Bazu!

Privacy Policy

Last updated: May 1, 2026

Effective date: May 1, 2026

Bazu Fitness LLC ("Bazu!", "we", "us", or "our") is a strength-training and fitness-tracking application. We are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your information.

This Privacy Policy describes how we collect, use, store, and share your information when you use:

  • Bazu! Workout App (iOS 18+)
  • getbazu.com and related subdomains
  • Any other services or features provided by Bazu Fitness LLC

If you disagree with any part of this Policy, please discontinue using Bazu!.

Bazu! is a fitness and workout tracking app. Bazu! is not a medical device, medical app, healthcare provider, or digital therapeutic. Bazu! does not provide medical advice, diagnosis, treatment, injury rehabilitation, recovery guidance, or disease-management services.

If you have health concerns, medical conditions, injuries, or questions about starting or changing an exercise program, consult a qualified healthcare professional.

Geographic Availability

Bazu! may be available to users in the United States and other countries or regions. If you access or use Bazu! from outside the United States, your information may be transferred to, stored in, or processed in the United States or other countries where Bazu Fitness LLC or our service providers operate.

Privacy rights and legal requirements may vary depending on where you live. Where required by applicable law, we provide additional rights and disclosures for users in certain regions, including the European Economic Area, the United Kingdom, Switzerland, California, Nevada, and other jurisdictions with privacy laws.

1. Information We Collect

We collect the following categories of information to provide and improve the service.

Where required by applicable law, Bazu! obtains your consent before processing sensitive personal information, such as health and fitness data, Apple Health data, demographic/body attributes, or other sensitive data. You may withdraw consent where applicable by changing app settings, Apple Health permissions, device settings, or contacting support@getbazu.com.

1.1 Account & Identity Information

Required Information:

  • Email address (for email/password authentication)
  • Authentication provider identifier (Apple ID, Google account, or email)
  • Email verification status
  • Unique user identifier (generated by Firebase)

Optional Information:

If you choose to provide them, Bazu! may collect optional profile details such as your bio and profile photo. These fields are separate from your core account information and are used to personalize your profile and app experience.

  • Display name (provided by your sign-in provider at sign-up, or set by you — optional)
  • Profile photo (if uploaded)

Demographics and Body Attributes

If you choose to provide them, Bazu! may collect optional demographic or body-related attributes such as age, gender, height, and weight. These fields are separate from your core account information and are used only to support app features, personalization, unit preferences, training context, or user-requested fitness tracking features. Bazu! does not use these fields for advertising or cross-app tracking.

Collected via Firebase Authentication and Firebase Storage (for optional profile images).

If you sign up for Bazu! updates, newsletters, waitlists, or marketing communications, or if you opt in to receive product updates, Bazu! may process your email address, signup source, signup date, email list status, and communication preferences.

1.2 Workout & Fitness Data (Sensitive Data)

Information you enter or generate during use:

  • Exercises performed
  • Sets, reps, weight, duration
  • Workout history
  • Routines and goals
  • Personal records
  • Training frequency and patterns

Apple Health and Apple Watch features are optional. Bazu! only accesses Apple Health data after you grant permission through iOS.

When you connect Apple Health, you choose exactly which Apple Health data types you want to share with Bazu! and which data types Bazu! may write back to Apple Health. Depending on the permissions you approve and the features you use, this may include workout-session information, completed Bazu! workouts, workout timing, active energy, heart rate, or other Apple Health workout metrics you specifically authorize.

Apple Watch workout features may sync workout-session information between your Apple Watch and iPhone app, such as active workout state, exercise context, set completion, workout timing, and related workout logging data.

You can change Apple Health permissions at any time in Apple Health or iOS Settings. Bazu! uses Apple Health data only to provide features you request. Bazu! does not use Apple Health or HealthKit data for advertising, marketing, third-party analytics, data mining, or sale.

Bazu! does not send Apple Health values, HealthKit values, workout notes, custom exercise names, detailed exercise performance values, bio, or demographic/body attribute fields to Firebase Analytics.

1.3 Usage & Device Information

Collected automatically via Firebase Analytics and Crashlytics:

  • Device type, model, OS version
  • App version
  • Time spent in app, screens visited
  • Crash logs and diagnostics
  • App performance metrics
  • Unique device identifiers (non-advertising)

Analytics

Bazu! uses Firebase Analytics to understand app performance, feature usage, reliability, and product quality. Analytics are used for aggregated or pseudonymous product analysis and are not used to identify individual users where not necessary.

