuals in the European Economic Area, the United Kingdom, or other regions. If you access the Services from outside the United States, you do so on your own initiative and are responsible for compliance with local law. The region-specific rights described in Section 12 are offered as a courtesy and will apply if and when we make the Services available in those regions.
3. Personal information we collect
We collect only the information we need to operate the Services. We do not sell personal information, we do not share it for cross-context behavioral advertising, and we do not use advertising or tracking SDKs.
The following table summarizes every category of personal information (“PI”) we collect, organized to match the categories used by the California Consumer Privacy Act (as amended by the CPRA) and the data types in Apple’s App Privacy Details.
| Category | Examples | Source | Required? |
|---|---|---|---|
| Identifiers | Email address, account user ID (Supabase UUID), name | You, on signup | Required for accounts |
| Customer records | Display name, profile photo (if you add one), preferred units (metric / imperial) | You, in Profile | Optional |
| Commercial information | Subscription tier, purchase history, entitlement status | Apple / RevenueCat | Only for subscribers |
| Internet activity | Crash logs and error diagnostics (when you choose to send them); pseudonymous product-analytics events tied to your account ID — which paywall screens you saw, certain feature taps, trial-nudge interactions, and in-app survey responses — used only to improve the Services and never shared with advertisers or data brokers; in-app navigation events used to compute your Home/Progress dashboards | Automatic | Optional — product analytics can be turned off (Section 12) |
| Geolocation | We do not collect precise or coarse location. | — | Never collected |
| Sensory data | Pose landmarks (body-joint positions) and derived joint-angle metrics computed from video you capture; photos of food packaging or barcodes you choose to scan | You / device, when you analyze a session or log a meal | Only when you use those features |
| Audio / video / visual | The raw video of your dance recording remains on your device unless you explicitly export it; we receive only derived pose metrics (numerical joint data). Food photos are sent to our AI provider for ingredient identification and are not stored after the request completes. | You | Optional |
| Professional or employment information | None | — | Never collected |
| Education information | None | — | Never collected |
| Inferences | Award level, AI-generated coaching notes, “weak area” tags computed from your session history | Generated by us | Created only from data you provide |
| Sensitive personal information | Age, date of birth or year of birth, height, weight, sex / gender identity, dietary preferences, injury history (body area, type, recovery status, notes), dance level, dance goals | You, in onboarding or Profile | Required fields where indicated |
| Children’s personal information | For dancers under 13: name, age, sex, height, weight, dance styles, dance level, goals, injury history, and the AI analysis sessions, workout completions, and event entries the child creates. Collected from a parent-managed account only after verified parental consent (see Section 9). | Parent (or child on a parent-supervised device) | Required to use the Services as an under-13 dancer |
We do not collect: precise location, contacts, social graph, browsing history outside the App, advertising identifiers, device fingerprints for tracking purposes, microphone audio outside an active video recording, or biometric identifiers such as fingerprints, iris patterns, voiceprints, or facial recognition templates.
About “pose data”
Movement Theory uses an on-device pose-estimation model to extract skeletal landmarks from your video. The model runs entirely on your iPhone — frames of your video are processed in memory and discarded.
From those landmarks we compute summary metrics (joint angles at the hips, knees, shoulders, elbows, wrists; spine-alignment scores; symmetry scores; etc.). Those metrics — not the raw video, not the full landmark stream, not your face — are what we transmit to our AI coaching service when you save a session. We treat the metrics as sensitive information and apply the protections described in this Policy.
We do not use pose data to identify individuals. Joint angles describe the geometry of a movement, not a person, and we do not maintain a database that maps pose data back to individual identity. Where U.S. state biometric-information laws (such as Illinois BIPA, Texas CUBI, or Washington HB 1493) may treat skeletal-landmark data as covered information, we follow the conservative path of disclosing the practice in detail (as we do here) and obtaining explicit in-app consent before any export of pose data to a third-party AI provider.
