← Back to Support
Corporate Wellness

Privacy Policy

How we collect, use, and protect your personal and health information.

Effective Date June 6, 2026 Last Updated June 6, 2026

Operated by Prime Vitality Consultancy FZ-LLC, Ras Al Khaimah, United Arab Emirates.

This policy explains, in plain terms, what CorpFit collects, why, who can see it, and the choices you have.

At a glance: what we collect, why, and who can see it
What we collect Why Who can see it
Account & profile (name, work email, optional date of birth and gender, height) Create and secure your account You and CorpFit administrators
Department & company Enrol you in your company challenge and set leaderboard scope You, CorpFit; your name and rank appear to colleagues on leaderboards
Goals, activity level, calorie target Personalise your nutrition targets You and CorpFit
Weekly check-ins (weight, waist, hip) and trends Track your progress over time You and CorpFit
Health screening (PAR-Q) Confirm you are ready for exercise You and CorpFit
Nutrition data (meals, daily logs, food searches) Run the nutrition tracker You and CorpFit
Step count (Apple Health / Google Health Connect) Award activity points in your challenge You and CorpFit
Challenge Wall posts, photos, reactions Share achievements with your team All participants in your company challenge
Camera Scan food barcodes and capture photos you choose to post Used only when you start it; photos only if you post them
Push notification token Send reminders and updates CorpFit only

1. Introduction

Welcome to CorpFit ("we," "us," or "our"). We are committed to protecting your privacy and the security of your personal and health information.

CorpFit is a corporate wellness platform operated by Prime Vitality Consultancy FZ-LLC, a company registered in the Ras Al Khaimah Economic Zone, United Arab Emirates ("UAE"), with its registered address at Compass Building, Al Hulaila Industrial Zone – Free Zone, Ras Al Khaimah, United Arab Emirates.

This Privacy Policy explains how we collect, use, process, store, and share your data when you use our mobile application ("App") and related services (collectively, the "Services").

We handle personal and health data with regard to the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and, where applicable, Federal Law No. 2 of 2019 concerning the use of Information and Communication Technology in Health Fields (ICT Health Law).

2. Definitions

To keep this policy clear, we use the following terms:

  • "Personal Data": Any information relating to an identified or identifiable person (for example, name or email).
  • "Health Data": Personal data relating to a person's physical health (for example, step counts, body measurements, and workout activity).
  • "Sponsor": The corporate entity (your employer) that has provided you with access to CorpFit.
  • "Processing": Any operation performed on personal data, such as collection, recording, storage, use, or erasure.

3. Our Role: Controller and Processor

CorpFit operates in two capacities depending on how we receive your data:

  • As a Data Processor: When we handle basic eligibility information connected to your Sponsor (such as confirming that your work email belongs to a participating company), we act on your Sponsor's behalf.
  • As a Data Controller: When you create your account, complete your profile, log activity, and sync your step count, CorpFit acts as the Data Controller and is responsible for protecting your rights regarding that data.

4. Data We Collect

We collect data to provide a personalised wellness experience. The categories are:

4.1 Information You Provide

  • Account & Profile: Name, work email, and height. Date of birth and gender are optional and used to calculate your calorie target.
  • Department & Company: The company and department you belong to, collected at setup. These determine which challenge you join and the scope of your leaderboards.
  • Goals & Preferences: Your fitness goal, activity level, and meal preferences, used to calculate your personalised calorie target.
  • Weekly Check-ins: Body measurements you enter — weight, waist, and hip — together with the resulting history and trends (such as BMI and ratios) used to track your progress.
  • Health Screening (PAR-Q): A set of seven yes/no physical-readiness questions completed once before you begin workouts. We store your responses for safety and compliance purposes.
  • Nutrition Data: Meals you log, your daily nutrition logs, and the food searches you run in the App.
  • User Content: Posts, photos, and reactions you share on the Challenge Wall, and any food details you submit to the food catalogue.

4.2 Information Collected Automatically

  • Device Information: IP address, device model, operating system version, and unique device identifiers.
  • Usage Logs: Details of how you use the Services, including the features you access.
  • Push Notification Token: A device token used to deliver reminders and updates (see Section 11).

4.3 Health and Activity Data

With your prior consent, the App reads your step count only from Apple Health (iOS) or Google Health Connect (Android). We use your step count to track daily activity and award points in your company challenge.

We do not read heart rate, sleep, distance, calories, or any other health metric, and we do not connect to third-party wearable accounts.