Bazu! does not use IDFA, does not use Firebase Analytics for cross-app tracking, and does not sell personal information or share personal information for cross-context behavioral advertising.

Bazu! does not send Apple Health values, HealthKit values, workout notes, custom exercise names, detailed exercise performance values, bio, profile photo, or demographic/body attribute fields to Firebase Analytics.

High-level analytics events may include app opened, workout started, workout completed, routine created, goal created, Apple Health permission granted or denied, Apple Watch sync completed or failed, subscription screen viewed, or purchase completed.

1.4 Purchase & Subscription Information

If you purchase a subscription, payment is processed by Apple through the App Store. Bazu! does not collect or store your full payment card number, banking information, Apple ID password, or other Apple account credentials.

We may receive limited subscription-related information from Apple, such as product identifier, purchase status, expiration date, renewal status, transaction identifiers, refund status, cancellation status, storefront country or region, and limited diagnostic information needed to troubleshoot subscription access. We use this information to provide premium access, prevent fraud, troubleshoot subscription issues, and comply with legal, tax, and accounting obligations.

1.5 Cookies & Web Tracking (Website Only)

  • Session cookies
  • Analytics cookies (subject to your consent choice)
  • Page visit information

You can manage analytics consent using the cookie preference banner on this website, or via your browser privacy settings.

Google Analytics 4 (GA4): Bazu! uses GA4 on the website to understand how visitors engage with our pages. GA4 is loaded only after you consent to analytics cookies. IP anonymization is enabled. GA4 is provided by Google LLC and subject to Google's Privacy Policy.

Google reCAPTCHA Enterprise: Bazu! uses reCAPTCHA Enterprise on website forms (waitlist, newsletter) to prevent spam and abuse. reCAPTCHA processes browser and network signals and sends them to Google for bot-detection scoring. This processing occurs when you interact with those forms and is subject to Google's Privacy Policy and Terms of Service.

2. How We Use Your Information

We use the information we collect to:

2.1 Provide the Core App Experience

  • Sync workouts across devices
  • Maintain account security
  • Show progress insights
  • Generate recommendations
  • Enable rest timers, routines, and goals

2.2 Improve & Personalize the Product

  • Understand workout behavior to optimize design
  • Suggest progressive overload recommendations
  • Provide upcoming features (rest timer logic, PR detection, and similar)

2.3 Analytics & Performance (Firebase Analytics & Crashlytics)

  • Fix bugs
  • Optimize performance
  • Improve retention and onboarding

2.4 Notifications (Firebase Cloud Messaging)

  • Workout reminders
  • Goal reminders
  • App updates and feature announcements

You can disable notifications at any time.

2.5 Compliance & Security

  • Detect fraudulent or abusive activity
  • Enforce legal requirements
  • Maintain application integrity

2.6 Email Updates & Marketing

  • Send service messages, product updates, newsletters, waitlist updates, launch announcements, and marketing communications where you have opted in or where otherwise permitted by applicable law

3. Legal Basis for Processing (GDPR-Aware)

For users in the EEA, UK, or similar regions, we process data under these legal bases:

  • Performance of Contract: To provide the app you requested
  • Consent: Apple Health/HealthKit permissions, app notifications, newsletters, waitlists, marketing communications, and website analytics controls where available.
  • Legitimate Interests: Improving the app, security, diagnostics, aggregated or pseudonymous app analytics, product improvement, and limited service or product update communications where permitted by applicable law.
  • Legal Obligation: Responding to lawful requests

4. How We Share Your Information

We do not sell your personal data. We share information only with trusted third-party processors needed to operate Bazu!.

4.1 Service Providers (Processors)

We use the following third-party services:

Firebase (Google LLC)

  • Authentication
  • Firestore database
  • Storage (profile images)
  • Analytics
  • Crashlytics
  • Cloud Messaging

Firebase may store data in the United States or other regions. Data is encrypted in transit and at rest.

Third-Party Privacy Policies:

We rely on service providers with appropriate data protection commitments, including Google's data processing terms. We comply with applicable US privacy laws, including state privacy laws such as the California Consumer Privacy Act (CCPA). For users outside the US who access our services, we apply privacy-protective practices aligned with international standards.

Apple App Store

  • Payment processing for subscriptions and in-app purchases
  • Subscription status, renewal, expiration, cancellation, refund, and transaction information
  • Storefront country or region and limited diagnostic data for subscription troubleshooting

Apple processes payments directly. Bazu! does not collect or store your full payment card number, banking information, Apple ID password, or other Apple account credentials.