4. Sources of personal information
We collect personal information from:
- You, when you create an account, complete onboarding, edit your profile, capture or upload a dance video for analysis, complete a workout, log a meal, scan a barcode, add a performance event, send us an email, or otherwise interact with the Services.
- Your parent or legal guardian, if you are a child under 13, and from you yourself once your parent has consented (see Section 9).
- Your device, automatically — for example, the iOS version your App is running on (for compatibility), basic crash and error diagnostics, and the on-device pose model’s output for the duration of a session.
- The Site, when you join our waitlist or submit a form on movementtheory.app — for example, your email address and basic technical metadata about the request, such as the referral source and your browser’s user-agent string.
- Our service providers, for limited operational purposes — Apple (subscription status, App Store receipts), RevenueCat (subscription entitlements linked to your account), Supabase (the database and authentication infrastructure that stores your account), Anthropic (AI coaching responses), and Open Food Facts (public product database for barcode lookups).
5. Purposes of processing and legal bases
| Purpose | Categories used | GDPR legal basis (EU / UK users) |
|---|---|---|
| Create and maintain your account; authenticate you | Identifiers, sensitive PI (DOB for age gating) | Contract (Art. 6(1)(b)) |
| Operate the dance-analysis feature (compute pose metrics, generate coaching feedback, save the session) | Sensory data, sensitive PI (age, level, injuries used to calibrate feedback), inferences | Contract; explicit consent for sensitive-data processing (Art. 9(2)(a)) |
| Run the workout, nutrition, and event-tracking features | Customer records, sensitive PI, commercial information | Contract |
| Operate the under-13 parent-supervision flow | Children’s PI, parent identifiers | Contract; verifiable parental consent under COPPA |
| Process subscriptions and detect entitlement | Identifiers, commercial information | Contract |
| Send transactional emails (sign-in, password reset, parent-verification, account deletion confirmation) | Identifiers | Contract |
| Improve and debug the Services | Internet activity, error diagnostics | Legitimate interests (Art. 6(1)(f)) — interest in maintaining a working product, balanced against minimal user impact |
| Comply with law and protect rights | All | Legal obligation (Art. 6(1)(c)); legitimate interests |
We do not process personal information for direct marketing, behavioral advertising, automated decision-making with legal effects, or profiling that produces legal or similarly significant effects.
6. How we use your information
We use your information to:
- Provide the Services — generate the AI coaching feedback you ask for; calculate your award levels and “next session focus”; populate your Home, Progress, and Training screens; deliver workouts; track meals; remind you of upcoming performances.
- Operate accounts — let you sign in via email/password or Apple Sign-In; reset passwords; let parents manage child dancer profiles; sign you out.
- Communicate with you — send transactional emails (sign-in, password reset, parent-verification links, account-deletion confirmations); schedule local notifications you’ve opted into (streak reminder, day-of performance reminder, post-analysis nudge, and an occasional come-back reminder).
- Bill and entitle subscriptions — recognize your subscription tier via Apple and RevenueCat so you get the features you’ve paid for.
- Keep the Services safe and working — monitor for abuse; investigate bugs and crashes; rate-limit free-tier usage; protect against unauthorized access.
- Comply with law — respond to lawful requests; meet our COPPA, CCPA/CPRA, GDPR, and other obligations.
We do not use your data to train any AI model, our own or a third party’s. See Section 7 for what Anthropic does and does not do with the data we send for inference.
7. AI features and how they work
When you save a dance-analysis session, the App sends the following to our backend, which forwards it to Anthropic’s Claude API for inference:
- The pose metrics described in Section 3 (joint angles, alignment and symmetry scores) — not the raw video, not the raw landmark stream, not any image of you;
- The move label you entered (e.g., “fouetté turn”);
- A small amount of profile context used to calibrate language and difficulty: dance level, dance style(s), relevant injury notes (so the AI does not recommend exercises that conflict with a flagged injury), and — only for a dancer under 12 — a coarse “young dancer” indicator. We do not send your exact age, date of birth, or name;
- A coaching system prompt we maintain;
- An opaque per-account identifier (your randomly assigned account ID, prefixed for our systems) that lets Anthropic enforce its usage and abuse policies. Because it is a random identifier, Anthropic cannot use it to learn your name, email, or contact information.
