Start My Journey
Legal

Privacy Policy

Last updated: 1 January 2025

FormaLab Inc. ("FormaLab") is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and the choices you have when you use our platform, website, and mobile applications.

1. Information We Collect

We collect information you provide directly to us, including when you create an account, subscribe, or contact support. This may include your name, email address, password, billing information (processed securely by payment partners), fitness goals, health notes, and communications with our team.

We also collect usage data automatically: device identifiers, IP address, browser type, pages visited, session duration, and interaction data. This helps us improve the platform and personalise your experience.

2. How We Use Your Information

We use collected information to provide and improve the FormaLab platform, process payments, personalise your experience, send transactional and (where opted in) marketing communications, respond to support requests, and detect and prevent fraud.

3. Sharing of Information

We do not sell your personal information. We share data only with trusted service providers (Stripe, AWS, Intercom) under strict data protection agreements, when required by law, or in the event of a business transfer with equivalent privacy protections.

4. Data Retention

We retain your data as long as your account is active or as needed to provide the Service. Deleted accounts are anonymised within 30 days, except where legal retention is required.

5. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of your data. EU, UK, and California residents have additional rights under GDPR, UK GDPR, and CCPA respectively. Contact us at [email protected] to exercise any right — we respond within 30 days.

6. Cookies and Tracking

We use cookies to maintain sessions, remember preferences, and gather analytics. You can control cookie settings through your browser, though disabling some may limit features.

7. Children's Privacy

FormaLab is not directed at children under 16. We do not knowingly collect their data. If we become aware of a collection from a child under 16, we delete it promptly.

8. Security

We implement 256-bit TLS encryption in transit and AES-256 encryption at rest. Payment processing is handled by PCI-DSS compliant providers. No internet transmission is 100% secure.

9. Changes to This Policy

We may update this policy periodically. Material changes will be communicated by email or in-app notification. Continued use after changes constitutes acceptance.

10. Contact

Questions? Email [email protected] or write to: FormaLab Inc., 123 Wellness Lane, London, EC1A 1AA, United Kingdom.