Skip to main content
Legal

Privacy Policy

Effective Date: Launch Date · Last Updated: March 2026

What does all this mean?

Here is the short version. Read the full details below.

No Ads or Tracking

We never sell your data. No targeted ads. No tracking pixels.

Encrypted and Secure

All data encrypted in transit and at rest. Passwords hashed with bcrypt.

Delete Anytime

Delete your account and all data permanently from Settings.

1.Introduction

Rizanah ("we," "us," or "our") operates the Rizanah web application at app.rizanah.com and the marketing website at rizanah.com (collectively, the "Service"). This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and your rights regarding your data.

Rizanah LLC is based in Columbus, Ohio, United States.

By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.

2.Information We Collect

2.1 Information You Provide Directly

We collect the following personal information when you create an account and use the Service:

Data CategorySpecific Data
Account InfoName, email, password
Body MetricsHeight, weight, age, DOB, gender
Fitness DataGoals, level, training preferences, health conditions, 1RM
Workout LogsExercises, sets, reps, RPE, duration, completion
Nutrition LogsFoods, calories, macros, meal slots, saved meals
CommunityPosts, comments, bookmarks, challenges, reports
Payment InfoProcessed by Stripe. We never store card numbers.
SupportContact form submissions (subject, message)

2.2 Information Collected Automatically

When you use the Service, we automatically collect:

  • Device and browser information (browser type, OS, screen resolution) for ensuring the app works across devices.
  • IP address for security, fraud prevention, and approximate geographic location.
  • Usage data (pages visited, features used, session duration) for improving the product.
  • Cookies and similar technologies for maintaining your login session, theme preference, and unit preference.

2.3 Information from Third-Party Services

If you sign up or log in using Google, Apple, or Yahoo, we receive your name and email address from those services. We do not receive your password from those providers.

We do not purchase personal information from data brokers or other third parties.

3.How We Use Your Information

We use your personal information for the following purposes:

  • To provide the Service: generate personalized workout plans, calculate nutrition targets, operate the community, track your progress.
  • To process payments: manage your subscription through Stripe.
  • To communicate with you: send transactional emails (payment confirmations, trial reminders, renewal notices, password resets), respond to support requests.
  • To improve the Service: analyze usage patterns to fix bugs, improve features, and inform product decisions.
  • To ensure safety: enforce our Terms of Service and Community Guidelines, detect fraud, protect your account.

We do NOT use your data for:

  • Selling to third parties.
  • Targeted or behavioral advertising.
  • Building advertising profiles.
  • Training AI models using your personal data.

4.How We Share Your Information

We do not sell, rent, or share your personal information for advertising purposes. We share data only in these limited circumstances:

RecipientWhat We Share
StripeEmail, plan, payment events
USDA FoodData CentralFood search queries
VercelServer logs (IP, user agent)
SupabaseAll Service data (encrypted)
Other usersDisplay name, avatar, posts, comments
Law enforcementAs required by law

5.Cookies and Tracking

Rizanah uses only essential cookies required for the Service to function. We do not use advertising cookies, tracking pixels, or analytics cookies that share data with third parties.

CookiePurpose
SessionKeeps you signed in
ThemeDark/light mode preference
UnitsImperial/metric preference

Because we do not use advertising or analytics cookies that track you across websites, we do not display a cookie consent banner. If we add analytics in the future, we will update this policy and implement appropriate consent mechanisms.

6.Data Retention

We retain your personal information for as long as your account is active. If you cancel your subscription:

  • Your data is preserved for 12 months after your last login, in case you resubscribe.
  • After 12 months of inactivity with no active subscription, your data may be permanently deleted.
  • Community posts remain visible after cancellation. Delete them individually before cancelling, or contact support.

If you delete your account (Settings > Danger Zone):

  • All personal data permanently deleted within 30 days.
  • Community posts removed immediately.
  • Workout and nutrition logs permanently erased.
  • This action is irreversible.