When you scan a food barcode or photograph an ingredient for the Fuel tab, the App sends the barcode string to the public Open Food Facts API and, for image-based lookups, sends the photo to Anthropic’s Claude API to extract product, brand, and serving information. Food photos are not stored after the request completes.
Apple App Store Review Guideline 5.1.2 — explicit third-party AI consent. We disclose the use of Anthropic and Open Food Facts here in our Privacy Policy, and in addition the App presents an in-app disclosure the first time you use the AI analysis or AI nutrition features and asks for your explicit permission before sending data to Anthropic. Your decision is persisted per-account and per-disclosure-version, so you re-consent only when this Policy meaningfully changes. You can withdraw permission at any time in Profile → Privacy → AI Coaching Features — withdrawing it disables AI features until you re-grant it.
Anthropic’s processing. We use Anthropic’s standard commercial API (we do not have a Zero Data Retention add-on). Under Anthropic’s commercial terms in force at the date of this Policy, Anthropic may retain API inputs and outputs for up to 30 days for trust-and-safety and operational purposes, after which they are deleted. Anthropic does not use our API inputs or outputs to train its models. Anthropic’s commercial-terms posture is published at https://www.anthropic.com/legal/commercial-terms; we will reflect any material change to it through this Policy.
Anthropic privacy policy: https://www.anthropic.com/legal/privacy
Important limitations of AI feedback. AI-generated coaching notes, scores, drill recommendations, and nutrition information may contain errors, omissions, or oversimplifications. They are not a substitute for a qualified dance instructor, medical professional, registered dietitian, or licensed athletic trainer. See Section 8 of the Terms of Service for the medical and training disclaimer.
8. How we share personal information
We share personal information only with the limited set of service providers that operate the Services, and only for the purposes listed. Each is contractually obligated to protect the data and use it only on our instructions — except Open Food Facts, a public database we query with a barcode string that contains no personal information.
| Recipient | What we share | Purpose | Where it lives | Privacy policy |
|---|---|---|---|---|
| Apple | Subscription receipt, your Apple ID’s anonymized identifier (only if you use Sign In with Apple), App Store transaction events | App distribution, subscription billing, Sign In with Apple authentication | United States | https://www.apple.com/legal/privacy/ |
| Supabase Inc. | Account email, password hash (if email/password auth), profile, dancer profiles, analysis-session metadata, workout completions, performance events, nutrition logs (solo accounts only) | Database, authentication, file storage | United States | https://supabase.com/privacy |
| Anthropic, PBC | Pose metrics, move label, calibration context (dance level, style, injury flag, and for an under-12 dancer a coarse “young dancer” indicator — never exact age, date of birth, or name), food photos when scanning ingredients, and an opaque per-account identifier for abuse monitoring | Generative-AI inference for coaching feedback and nutrition lookups | United States | https://www.anthropic.com/legal/privacy |
| RevenueCat, Inc. | Your account UUID, email, active entitlements, subscription product ID | Subscription state, receipt validation, family-plan entitlement management | United States | https://www.revenuecat.com/privacy |
| Open Food Facts | Barcode string only (no PII) | Public product database lookup | France (EU) | https://world.openfoodfacts.org/legal |
| Resend, Inc. | Transactional email content (recipient address, account display name, parent-verification token, password-reset link, support replies) | Outbound email delivery for Supabase Auth events and our own transactional mail | United States | https://resend.com/legal/privacy-policy |
| Microsoft Corporation (Microsoft 365) | Inbound emails sent to our published addresses (support, privacy, legal, accessibility, security) and any outbound mail sent from those addresses by our team | Hosted email mailboxes for the @movementtheory.app domain and the SMTP relay used by Resend for delivery | United States | https://privacy.microsoft.com/en-us/privacystatement |
| Render, Inc. | Encrypted backend traffic relayed to/from the App and Anthropic | Backend hosting for our API proxy | United States | https://render.com/privacy |
| Cloudflare, Inc. | Website request metadata (IP address, browser / user-agent) from visitors to movementtheory.app, and the waitlist details (email, referral source) you submit on the Site | Hosting, content delivery (CDN), and security / WAF for the movementtheory.app website and its forms | United States (global edge network) | https://www.cloudflare.com/privacypolicy/ |
We do not share personal information with:
- Advertisers, ad networks, or marketing platforms;
- Data brokers;
- Analytics SDKs (we do not use Firebase Analytics, Google Analytics, Mixpanel, Amplitude, Sentry, Crashlytics, or similar — confirmed by source-code audit on 2026-05-17);
- Social networks for behavioral advertising or social-graph enrichment.
