Home/Privacy Policy

Privacy Policy

Your privacy is important to us. Learn how we collect, use, and protect your personal and health information.

Last Updated: October 2025

Effective Date: October 21, 2025

Last Updated: October 21, 2025

Information We Collect#

We collect information that you provide directly to us when you create an account, use our fasting tracking features, and interact with our service. This includes:

Personal Information:

  • Name and email address
  • Authentication credentials (if using email/password registration)
  • Profile information (optional)

Health and Fasting Data:

  • Fasting start and end times
  • Fasting duration and goals
  • Weight tracking (optional)
  • Notes and journal entries related to fasting

Usage Information:

  • App interactions and feature usage
  • Device information (browser type, operating system)
  • Log data (access times, pages viewed)

Third-Party Authentication: If you sign in using Google OAuth, we receive your name, email address, and profile picture from Google. Please review Google's Privacy Policy at https://policies.google.com/privacy for information about their data practices.

How We Use Your Information#

We use the information we collect to:

  • Provide our service: Track your fasting periods, display your progress, and enable fasting goals
  • Communicate with you: Send account notifications, respond to your inquiries, and provide customer support
  • Improve our service: Analyze usage patterns to enhance features and user experience
  • Ensure security: Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations: Respond to legal requests and prevent harm

We do not use your personal data or health information for advertising, marketing to third parties, or any purpose other than providing and improving the Fasting Tracker service.

Data Storage and Security#

We take the security of your personal and health information seriously and implement industry-standard security measures:

  • Encryption: Your data is encrypted at rest in our MongoDB database and in transit using TLS/SSL
  • Access controls: Only authorized personnel have access to user data, and access is logged
  • Authentication: Secure session management using Auth.js with secure cookies
  • Regular security audits: We review our security practices and update them as needed

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously work to improve our security measures.

Data Retention: We retain your account data and fasting logs until you delete your account, plus a 30-day grace period for potential account recovery. After this period, your data is permanently deleted.

Data Sharing and Disclosure#

We do not sell your personal data. We only share your information in the following limited circumstances:

  • Service providers: We may share data with trusted third-party service providers who help us operate our service (e.g., cloud hosting, email delivery). These providers are contractually obligated to protect your data and only use it for the purposes we specify.
  • Google OAuth: If you use Google sign-in, Google processes your authentication. Google does not receive your fasting data or app usage information.
  • Legal requirements: We may disclose information if required by law, court order, or government request, or to protect our rights and safety.
  • Business transfers: If Fasting Tracker is acquired or merged with another company, your information may be transferred as part of that transaction.

We never share your health information (fasting data, weight, notes) with insurance companies, employers, or any third parties for marketing purposes.

Your Privacy Rights#

You have the following rights regarding your personal data:

  • Right to access: You can request a copy of all personal data we hold about you
  • Right to correction: You can update or correct your account information at any time
  • Right to deletion: You can request that we delete your account and all associated data
  • Right to data portability: You can request an export of your data in a machine-readable format (JSON)
  • Right to object: You can object to certain processing of your data
  • Right to restrict processing: You can request that we limit how we use your data

Exercising Your Rights: To exercise any of these rights, please email us at privacy@fastingtracker.app. We will respond to your request within 30 days as required by GDPR and CCPA.

EU Residents: If you are located in the European Union, you have the right to lodge a complaint with your local data protection authority.

California Residents: Under CCPA, you have additional rights including the right to know what personal information is being collected and the right to opt-out of the sale of personal information (note: we do not sell personal information).

Cookies and Tracking#

We use cookies and similar technologies to maintain your session and ensure the security of our service. We use the following types of cookies:

Essential Cookies (Required):

  • authjs.session-token: Maintains your login session
  • authjs.csrf-token: Protects against cross-site request forgery attacks
  • authjs.callback-url: Manages authentication redirects

We do not use:

  • Third-party advertising cookies
  • Analytics cookies from external services (Google Analytics, etc.)
  • Social media tracking pixels
  • Cross-site tracking technologies

Managing Cookies: You can control cookies through your browser settings. However, disabling essential cookies will prevent you from logging in and using Fasting Tracker. Please refer to your browser's help documentation for instructions on managing cookies.

Health Information#

Important: Your fasting data (start/end times, duration, weight, notes) is considered health information and receives special protection.

How We Handle Health Information:

  • Not shared: We never share your fasting data with insurance companies, employers, health providers, or third parties
  • Not for medical advice: Our service is a tracking tool only. We do not provide medical advice, diagnosis, or treatment recommendations
  • User control: You can export or delete your fasting data at any time
  • Retention: Your fasting data is retained until you delete your account, plus a 30-day recovery period

Medical Disclaimer: Fasting Tracker is not a medical device or service. You should consult with a qualified healthcare provider before beginning any fasting regimen. Do not rely on this app for medical advice or to make health decisions.

Permitted Uses: Your health information is only used to:

  • Display your fasting history and progress
  • Calculate statistics (average fasting time, streaks, etc.)
  • Provide the core functionality of the fasting tracking service

Children's Privacy#

Fasting Tracker is intended for users who are at least 16 years of age. We do not knowingly collect personal information from children under 16.

If you are under 16 years old, please do not use this service or provide any personal information. Fasting may not be appropriate for minors, and we strongly recommend that anyone under 18 consult with a healthcare provider and parent/guardian before considering any fasting practice.

If We Learn We Have Collected Data from a Child: If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information as quickly as possible.

Parents and Guardians: If you believe your child has provided us with personal information, please contact us at privacy@fastingtracker.app and we will delete the information.

International Users#

Fasting Tracker is operated from the United States. Your information is stored on servers located in the United States (MongoDB Atlas).

Data Transfers: If you are accessing our service from outside the United States, please be aware that your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your country.

GDPR Compliance (EU/EEA Users):

  • We use Standard Contractual Clauses for data transfers from the EU to the US
  • You have the rights outlined in the "Your Privacy Rights" section above
  • Our lawful basis for processing your data is your consent (by creating an account)
  • You may withdraw consent and request deletion at any time

CCPA Compliance (California Residents):

  • We do not sell your personal information
  • You have the right to request disclosure of data collected and shared
  • You have the right to request deletion of your personal information
  • We will not discriminate against you for exercising your CCPA rights

Other Jurisdictions: We strive to comply with privacy laws in all jurisdictions where we operate. If you have questions about how local laws apply to your data, please contact us at privacy@fastingtracker.app.

Contact Information#

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Inquiries:
Email: privacy@fastingtracker.app
Response Time: We will respond to privacy requests within 30 days

General Support:
Email: support@fastingtracker.app

Data Protection Officer:
For GDPR-related inquiries, you may contact our Data Protection Officer at privacy@fastingtracker.app

Changes to This Privacy Policy:
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a prominent notice in the application. Your continued use of Fasting Tracker after changes are posted constitutes your acceptance of the updated policy.

Last Updated: October 21, 2025

Questions About Our Privacy Policy?

We're here to help clarify any concerns you may have.

Contact Privacy Team