7.Data Security

We implement the following security measures to protect your data:

Encryption in transit

TLS 1.2+ (HTTPS) for all connections

Encryption at rest

AES-256 encryption via Supabase

Password hashing

bcrypt via Supabase Auth, never plain-text

Row Level Security

Users can only access their own data

Payment security

Stripe handles all card data (PCI-DSS Level 1)

Admin access

Multi-factor authentication required

No system is 100% secure. If we discover a data breach that affects your personal information, we will notify you by email within 72 hours and provide details about what was affected and what steps we are taking.

8.Your Privacy Rights

8.1 All Users

Regardless of where you live, you have the right to:

  • Access your data: View all personal information we hold about you.
  • Correct your data: Update inaccurate information via your Profile or Settings.
  • Delete your data: Delete your account and all associated data (Settings > Danger Zone > Delete Account).
  • Export your data: Request a copy by emailing [email protected].
  • Cancel your subscription: At any time via Settings > Subscription > Cancel.

8.2 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights:

  • Right to Know: Request the specific data we collected, its sources, purpose, and who we share it with.
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: Rizanah does NOT sell or share your data for advertising. There is nothing to opt out of.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights.

Do Not Sell or Share My Personal Information

Rizanah does not sell, share, or use personal information for cross-context behavioral advertising. We have never sold personal information and have no plans to do so. There is no need to submit an opt-out request because we do not engage in these practices.

To exercise your rights, email [email protected] with the subject "Privacy Request." We will verify your identity and respond within 45 days.

8.3 European Residents (GDPR)

If you are in the EEA or UK, you have additional rights under GDPR:

  • Legal basis: We process your data based on consent, contractual necessity, and legitimate interests.
  • Right to Portability: Request your data in a structured, machine-readable format.
  • Right to Restrict Processing: Limit how we use your data while a complaint is being resolved.
  • Right to Lodge a Complaint: File a complaint with your local Data Protection Authority.

Rizanah stores data on servers in the United States via Supabase and Vercel. International data transfers from the EU/UK to the US are protected by Standard Contractual Clauses (SCCs) incorporated into our Data Processing Agreements with Supabase, Vercel, and Stripe. You may request copies of these agreements by emailing [email protected].

Lawful Basis for Processing

DataLegal Basis
Account, fitness, nutritionContract (Art. 6(1)(b)): needed to deliver the service you signed up for.
Body metrics (height, weight, age)Contract (Art. 6(1)(b)): standard profile data needed to calculate your plans. Not special category health data.
Health data (injuries, conditions)Explicit Consent (Art. 9(2)(a)): you provide this voluntarily during onboarding. You can withdraw consent anytime via Settings.
Community postsLegitimate Interest (Art. 6(1)(f)): operating the community feature.
Device/usage dataLegitimate Interest (Art. 6(1)(f)): security and product improvement.
PaymentContract (Art. 6(1)(b)): processing your subscription.

Withdrawing Consent

You can withdraw consent for health data processing at any time through Settings. Withdrawing consent does not affect the lawfulness of processing before withdrawal. You can also delete your entire account through Settings > Danger Zone.

9.Age Requirement

Rizanah is not intended for anyone under the age of 18. We do not knowingly collect personal information from anyone under 18. If you believe someone under 18 has created an account, contact us at [email protected] and we will delete the information immediately.

10.Health Data Disclaimer

Rizanah is a consumer wellness application, not a healthcare provider. The fitness and nutrition data you enter (workout logs, food logs, body metrics) is NOT protected health information (PHI) under HIPAA. Rizanah is not a HIPAA-covered entity.

We treat your health and fitness data with the same care as all personal information described in this policy. We do not sell it, share it for advertising, or disclose it to third parties except as described in Section 4.

11.Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email at least 30 days before the changes take effect, and post the updated policy at rizanah.com/privacy. The "Last Updated" date at the top will reflect the most recent revision.

Your continued use of the Service after the effective date constitutes acceptance of the changes.

12.Contact Us

If you have questions about this Privacy Policy or want to exercise your privacy rights:

Email

[email protected]

In-App Support

Settings > Support > Contact Us

We respond to privacy requests within 30 days (45 days for CCPA requests).

Rizanah LLC, 1747 Olentangy River Rd #1067, Columbus, OH 43212

Rizanah LLC

1747 Olentangy River Rd #1067, Columbus, OH 43212

www.rizanah.com · [email protected]