We may also disclose personal information when legally required (in response to a subpoena, court order, or other valid legal process), to protect rights (our own, our users’, or the public’s), to enforce our Terms, or as part of a business transfer (merger, acquisition, financing, or sale of assets), in which case we will require the recipient to honor this Policy or notify you and give you a meaningful choice. Where the law permits, we will notify you before complying with a third-party legal demand for your data.
9. Children’s privacy (COPPA and equivalents)
Movement Theory complies with the U.S. Children’s Online Privacy Protection Act (COPPA) and the FTC’s COPPA Rule as amended in 2025 (compliance deadline April 22, 2026). We also follow the data-minimization and “best interests of the child” principles reflected in laws such as the California Age-Appropriate Design Code Act (which, as of this Policy’s date, is the subject of ongoing litigation and is in part enjoined) and analogous child-protection laws in other jurisdictions. This section governs every interaction with a dancer under the age of 13.
Account model
A child under 13 cannot create an account directly. The only way for an under-13 dancer to use Movement Theory is on a parent-managed account: the parent is the account holder, and each child dancer is a profile inside the parent’s account.
How parental consent works
When a dancer under 13 begins onboarding on a device, the App:
- Collects the child’s first name, age, sex, height, weight, dance styles, dance level, goals, and any injury history, on the device only — none of it is uploaded to our servers yet;
- Asks for the parent’s email address;
- Sends the parent an email containing a verification link and a plain-language description of what Movement Theory is, what data we collect from the child, how we use it, who we share it with (Apple, Supabase, Anthropic, RevenueCat, Open Food Facts — see Section 8), how long we keep it, and how the parent can review, correct, or delete it;
- Holds the child’s data locally on the device only for up to seven (7) days while waiting for the parent to click the verification link.
If the parent does not click the verification link within 7 days, the request expires, the child’s profile is discarded from the device, and no data is uploaded to our servers.
Once the parent verifies, we record the timestamp of consent (coppa_consented_at) and unlock the child’s profile. From that point on, the child’s data is treated as the parent’s personal information under this Policy, with the additional rights and protections described below.
Verifiable parental consent method. We currently use a parent-email verification flow. The FTC’s COPPA Rule recognizes email-plus-confirmation as an acceptable method only if the operator does not disclose children’s personal information to third parties beyond service providers acting on the operator’s behalf. We send the child’s pose metrics, move label, and calibration context to Anthropic acting as our service provider under contract, including a Data Processing Addendum that limits Anthropic’s use of the data to providing the coaching service back to us. On that basis we treat the disclosure as a service-provider arrangement (not an independent third-party disclosure), which keeps the email-plus-confirmation method available to us. We monitor FTC guidance on this point and will adopt a stronger verification method (such as knowledge-based authentication or government-ID review) if the regulatory posture changes.
