PRIVACY POLICY
Start Fasting Mobile Application
Version 1.0
Last Updated: 29.12.2025.
This Privacy Policy explains how personal data is collected, used, stored, and protected when you access or use the Start Fasting mobile application (the “Application”).
This Privacy Policy applies worldwide and is intended to comply with the UK General Data Protection Regulation (“UK GDPR”), the EU General Data Protection Regulation (“GDPR”), and other applicable data protection laws.
1. Data Controller
The data controller responsible for the processing of personal data under this Privacy Policy is:
HOBI SOLUTIONS LTD
5 Brayford Square
London, E1 0SG
United Kingdom
Email: legal@start-fasting.com
2. Scope of This Privacy Policy
2.1 This Privacy Policy applies to all Users of the Application.
2.2 By creating an account, accessing, or using the Application, you acknowledge that you have read and understood this Privacy Policy.
2.3 This Privacy Policy forms an integral part of the Terms & Conditions governing use of the Application.
3. Categories of Personal Data Collected
3.1 Personal Data Provided During Registration
The Company collects the following personal data when you create an account:
Email address
Password (stored in hashed and encrypted form)
First name
Date of birth or age
Gender
This data is required to create and manage your user account and to ensure age eligibility (18+).
3.2 Health and Lifestyle Data (Special Category Data)
The Application processes health and lifestyle-related data, which constitutes special category personal data under Article 9 GDPR.
This data includes:
Body weight
Height
Sleep duration
Physical activity levels
Dietary information (including food intake and dietary preferences)
Desired weight or body goals
Fasting logs
Calorie logs
Health and lifestyle data is processed solely to provide Application functionality and personalized output to the User.
3.3 Data Not Collected
The Company does not collect:
Advertising identifiers
Third-party behavioral tracking data
Cross-application tracking data
Marketing profiling data
The Company does not engage in advertising-based data collection.
4. Purpose of Processing
Personal data is processed strictly for the following purposes:
Creating and managing user accounts
Providing Application functionality and features
Generating user-facing analytics and insights
Producing algorithmic and AI-based output for the User
Improving Application performance and reliability
Providing customer support
Complying with legal and regulatory obligations
Personal data is not processed for advertising or marketing purposes.
5. Analytics and Administrative Access
5.1 The Application generates analytics primarily for the User, enabling the User to view progress, trends, and insights related to their own data.
5.2 The Company, as administrator, has access only to aggregated, non-personal statistical data, including:
Total number of registered users
Number of active users
Number of premium users
5.3 The Company does not monitor, analyze, or review individual User health data for internal behavioral analysis.
6. Legal Basis for Processing
The Company processes personal data on the following legal bases:
Consent – for processing health and lifestyle data
Performance of a contract – to provide Application services
Legal obligation – to comply with applicable laws
Legitimate interests – limited to maintaining Application security, functionality, and integrity
Where consent is required, it may be withdrawn at any time.
7. Data Sharing and Third Parties
The Company does not sell or rent personal data.
Personal data may be shared only with the following categories of recipients where strictly necessary:
Apple (App Store distribution and compliance)
Google (Play Store distribution and compliance)
Stripe (payment settlement and financial processing)
RevenueCat (in-app purchase management)
Supabase (cloud database and backend infrastructure)
Brevo SMTP (transactional email delivery, such as account-related communications)
All third parties are contractually required to process data in accordance with applicable data protection laws.
8. International Data Transfers
8.1 As the Application is available worldwide, personal data may be processed or stored outside the United Kingdom or European Economic Area.
8.2 Where international transfers occur, the Company ensures appropriate safeguards, including standard contractual clauses or equivalent legal mechanisms, in accordance with GDPR and UK GDPR requirements.
9. Data Retention
9.1 The Company retains personal data only for as long as necessary to fulfil the purposes for which it was collected.
9.2 Personal data and health-related data are retained while the User maintains an active account and, where applicable, active Premium Access.
9.3 Following the expiration of Premium Access, personal data and health-related data will be retained for a maximum period of thirty (30) days.
9.4 If Premium Access is not renewed within this period, all personal data and health-related data will be permanently deleted and cannot be recovered.
9.5 Data may be retained for a longer period only where required by applicable law or where necessary for the establishment, exercise, or defence of legal claims.
10. User Rights Under GDPR and UK GDPR
10.1 Subject to applicable law, Users have the following rights in relation to their personal data:
(a) the right to access personal data held about them;
(b) the right to request correction of inaccurate or incomplete data;
(c) the right to request deletion of personal data;
(d) the right to request restriction of processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to withdraw consent at any time, where processing is based on consent.
10.2 Requests to exercise these rights may be submitted through the Application or via the Company’s website or contact email.
10.3 The Company will respond to such requests within the timeframes required by applicable data protection laws.
11. Account Deletion
11.1 Users may request deletion of their account at any time through the Application or by contacting the Company.
11.2 Upon account deletion, personal data and health-related data will be processed in accordance with the retention periods set out in Section 9.
11.3 Certain data may be retained where required by law or for legitimate legal purposes.
12. Data Security
12.1 The Company implements appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.
12.2 Security measures include, where appropriate, encryption, access controls, and secure infrastructure practices.
12.3 Despite these measures, no method of data transmission or storage can be guaranteed to be completely secure.
13. Children’s Privacy
13.1 The Application is intended solely for individuals eighteen (18) years of age or older.
13.2 The Company does not knowingly collect personal data from children.
13.3 If the Company becomes aware that personal data of a child has been collected, such data will be deleted without delay.
14. Changes to This Privacy Policy
14.1 The Company may update this Privacy Policy from time to time.
14.2 When changes are made, the “Last Updated” date at the top of this document will be revised.
14.3 Continued use of the Application following any update constitutes acceptance of the revised Privacy Policy.
15. Contact Information
15.1 For questions, requests, or complaints regarding this Privacy Policy or the processing of personal data, Users may contact:
HOBI SOLUTIONS LTD
5 Brayford Square
London, E1 0SG
United Kingdom
Email: legal@start-fasting.com
