Legal

Privacy Policy

Service: nibFIT · Aivrio Solutions Pte. Ltd. Effective: 18 March 2026 Updated: 18 March 2026
Section 1

About This Policy

This Privacy Policy ("Policy") explains how Aivrio Solutions Pte. Ltd. ("Aivrio", "we", "us", or "our"), a company incorporated in Singapore (UEN: 202610813K), collects, uses, discloses, and protects personal data in connection with the nibFIT mobile application and associated services (collectively, the "Services").

This Policy is our notification to you under the Personal Data Protection Act 2012 of Singapore ("PDPA"). By using the Services, you acknowledge that you have read and understood this Policy.

Please also read our Terms of Service, which govern your use of the Services.

Section 2

Information We Collect

2.1 Information You Provide
  • Account Information: your name, email address, date of birth, gender, and username. Authentication credentials are managed by our third-party authentication provider and are not stored directly by Aivrio.
  • Profile and Body Metrics: height, weight, activity level, fitness goals, target weight, goal timeline, and workout preferences collected during onboarding and updated over time.
  • Meal and Exercise Logs: food entries (via text search, voice input, camera photo, barcode scan, or manual entry), exercise records, and body weight logs you record through the Services.
  • Profile Photo: stored locally on your device only. Aivrio does not upload or store your profile photo on its servers.
  • Support Correspondence: information you provide when contacting us for support.
  • Coach Mode Content: if you participate in Coach Mode, your meal and exercise journal is shared with your linked coach, and coach comments are stored on our servers. You may revoke coach access at any time.
2.2 Information Generated Through Your Use
  • Activity Data: exercise records, calorie data, macro data, workout plans, and AI-generated coaching content associated with your account.
  • Health Data (Optional): if you grant permission, we access step count and active calorie data from Apple HealthKit. This data is used solely to display fitness information within the App. We do not sell HealthKit data or use it for advertising.
  • AI Processing Data: when you use AI features (meal photo analysis, workout plan generation, coaching tips), your submitted content — including meal photographs and text queries — is processed by third-party AI providers. See Section 4 for details.
  • Usage and Analytics Data: feature interactions, navigation events, and app performance data. We do not log personally identifiable information in analytics event properties.
  • Device and Technical Data: device model, operating system version, crash reports, and error logs used for debugging and security purposes.
2.3 Information From Third Parties
  • Apple Sign-In and Third-Party Accounts: if you sign in using Apple ID or another supported account, we receive only the information that provider shares with us (which may be limited to an email address or private relay address).
  • Food Barcode Lookups: when you scan a food barcode, the barcode number is sent to a third-party food database. No personal information is transmitted in this query.
Section 3

How We Use Your Information

We use your personal data for the following purposes, each covered by your consent or a legitimate interest under the PDPA:

  • Creating and managing your account and authenticating your identity.
  • Calculating personalised calorie targets, macro goals, and fitness plans based on your profile and activity data.
  • Generating AI-powered meal analysis, workout plans, and coaching tips.
  • Displaying health and fitness data from Apple HealthKit within the App.
  • Managing your subscription and processing payments through Apple's App Store.
  • Facilitating Coach Mode, including sharing your journal with your linked coach and delivering coach comments.
  • Sending transactional communications and, with your consent, product updates and promotional messages.
  • Analysing app usage to identify issues, measure feature adoption, and improve the Services.
  • Monitoring for errors and security incidents.
  • Complying with legal obligations and enforcing our Terms of Service.
We do not use your personal data to serve targeted advertisements within the App. We do not sell your personal data.
Section 4

AI Features and Third-Party AI Providers

nibFIT uses artificial intelligence to provide meal analysis, workout plans, and personalised coaching. This involves transmitting certain data to third-party AI providers:

  • Google Gemini: used as the primary AI provider for meal photo analysis, macro estimation, workout plan generation, and coaching tips. Meal photographs, text queries, and relevant profile data (such as your fitness goal) are submitted to Google's API.
  • OpenAI (fallback): used as a backup AI provider when the primary provider is unavailable. The same categories of data may be submitted.

Data submitted to these providers is subject to their respective privacy policies and data processing terms. We do not submit your full health record or sensitive identifiers to AI providers beyond what is necessary to fulfil your specific request.

We do not use your identifiable personal data to train third-party AI models. AI-generated outputs are probabilistic and may contain errors. They are for informational purposes only and do not constitute medical or professional advice.
Section 5

How We Share Your Information

5.1 Service Providers

We share personal data with third-party service providers who assist us in operating the Services. These providers process personal data only as instructed by us and are contractually required to maintain appropriate security and confidentiality. Their functions include: authentication, database hosting, subscription management, AI processing, product analytics, error monitoring, transactional email, and application hosting.

A current list of our key service providers is available upon request at contact@nibfit.app.

