Privacy Policy

1. Introduction

Bostonfitness (“we”, “our”, or “us”) operates BMeals, a fully personalised, AI-powered meal planning service (collectively, the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and ensuring the security of your personal data. This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

• Account Information: Name, email address, date of birth, and password
• Profile Information: Gender, weight, height, activity level, fitness goals, dietary preferences, allergies, and medical conditions
• Health Information: Menstrual cycle data (if applicable), medical conditions, and dietary restrictions
• Payment Information: Billing address, payment method details (processed securely by Stripe)
• Usage Information: Meal preferences, interaction history, and app usage patterns

2.2 Technical Information

We automatically collect:

• Device Information: IP address, browser type, operating system, and device identifiers
• Usage Data: Pages visited, time spent, features used, and error logs
• Cookies and Similar Technologies: See our Cookie Policy for details

3. How We Use Your Information

We use your information for the following purposes:

• AI-Powered Service Provision: To provide personalised meal plans, nutrition suggestions, and fitness recommendations using artificial intelligence
• Account Management: To create and manage your account, process payments, and handle subscriptions
• Personalisation: To tailor AI-generated content, meal recommendations, and features to your body composition goals, preferences, and lifestyle
• Communication: To send important updates, respond to inquiries, and provide customer support
• Health and Safety: To ensure AI-generated meal recommendations are appropriate for your dietary restrictions and general health profile
• AI Model Training and Improvement: To improve our AI algorithms, develop new features, and enhance service quality
• Analytics: To understand user behaviour and improve our AI-powered recommendations
• Legal Compliance: To comply with legal obligations and protect our rights

4. AI Processing and Automated Decision-Making

BMeals uses artificial intelligence and automated processing to generate personalised meal plans and nutrition recommendations. This includes:

• Automated Meal Plan Generation: AI algorithms analyse your profile data to create personalised meal recommendations
• Nutrition Calculations: Automated systems calculate macro and micronutrient requirements based on your goals and profile
• Preference Learning: AI systems learn from your interactions to improve future recommendations
• Content Personalisation: Automated systems tailor content and features based on your usage patterns

Important: All AI-generated recommendations are for informational purposes only and should not be considered medical advice. You have the right to request human review of any automated decisions that significantly affect you.

5. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Contract: To provide the services you have requested
• Consent: For marketing communications and certain health data processing
• Legitimate Interest: To improve our services and prevent fraud
• Legal Obligation: To comply with applicable laws and regulations
• Vital Interests: To protect your health and safety in emergency situations

6. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information in the following circumstances:

• Service Providers: With trusted third-party providers who assist in operating our service (e.g., payment processors, cloud hosting)
• Legal Requirements: When required by law, court order, or government request
• Safety and Security: To protect our rights, property, or safety, or that of our users
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly consent to sharing

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Staff training on data protection
• Incident response procedures

8. Data Retention

We retain your personal data only for as long as necessary:

• Account Data: For the duration of your account plus 7 years for legal compliance
• Health Information: For the duration of your account plus 3 years
• Payment Information: As required by financial regulations (typically 7 years)
• Usage Data: For 2 years for analytics and service improvement
• Marketing Data: Until you withdraw consent or unsubscribe

9. Your Rights

Under UK GDPR, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Restriction: Limit how we process your data
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for processing based on consent

To exercise these rights, contact us at privacy@bmeals.ai

10. International Data Transfers

Your data may be transferred to and processed in countries outside the UK. We ensure appropriate safeguards are in place, including:

• Adequacy decisions by the UK government
• Standard contractual clauses
• Binding corporate rules
• Other approved transfer mechanisms

11. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last updated” date. We encourage you to review this Privacy Policy periodically.

13. Contact Information

If you have any questions about this Privacy Policy, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your personal data appropriately.