Privacy Policy — Fitness AI Connector
← Back to Fitness AI Connector
Privacy Policy#
Last updated: March 1, 2026
This Privacy Policy explains how FMP (“we”, “us”, or “our”) handles personal information in connection with Fitness AI Connector (“the Service”).
1. AI Transparency Statement#
Your Garmin data is provided to AI assistants (Anthropic Claude / OpenAI ChatGPT). AI assistants analyze and summarize your data to generate responses.
Our Service only relays and provides data. Interpretation and recommendations are generated by the respective AI assistant platforms (Anthropic / OpenAI). The handling of your data by AI assistants is governed by their respective privacy policies.
AI Model Training: The Service provides data via MCP protocol (API). Under the terms of use of both the Anthropic API and OpenAI API, data submitted via API is not used for model training. Please refer to each platform’s terms of use for details.
2. Data We Collect#
2.1 Garmin Health Data#
We collect the following data through the Garmin Health API:
- Heart rate (resting and active)
- Sleep data (duration, score, sleep stages)
- HRV (heart rate variability)
- Stress levels
- Activity data (running, walking, and other exercise records)
- VO2max
- Body Battery
- Other health-related data provided by the Garmin Health API
2.2 Account Information#
- Email address (obtained through Auth0 authentication)
2.3 Payment Information#
- Payment processing is handled by Stripe. We do not store credit card numbers or other payment details.
3. How We Use Your Data and Legal Basis#
We use your data solely for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Providing data to AI assistants (core function) | Your consent (granted when authorizing Garmin connection) |
| Account management and authentication | Performance of service contract |
| Subscription management and billing | Performance of service contract |
| Service improvement and troubleshooting | Legitimate interest |
4. Data Storage#
4.1 Storage Location and International Data Transfers#
Your data is encrypted and stored on Supabase (AWS US East region, United States).
For users residing in the EU/EEA, your data is transferred to the United States. These transfers are conducted based on Standard Contractual Clauses (SCCs) established by the respective service providers.
4.2 Retention Period#
Data retention periods vary by plan:
- Free plan: 2 days
- Basic plan: 90 days
Data beyond the retention period is automatically deleted.
5. Third-Party Data Sharing#
The Service shares data with the following third-party services:
| Service | Purpose | Data Shared |
|---|---|---|
| Garmin (US) | Data source | Connection info via Garmin Health API |
| Auth0 (US) | Authentication | Email address, auth tokens |
| Stripe (US) | Payment processing | Payment-related information |
| Anthropic (US) | AI assistant | Garmin health data via MCP protocol |
| OpenAI (US) | AI assistant | Garmin health data via MCP protocol |
We do not sell, share, or provide your data to any third parties other than those listed above.
6. Data Deletion#
You may request complete data deletion at any time through either of the following methods:
- Via AI assistant: Tell your AI assistant “I want to delete my account”
- Via email: Send a deletion request to contact@fmp.it.com
Data that will be deleted:
- All Garmin health data in our database
- Garmin connection (API access revocation)
- Stripe customer information and subscription
- Auth0 authentication account
Deletion requests will be processed within 30 days of receipt.
7. Your Rights (GDPR)#
You have the following rights regarding your data:
- Right of access: Request to view your data
- Right to erasure: Request complete deletion of your data
- Right to data portability: Receive your data in a structured format
- Right to restrict processing: Request restriction of data processing under certain circumstances
To exercise your rights, contact us at contact@fmp.it.com.
8. Cookies#
The Service uses session cookies for authentication purposes only. We do not use advertising tracking or third-party tracking cookies.
9. Minors#
The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from anyone under 16.
10. Security#
We implement the following security measures to protect your data:
- Data encryption (in transit and at rest)
- Access controls and authentication
- Regular security reviews
However, no method of data transmission over the Internet or electronic storage is completely secure.
11. Data Breach Response#
In the event of a personal data breach, we will:
- Promptly notify affected users via email
- Report to the relevant supervisory authority within 72 hours if EU/EEA residents are affected
- Transparently disclose the scope, impact, and remedial measures taken
12. Changes to This Policy#
We reserve the right to modify this Privacy Policy. We will notify you of significant changes through the Service. The latest policy will always be available on this page.
13. Governing Law#
This policy is governed by the laws of Japan.
14. Contact#
For questions regarding this Privacy Policy, please contact us:
- Service: Fitness AI Connector
- Operated by: FMP
- Email: contact@fmp.it.com