What the parent can do
A parent who has consented may at any time:
- Review the personal information we have collected from the child — by signing into the parent account, opening Profile → Manage Dancers → the child’s profile;
- Refuse further collection — by deleting the child profile from Manage Dancers (which deletes all of that child’s analysis sessions, workout completions, performance events, and nutrition logs from our servers);
- Delete all of the child’s data — same path;
- Withdraw consent — same path, and additionally by emailing [email protected]; we will confirm deletion within 30 days.
Third-party disclosures of children’s data
Under the amended COPPA Rule, separate verifiable parental consent is required before disclosing a child’s personal information to third parties for any purpose other than supporting the internal operations of the Service. We do not disclose children’s personal information for advertising, profiling, or any other non-operational purpose, and we do not allow third parties to do so on our behalf. The only entities that receive children’s PI are the service providers listed in Section 8, each contractually limited to providing the Service.
Children’s data retention
As required by the amended COPPA Rule, we maintain a written data-retention policy for children’s personal information. We collect it only to provide the Movement Theory features the child and parent use; we retain it only as long as reasonably necessary for that purpose (and to meet our legal obligations and resolve disputes); we do not retain it indefinitely; and we do not use it for any secondary purpose. The specific retention periods, and the business need for each, are:
- Children’s analysis sessions, workout completions, nutrition entries, and event entries are kept while the child profile is active;
- If the parent deletes the child profile, the associated server-side data is purged within 30 days;
- If the parent does not log into the account for 24 months, we will email the parent twice before deleting the child profile and all associated data;
- Server logs that may incidentally reference a child’s account UUID are retained for no more than 90 days for security and debugging purposes;
- Where applicable tax, accounting, or other law requires us to retain associated billing records for a longer period, we keep only the records that law requires (typically aggregate purchase histories tied to the parent’s account, not the child’s data) for the legally required period.
Biometric and pose data — children
We treat pose metrics derived from a child’s video with extra care. We do not store the child’s raw video on our servers; we do not retain still images derived from it; and we do not generate or store any facial-recognition templates. The pose metrics we do retain (joint angles, symmetry scores) are tied to the child’s profile UUID, accessible only to the parent, and are deleted when the profile is deleted.
COPPA contact
To exercise any of the rights described above, email [email protected] with “COPPA” in the subject line. We will respond within 30 days and earlier where reasonably practical.
10. Health, fitness, and not-medical-advice
Movement Theory is a general wellness and education product. We are not a healthcare provider; we are not a “covered entity” or “business associate” under HIPAA; and we do not provide medical, diagnostic, therapeutic, or mental-health services. Information you enter about injuries, dietary preferences, height, weight, and similar topics is used solely to calibrate coaching feedback and recommendations and is not shared with any healthcare entity.
Nothing in the Services constitutes medical advice. Consult a qualified clinician, registered dietitian, or licensed athletic trainer before acting on any recommendation, especially if you have an injury, an eating disorder history, a pregnancy, a chronic condition, or other health considerations. See the Disclaimer in Section 8 of the Terms of Service.
11. Data retention
We keep personal information for the periods listed below, after which we delete or anonymize it. “Anonymize” means we strip identifiers so the data can no longer be associated with you.
| Data category | Retention period |
|---|---|
| Account record (auth user, email, UUID) | While the account is active, plus up to 90 days after deletion for backup-rotation purposes |
| User profile (name, demographics, injuries, preferences) | While the account is active; deleted within 30 days of account deletion |
| Dancer profiles (under parent account) | While the parent profile is active; deleted within 30 days of profile or account deletion |
| Analysis sessions (pose metrics, coaching output) | Until you delete the session or the account; deleted within 30 days of either |
| Workout completions, performance events, recipes, nutrition logs | While the account is active; deleted within 30 days of account deletion |
| Subscription / billing records (via Apple & RevenueCat) | As required by tax and accounting law — typically 7 years for U.S. taxpayers |
| Email logs (sent transactional emails) | 90 days |
| Server access and security logs | 90 days |
| Inactive account warning emails | We will email any account that has not signed in for 24 months and delete the account 60 days after the second warning if you do not respond |
We also keep records that we are required by law to keep — for example, COPPA verifiable-parental-consent audit trails, which the FTC’s amended rule requires us to retain for as long as we retain the underlying children’s data; and subscription and tax records retained for the period required by U.S. federal tax law (typically seven years for U.S. taxpayers) and any applicable state law (including Florida, where Movement Theory Labs LLC is organized).
