Protecting children’s privacy is important to us. We do not direct the Services to, nor do we knowingly collect any personal information from, children under the age of thirteen. If FitFresh learns that a child under the age of thirteen has provided personally identifiable information to the Services, it will use reasonable efforts to remove such information from its files.
FitFresh may use Personally Identifiable Information for the following general purposes:
We may use non-Personally Identifiable Information such as demographic data to analyze and develop our marketing strategy and further improve the Site and our services.
You may correct, amend, or update your Personally Identifiable Information by editing your profile on the Site or contacting us.
If you are a California resident, you may request information about our disclosure of personal information to third parties or affiliated companies for their direct marketing purposes. To make such a request, please contact us at Hello@getfitfresh.com. You must put the statement “Your California Privacy Rights” in the subject field. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.
We are committed to protecting Personally Identifiable Information from loss, misuse, disclosure, alteration, unauthorized access, and destruction. FitFresh takes reasonable precautions to safeguard the confidentiality of Personally Identifiable Information. We protect the security of your Personally Identifiable Information during transmission to us by using Secure Sockets Layer (SSL) software, which encrypts the information you input.
We process payments through Stripe so payment data never reaches FitFresh servers. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn’t share any credentials with Stripe’s primary services (API, website, etc.).
The Site may contain links to other sites. FitFresh is not responsible for the privacy practices of such other sites. We encourage our users to be aware when leaving the Site to read the privacy statements of each site that collects Personally Identifiable Information.
1721 Broadway Ave Suite 201
Oakland, CA 94612
Or contact us here.