Bazu!

Privacy Policy

Last updated: November 28, 2025

Effective date: November 28, 2025

Bazu Labs LLC ("Bazu!", "we", "us", or "our") is a strength-training and fitness-tracking application. We are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your information.

This Privacy Policy describes how we collect, use, store, and share your information when you use:

  • Bazu! Workout App (iOS 18+)
  • getbazu.com and related subdomains
  • Any other services or features provided by Bazu Labs LLC

If you disagree with any part of this Policy, please discontinue using Bazu!.

1. Information We Collect

We collect the following categories of information to provide and improve the service.

1.1 Account & Identity Information

  • Name
  • Email address
  • Authentication provider (Apple, Google, Email)
  • Email verification status
  • Profile photo (optional)

Collected via Firebase Authentication and Firebase Storage (for profile images).

1.2 Workout & Fitness Data (Sensitive Data)

Information you enter or generate during use:

  • Exercises performed
  • Sets, reps, weight, duration
  • Workout history
  • Routines and goals
  • Personal records
  • Training frequency and patterns

When HealthKit integration launches, we may request permission to read health-related data (for example, calories, heart rate, workouts) and write workouts from Bazu! into Apple Health. We never access or share HealthKit data without explicit user permission.

1.3 Usage & Device Information

Collected automatically via Firebase Analytics and Crashlytics:

  • Device type, model, OS version
  • App version
  • Time spent in app, screens visited
  • Crash logs and diagnostics
  • App performance metrics
  • Unique device identifiers (non-advertising)

1.4 Approximate Location (Future)

If enabled in a future update, we may collect approximate (non-precise) location to improve insights, global analytics, and regional product features. We do not collect precise GPS or background location.

1.5 Cookies & Web Tracking (Website Only)

  • Session cookies
  • Analytics cookies
  • Page visit information

You can control cookie settings via your browser.

2. How We Use Your Information

We use the information we collect to:

2.1 Provide the Core App Experience

  • Sync workouts across devices
  • Maintain account security
  • Show progress insights
  • Generate recommendations
  • Enable rest timers, routines, and goals

2.2 Improve & Personalize the Product

  • Understand workout behavior to optimize design
  • Suggest progressive overload recommendations
  • Provide upcoming features (rest timer logic, PR detection, and similar)

2.3 Analytics & Performance (Firebase Analytics & Crashlytics)

  • Fix bugs
  • Optimize performance
  • Improve retention and onboarding

2.4 Notifications (Firebase Cloud Messaging)

  • Workout reminders
  • Goal reminders
  • App updates and feature announcements

You can disable notifications at any time.

2.5 Compliance & Security

  • Detect fraudulent or abusive activity
  • Enforce legal requirements
  • Maintain application integrity

3. Legal Basis for Processing (GDPR-Aware)

For users in the EEA, UK, or similar regions, we process data under these legal bases:

  • Performance of Contract: To provide the app you requested
  • Consent: HealthKit, analytics opt-in, notifications
  • Legitimate Interests: Improving the app, security, diagnostics
  • Legal Obligation: Responding to lawful requests

4. How We Share Your Information

We do not sell your personal data. We share information only with trusted third-party processors needed to operate Bazu!.

4.1 Service Providers (Processors)

We use the following third-party services:

Firebase (Google LLC)

  • Authentication
  • Firestore database
  • Storage (profile images)
  • Analytics
  • Crashlytics
  • Cloud Messaging

Firebase may store data in the United States or other regions. Data is encrypted in transit and at rest.

Apple HealthKit (Future)

  • Health data is stored locally on your device unless you explicitly allow sync.
  • We do not use HealthKit data for advertising or third-party analytics.

Website Tools

Examples include Cloudflare (security/CDN) and privacy-friendly website analytics if added later.

We will update the Policy if new third-party processors are introduced.

5. Data Retention

We retain data only as long as necessary to provide the service, comply with legal obligations, resolve disputes, and maintain security.

Retention Rules

  • Workout data: Until the user deletes their account
  • Account and profile data: Until deletion request
  • Crash logs and analytics: 90–180 days (Firebase default)
  • Backups: Securely deleted on a weekly rolling basis

When you delete your account, all identifiable data is deleted from Firestore, Auth, and Storage within 14 days, except for crash logs that may remain in anonymized form and aggregated or anonymized analytics (non-identifiable).

6. Your Rights & Choices

Depending on your region, you may have the right to:

  • Access the data we hold about you
  • Request correction
  • Request deletion
  • Data portability (export)
  • Withdraw consent
  • Opt-out of analytics (future toggle)
  • Opt-out of notifications
  • Restrict processing (where applicable)

To make a request, email support@getbazu.com.

We will respond within 30 days for general requests and within 45 days for US-state privacy laws (for example, CCPA/CPRA).

7. Security

We use technical and organizational safeguards such as:

  • Encryption in transit (TLS)
  • Encryption at rest (Firebase default)
  • Access control and least-privilege principles
  • Secure authentication and session management
  • Firestore user-scoped rules with isolation
  • Regular security reviews

However, no system is 100% secure. You use the service at your own risk.

8. International Data Transfers

Because we use Firebase (Google), your information may be transferred to and processed in the United States, EU regions (if Firebase EU data residency is used), or other regions where Google cloud infrastructure operates.

Transfers follow Standard Contractual Clauses (SCCs) and the EU-US Data Privacy Framework where applicable.

9. Children's Privacy

Bazu! is not intended for users under 16 years old. We do not knowingly collect personal information from anyone under 16.

If you believe data was collected from a child under 16, contact us immediately.

10. Third-Party Links

The app or website may contain links to external sites. We are not responsible for their content or privacy practices.

11. Changes to This Privacy Policy

We may update this Policy periodically. If changes are material, we will notify users via in-app notice, email (if appropriate), or an update banner on the website. The “Last updated” date will always reflect the latest version.

12. Contact Us

Bazu Labs LLC
Email: support@getbazu.com

Back to HomeTerms of Service