12. Your privacy rights
Everyone
Regardless of where you live, you can:
- Access the personal information in your account — open Profile to view it;
- Correct inaccurate information — edit in Profile;
- Delete your account — Profile → Delete Account permanently and automatically removes your account and its associated data from our systems, with no separate email or support step required (see Section 11 for what is deleted and the timing);
- Export a copy of your data — email [email protected] and we will deliver a machine-readable export within 30 days;
- Withdraw consent for AI features — Profile → Privacy controls.
California residents (CCPA / CPRA)
If you are a California resident, you also have the right to:
- Know what categories and specific pieces of personal information we have collected about you, the sources, the purposes, and the categories of third parties to whom we disclose it;
- Delete your personal information (subject to legal exceptions);
- Correct inaccurate personal information;
- Opt out of the sale or sharing of personal information. We do not sell or share personal information for cross-context behavioral advertising, and we have not done so in the preceding 12 months. No opt-out link is therefore strictly required, but to make this easy we treat any “Do Not Sell or Share My Personal Information” or Global Privacy Control (GPC) signal as a confirmed opt-out for any future sale or sharing;
- Limit the use of sensitive personal information — by default we use your sensitive PI only for the purposes listed in Section 5; you can disable the AI features (which use injury notes) at any time;
- Be free from retaliation for exercising your rights;
- Designate an authorized agent to act on your behalf.
To exercise any of these rights, email [email protected] or use the in-App controls described above. We provide two methods so the request is accessible. We will verify your identity (typically by confirming you can sign in to the account on file) and respond within 45 days. We may extend once by another 45 days where reasonably necessary and will tell you if we do.
Florida residents (Florida Digital Bill of Rights)
The FDBR applies in full only to controllers above a high revenue threshold ($1 billion in global gross revenue), which Movement Theory does not meet. As a matter of good practice, we extend Florida residents the same access, correction, deletion, portability, opt-out, and appeal rights described in the CCPA/CPRA section above. To exercise them, email [email protected]. If we deny your request, you may appeal by replying to our response within 60 days; we will respond to the appeal within 60 days.
Other U.S. state residents (Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, etc.)
We extend access, correction, deletion, portability, and opt-out rights to residents of every U.S. state with a comprehensive consumer privacy law. Use the same contact and we will honor your request under your home-state law.
Consumer health data (Washington “My Health My Data” Act, Nevada, Connecticut)
Some state laws — most notably Washington’s My Health My Data Act, Nevada’s SB 370, and Connecticut’s consumer-health-data provisions — define “consumer health data” broadly enough to include information Movement Theory collects, such as your height, weight, injury history, body-movement (pose) metrics, and nutrition logs. If you are a resident of one of these states:
- We collect consumer health data only to provide the features you use (for example, to calibrate coaching feedback or to log nutrition), and we obtain your consent where the law requires it — including the in-app AI consent described in Section 7 before any consumer health data is shared with our AI service provider for inference.
- We do not sell consumer health data, and we do not share it with anyone other than the service providers in Section 8 acting on our behalf and on our instructions.
- We do not use geofences around any health-care facility or to infer health-care activity.
- You may access, delete, withdraw your consent to the collection or sharing of your consumer health data, and appeal a denied request, by emailing [email protected]. Withdrawing AI consent in Profile → Privacy → AI Coaching Features stops further sharing.