5.2 Coach Mode

If you enable Coach Mode, your meal and exercise journal data is made accessible to your linked coach (another nibFIT user). Your coach may add written comments to your journal. We do not verify the professional credentials of coaches. Any coaching received through the App does not constitute professional medical or dietetic advice. You may revoke coach access at any time via Profile → Coach Mode.

5.3 Apple App Store and Payments

All subscription payments are processed exclusively through Apple's App Store. Aivrio does not directly collect or store your payment card information. Apple processes payment data subject to its own privacy policy.

5.4 Corporate Affiliates and Business Transfers

We may share personal data with our corporate affiliates. If Aivrio is involved in a merger, acquisition, or similar transaction, personal data may be transferred to the incoming entity, which will be required to honour this Policy or provide you with prior notice.

5.5 Legal Requirements and Safety

We may disclose personal data when required by law, court order, or government authority, or when we reasonably believe disclosure is necessary to prevent death, serious injury, fraud, or abuse, or to protect our legal rights.

Section 6

Cookies and Tracking Technologies

The nibFIT website uses cookies and analytics tools (including Google Analytics) for security, performance measurement, and to understand how visitors interact with our content. You can learn more about how Google uses this data at policies.google.com.

The nibFIT mobile App does not use browser cookies. The App uses analytics and error monitoring SDKs (operating on an anonymised or pseudonymised basis) solely to improve app quality and performance. These SDKs are not used for cross-app advertising tracking.

If we introduce advertising-related tracking in the future, we will update this Policy and implement any required consent mechanisms.

Section 7

Your Privacy Rights and Choices

Under the PDPA and applicable law, you have the following rights with respect to your personal data:

  • Access: request a copy of the personal data we hold about you. We will respond within 30 days.
  • Correction: update inaccurate personal data. Most information can be corrected directly within the App's settings.
  • Deletion: request deletion of your account and personal data via Profile → Account → Delete Account. We will delete your personal data within 45 days, subject to legal retention obligations.
  • Data Portability: request a portable export of your personal data where technically feasible.
  • Withdrawal of Consent: withdraw consent for HealthKit access or push notifications at any time via your device Settings. Withdrawal does not affect prior processing.
  • Opt-Out of Marketing: unsubscribe from marketing emails via the unsubscribe link in any such email or by contacting us at contact@nibfit.app.

To exercise any of these rights, contact us at contact@nibfit.app. If you are not satisfied with our response, you may lodge a complaint with the Personal Data Protection Commission of Singapore (PDPC) at www.pdpc.gov.sg.

Section 8

Children's Privacy

The Services are not intended for children under 13 years of age. Our onboarding flow includes an age verification step that prevents users under 13 from registering. We do not knowingly collect personal data from children under 13. If we discover that we have done so, we will promptly delete it.

Users aged 13 to 17 may use the Services only with parental or legal guardian consent. By permitting a minor to use the Services, parents and guardians agree to these Terms and this Policy on the minor's behalf. We do not use the personal data of minors for advertising purposes.

If you believe a child under 13 has provided us with personal data, please contact us at contact@nibfit.app.

Section 9

How We Protect Your Information

We implement technical, administrative, and physical safeguards to protect your personal data, including encryption of data in transit and at rest, access controls limiting personnel access on a need-to-know basis, and security monitoring. Despite these measures, no method of data transmission or storage is completely secure.

In the event of a data breach notifiable under the PDPA, we will notify affected individuals and the Personal Data Protection Commission of Singapore within three business days of becoming aware of the breach.

Section 10

Retention of Information

We retain personal data for as long as necessary to provide the Services and fulfil the purposes in this Policy, subject to legal obligations:

  • Account and activity data is retained until you delete your account, then deleted within 45 days.
  • Encrypted backup copies may persist for up to 90 days after deletion for technical reasons.
  • Error logs and analytics data are retained for up to 12 months.
  • De-identified and aggregated data may be retained indefinitely for research and service improvement.
Section 11

International Data Transfers

Your personal data may be transferred to and processed in countries other than Singapore, including the United States, where our service providers operate. We ensure that such transfers are subject to contractual safeguards requiring the recipient to maintain a standard of protection comparable to the PDPA.

Section 12

Updates to This Policy

We may update this Policy from time to time. Material changes will be communicated via in-app notification or email to the address associated with your account, with at least 14 days' notice before they take effect. The updated Policy will be posted on our website with a revised effective date. Continued use of the Services after the effective date constitutes your acceptance of the updated Policy.

Section 13

Contact Us and Data Protection Officer

For privacy enquiries, to exercise your rights, or to contact our Data Protection Officer, please write to:

Aivrio Solutions Pte. Ltd.
60 Paya Lebar Road, #06-28, Paya Lebar Square
Singapore 409051
Email: contact@nibfit.app

We aim to respond to all privacy enquiries within 30 days.