5. How We Use Your Data

5.1 Service Provision

To personalise your nutrition targets, deliver workouts, track your check-in progress and step activity, run challenges and leaderboards, and manage your account.

5.2 Your Sponsor and Corporate Reporting

Your access to CorpFit is provided by your Sponsor (your employer). Today, employers do not have direct access to the platform; platform administration is performed by the operator, Prime Vitality Consultancy FZ-LLC.

Companies receive aggregated participation and wellness reporting to show the value of the wellness programme (for example, "75% of employees are active this week").

Our privacy commitment to you

Aggregated reporting does not identify you individually. We do not provide your Sponsor with your individual health metrics, specific check-in measurements, or food logs.

5.3 Visibility to Other Participants

Some features are social by design. Within your company challenge:

  • Challenge Wall: Posts, photos, and reactions you create are visible to all participants in your company challenge.
  • Leaderboards: Your name and rank are visible to colleagues within your company and department.

5.4 Improvements and Analytics

To understand usage trends and improve the App's functionality and user experience.

5.5 No Marketing with Health Data

We never use your step count or other health data for advertising, marketing, or data mining, and we do not sell your Health Data to third parties.

6. Data Storage and Safeguards

6.1 Where Your Data Is Stored

Your data is stored on secure, industry-standard cloud infrastructure with appropriate technical and organisational safeguards, including encryption and access controls.

6.2 Processing by Service Providers

We use trusted service providers to operate the Services. Where data is processed on our behalf, we require that it remains protected by appropriate safeguards — including encryption in transit and at rest, and access limited to what is necessary to provide the Services.

7. Data Retention

We retain your data only as long as necessary to provide the Services:

  • Account Data: Retained while your account is active.
  • Deletion: You can delete your account at any time in the app via Profile → Privacy & Security → Delete Account, which permanently removes your account and associated data. You may also request deletion by emailing support@superhuman.run. We may retain limited information where required to meet a legal obligation.

8. Data Security

We implement technical and organisational measures appropriate to the risks to your data, including:

  • Encryption: Data is encrypted in transit and at rest.
  • Access Control: Access to personal data is restricted to authorised personnel with a legitimate need, subject to confidentiality obligations.
  • Reviews: We review our security practices on an ongoing basis.

9. Your Rights

Under the UAE PDPL, you have the following rights:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Ask us to correct inaccurate or incomplete data.
  • Right to Erasure: You can delete your account in the app at any time via Profile → Privacy & Security → Delete Account, which permanently removes your account and associated data. You may also request deletion by emailing support@superhuman.run; we respond within 30 days. We may retain limited information where required by law.
  • Right to Restrict Processing: Ask us to limit how we use your data.
  • Right to Data Portability: Request your data in a structured, commonly used, machine-readable format.
  • Right to Withdraw Consent: Withdraw consent for step-count syncing at any time by disconnecting the health integration in the App or revoking the permission in your device settings.

To exercise these rights, contact our Data Protection Officer at support@superhuman.run. We respond to valid requests within 30 days.

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we learn that we have collected data from a child without appropriate consent, we will take steps to delete it.

11. Platform & Permission Disclosures

11.1 Non-Medical Disclaimer

CorpFit is not a medical service

CorpFit is a wellness and lifestyle platform. We are not a healthcare provider or a medical device. The data and insights we provide are for informational purposes only and are not intended to diagnose, treat, cure, or prevent any disease. Always consult a physician for medical advice.

11.2 Health & Activity Permissions

To count your daily steps, the App reads your step count from Apple Health (iOS) or Google Health Connect (Android) with your permission. On Android, the "Activity Recognition" permission is required in order to read your step count. The App does not detect or classify the type of activity you perform.

11.3 Camera

The App uses your device camera to scan food barcodes and to capture photos you choose to post on the Challenge Wall. Images are captured only when you start the action, and photos are shared only if you choose to post them.

11.4 Food Catalogue and User Submissions

The App's food catalogue includes product data sourced from the Open Food Facts and USDA databases. If you submit food details or a label photo to the catalogue, that information may become visible to other users once it has been verified.

11.5 Push Notifications

We store a device notification token to send you reminders and updates. You can disable notifications at any time in your device settings.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law or our practices. We will notify you of significant changes by email or an in-app notification. Your continued use of the Services after a change takes effect constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact:

Prime Vitality Consultancy FZ-LLC
Email: support@superhuman.run
Address: Compass Building, Al Hulaila Industrial Zone – Free Zone, Ras Al Khaimah, United Arab Emirates