phaze

Privacy Policy

Last updated: February 9, 2026

1. Introduction

Phaze ("we," "our," or "us") operates the Phaze mobile application and website (collectively, the "Service"). We are committed to protecting your privacy and handling your personal data with care and transparency. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, date of birth, and password when you create an account.
  • Health & Body Data: Weight measurements, body measurements, body composition data, progress photos, health goals, and medication information you choose to enter.
  • Nutrition Data: Food logs, meal photos, dietary preferences, and nutritional goals.
  • Activity Data: Exercise logs, workout history, and activity preferences.
  • Payment Information: Billing details processed securely through our third-party payment processor.

2.2 Automatically Collected Information

  • Device type, operating system, and app version
  • Usage patterns and feature interactions
  • Crash logs and performance diagnostics
  • IP address and approximate location (city-level)

2.3 Third-Party Integrations

If you connect Phaze to Apple Health, Google Fit, or other health platforms, we may receive health and fitness data you authorize us to access. You can revoke this access at any time.

3. How We Use Your Information

  • Core Service Delivery: To provide personalized tracking, nutrition guidance, progress analytics, and adaptive recommendations.
  • Personalization: To adapt your experience based on your goals, preferences, and current phase of transformation.
  • Communication: To send you relevant updates, motivational messages, and account-related notifications.
  • Improvement: To analyze aggregated, de-identified data to improve our algorithms, features, and user experience.
  • Safety & Security: To detect fraud, protect against unauthorized access, and ensure service integrity.

4. Health Data Protection

We treat your health and body data with the highest level of care:

  • All health data is encrypted both in transit (TLS 1.3) and at rest (AES-256).
  • Progress photos are stored in encrypted form and are never shared with third parties.
  • We never sell your health data to advertisers, data brokers, or any third party.
  • Health data is processed only as needed to deliver our core service features.
  • You can request complete deletion of all health data at any time.

5. Data Sharing

We do not sell your personal information. We may share data only in the following limited circumstances:

  • Service Providers: Trusted third-party services that help us operate (cloud hosting, payment processing, analytics). These providers are contractually bound to protect your data.
  • Legal Requirements: When required by law, regulation, or valid legal process.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate notice to you.
  • With Your Consent: When you explicitly authorize us to share specific data (e.g., sharing progress with a healthcare provider).

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. After account deletion:

  • Personal data is deleted within 30 days of your request.
  • Progress photos are permanently deleted within 7 days.
  • Aggregated, de-identified analytics data may be retained for service improvement.
  • Data required for legal compliance may be retained as required by law.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data.
  • Portability: Receive your data in a structured, machine-readable format.
  • Restriction: Request that we limit processing of your data.
  • Objection: Object to data processing based on legitimate interests.

To exercise any of these rights, contact us at privacy@phaze.app. We will respond within 30 days.

8. Cookies & Tracking

Our website uses essential cookies required for functionality. We use privacy-respecting analytics to understand aggregate usage patterns. We do not use third-party advertising trackers or sell data to ad networks.

9. Children's Privacy

Phaze is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover that we have collected data from a child, we will delete it promptly.

10. Security Measures

We employ industry-standard security measures including:

  • End-to-end encryption for sensitive health data
  • Regular security audits and penetration testing
  • SOC 2 Type II compliant infrastructure
  • Role-based access controls for employee data access
  • Automated threat detection and monitoring

11. International Data Transfers

If you are accessing Phaze from outside the United States, your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place, including Standard Contractual Clauses where applicable.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification at least 30 days before they take effect. Continued use of the Service after changes constitutes acceptance.

13. Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

Phaze Privacy Team

Email: privacy@phaze.app

You may also submit a privacy request through the Settings section of the Phaze app.

Back to Home