Privacy Policy

Ryze Fit ("we", "our", "us") respects your privacy. This Privacy Policy explains how we collect, use, and protect your personal information when you use our platform at staging.ryze-fit.com and related services.

1. Information We Collect

When you register and use Ryze Fit, we collect:

• Account information: name, email address, phone number, password (hashed).
• Profile information: date of birth, gender, height, weight, fitness goals, medical notes, progress photos, body measurements.
• Trainer verification documents: national ID, professional certifications.
• Payment information: bank transfer receipts, subscription transactions processed through Moyasar. We do not store card numbers.
• Communications: chat messages between trainers and clients, uploaded files.
• Usage data: login timestamps, device information, IP address (for security).

2. How We Use Your Information

We use your information to:

• Provide and operate the coaching service.
• Share relevant information with your chosen trainer so they can design an appropriate program for you.
• Process payments and subscription renewals.
• Verify trainer credentials to protect clients.
• Send service-related notifications (workout assignments, payment confirmations, renewal reminders).
• Improve platform quality and detect fraud.

We do not sell your data to third parties. We do not use your data for targeted advertising.

3. Who Sees Your Data

• Your trainer sees your profile, physical info, progress entries, chat messages, and payment status.
• Ryze Fit administrators see all data as necessary to operate the service, respond to support requests, and investigate abuse.
• Service providers: Amazon Web Services (hosting and file storage), Moyasar (payment processing), Resend (email delivery). These providers process data only on our behalf under strict agreements.
• Legal authorities if compelled by valid legal process under Saudi law.

4. Data Retention

We retain your account data for as long as your account is active. When a coaching relationship ends (trainer archives a client, or subscription expires), the data is preserved so you can review historical progress or restart coaching later. Payment records are retained for the period required by Saudi tax and financial law.

5. Your Rights

Under the Saudi Personal Data Protection Law (PDPL), you can:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your account and associated data (subject to legal retention requirements for payment records).
• Withdraw consent to processing where applicable.
• File a complaint with the Saudi Data & AI Authority (SDAIA).

To exercise any of these rights, contact us at support@ryze-fit.com.

6. Security

We use industry-standard encryption (HTTPS/TLS) for data in transit and encryption at rest for files stored in AWS S3. Passwords are hashed using bcrypt and never stored in plain text. Access to production systems is restricted and logged.

7. Children's Data

Ryze Fit is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us and we will delete the account immediately.

8. Progress Photos & Sensitive Health Data

Progress photos and body measurements are particularly sensitive. They are visible only to you and your assigned trainer. They are stored in a private S3 folder with access restricted by signed URLs that expire. If you archive your account or end coaching, these photos are retained in case you restart with the same or another trainer. You can request permanent deletion at any time by emailing support.

9. Changes to This Policy

We may update this policy. Material changes will be communicated via email and a notice on the platform before they take effect.

10. Contact

Questions about this policy? support@ryze-fit.com or WhatsApp +966 59 386 9966.