This Section serves as our consumer-health-data privacy disclosure for these states; where a state requires it to be reached by a separate, distinctly labeled link, we provide that link from our website.
European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR / FADP)
If you are in the EEA, UK, or Switzerland, you have the rights to:
- Access, rectify, erase, restrict processing, port, and object to processing;
- Withdraw any consent you have given (without affecting prior lawful processing);
- Lodge a complaint with your supervisory authority — for example, the Irish Data Protection Commission (dataprotection.ie), the UK Information Commissioner’s Office (ico.org.uk), or your home-country DPA.
The lawful bases on which we rely are listed in Section 5. We rely on the EU Standard Contractual Clauses (and the UK Addendum where applicable) to transfer EU/UK personal data to the United States and to our service providers. A copy of the SCCs in place with a given service provider is available on request.
Canada (PIPEDA / Québec Law 25)
Canadian users have access, correction, withdrawal-of-consent, and complaint rights. Contact [email protected] or the Office of the Privacy Commissioner of Canada (priv.gc.ca). Québec users may also contact the Commission d’accès à l’information.
13. International data transfers
We are based in the United States, and our servers and the servers of our service providers (Supabase, Anthropic, RevenueCat, Render, Cloudflare) are primarily located in the United States. If you access the Services from outside the United States, your personal information will be transferred to and processed in the United States. We rely on the EU Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable) for transfers from the EU/UK to the U.S., and we take reasonable steps to ensure that the recipient applies a comparable level of protection. Open Food Facts is hosted in the European Union.
14. Security
We use industry-standard administrative, technical, and physical safeguards:
- In transit: TLS 1.2+ for all network traffic between the App, our backend, and our service providers;
- At rest: Encryption-at-rest on Supabase-managed PostgreSQL and storage;
- Authentication: Passwords are hashed by Supabase Auth; we never see your plaintext password. Sign In with Apple uses Apple’s identity provider; we never see your Apple ID password;
- Access: Internal access to production data is limited to authorized personnel and logged;
- Secrets: API keys are stored on our backend, not in the App binary, and are rotated periodically;
- Children: Children’s data benefits from the additional controls described in Section 9.
No system is 100% secure. If we become aware of a data breach affecting your personal information, we will notify the relevant supervisory authorities and affected individuals as and when the law requires. For GDPR-regulated breaches, that means notifying the competent supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware, and notifying affected individuals without undue delay where the breach is likely to result in a high risk to their rights and freedoms. For U.S. residents, we notify within the statutory windows set by the applicable state breach-notification laws.
15. Links to third-party sites and services
The Services may contain links to third-party websites or services that are not operated by us. We are not responsible for the content or privacy practices of those third parties. We encourage you to review their privacy policies before providing them with any personal information.
16. Changes to this Policy
We may update this Policy from time to time. If we make material changes, we will:
- Update the “Effective date” and “Last updated” at the top of this page;
- Post a clear in-App notice the next time you open the App;
- For material reductions in your privacy protections, email account holders at the email address on file and (for children’s data) email the parent on file.
Your continued use of the Services after the new Policy takes effect constitutes acceptance of the updated Policy. If you do not agree, you may delete your account.
17. Contact us
- Privacy and data-rights requests: [email protected]
- General support: [email protected]
- Mailing address: Movement Theory Labs LLC, 5510 NW 38th Terrace, Coconut Creek, FL 33073
- EU / UK representative: Not applicable while the Services are offered only in the United States.
- California “Do Not Sell or Share” / “Limit Use of Sensitive PI”: [email protected] — but note that we do not sell or share personal information.
We aim to respond to privacy emails within 10 business days and to formal data-rights requests within the statutory window (typically 30 or 45 days depending on jurisdiction).
This Privacy Policy is governed by the laws of the State of Florida, United States, without regard to its conflict-of-laws principles. If any provision is held unenforceable, the rest of the Policy remains in effect.