Brevo

Bazu! uses Brevo to manage email lists and send Bazu! updates, product announcements, newsletters, and marketing communications where you have signed up, opted in, or where communications are otherwise permitted by applicable law.

Bazu! may share limited contact information with Brevo, such as your email address, signup source, signup date, subscription/list status, and related email preference or delivery information. Brevo processes this information as a service provider for email list management and email delivery.

You can opt out of marketing emails by using the unsubscribe link in an email or by contacting support@getbazu.com.

Apple Health and Apple Watch

  • Apple Health and Apple Watch features are optional. Bazu! only accesses Apple Health data after you grant permission through iOS.
  • When you connect Apple Health, you choose exactly which Apple Health data types you want to share with Bazu! and which data types Bazu! may write back to Apple Health. Depending on the permissions you approve and the features you use, this may include workout-session information, completed Bazu! workouts, workout timing, active energy, heart rate, or other Apple Health workout metrics you specifically authorize.
  • Apple Watch workout features may sync workout-session information between your Apple Watch and iPhone app, such as active workout state, exercise context, set completion, workout timing, and related workout logging data.
  • You can change Apple Health permissions at any time in Apple Health or iOS Settings. Bazu! uses Apple Health data only to provide features you request.
  • Bazu! does not use Apple Health or HealthKit data for advertising, marketing, third-party analytics, data mining, or sale.
  • Bazu! does not send Apple Health values, HealthKit values, workout notes, custom exercise names, detailed exercise performance values, bio, or demographic/body attribute fields to Firebase Analytics.

Google Analytics 4 & reCAPTCHA Enterprise (Website Only)

  • GA4: website analytics loaded only after analytics consent; IP anonymization enabled
  • reCAPTCHA Enterprise: bot protection on website forms; processes browser signals

Both services are provided by Google LLC and subject to Google's Privacy Policy.

We will update the Policy if new third-party processors are introduced.

5. Data Retention

We retain data only as long as necessary to provide the service, comply with legal obligations, resolve disputes, and maintain security.

For inactive accounts, identifiable workout data and account information may be retained for a period of 2 years from the last activity date, after which it may be anonymized or deleted, unless legally required otherwise.

Retention Rules

  • Workout data: Until the user deletes their account
  • Account and profile data: Until deletion request
  • Crash logs and analytics: 90–180 days (Firebase default)
  • Subscription records: As long as necessary to provide premium access, troubleshoot billing issues, and meet legal, tax, and accounting obligations
  • HealthKit permissions: Until you revoke permission in iOS settings or disconnect Apple Health features
  • Backups: Deleted data may remain temporarily in encrypted backups for up to 7 days before those backups are overwritten or expire

When you delete your account, Bazu! deletes associated account information, profile details, demographic/body attributes, workout history, routines, goals, custom exercises, and other user-created workout data from active production systems immediately or as soon as technically practicable.

Deleted data may remain temporarily in encrypted backups for up to 7 days before those backups are overwritten or expire. Backup copies are maintained for disaster recovery, security, and operational integrity and are not used to restore deleted accounts except where needed for legal, security, fraud-prevention, or service integrity reasons.

Some limited information may be retained where required for legal, security, fraud-prevention, tax, accounting, App Store, dispute-resolution, suppression-list, email-deliverability, or compliance reasons. Subscription transaction records may be retained as needed for premium access, restore purchases, fraud prevention, accounting, and App Store compliance.

When you delete your account, Bazu! removes or requests removal of associated marketing contact records from Brevo, including email list membership tied to your account email, unless retention is required for legal, security, fraud-prevention, compliance, suppression-list, or email-deliverability reasons.

If you unsubscribe from marketing emails without deleting your account, Bazu! or Brevo may retain limited suppression or unsubscribe records to ensure we honor your opt-out request.

Aggregated or pseudonymous analytics, crash logs, and security logs may remain until deleted or overwritten according to our retention schedules.

Offline Data Integrity

Bazu is designed for offline-first functionality. When you work out without internet:

  • All data is saved locally on your device
  • Automatic sync occurs when connectivity returns
  • Visual "pending sync" indicator shows unsynced data

While we make best efforts to prevent data loss, we cannot guarantee sync success in all scenarios (for example, device failure, app deletion before sync completes). Maintain periodic internet connectivity to ensure data synchronization.

6. Your Rights & Choices

This Privacy Policy is intended to provide a broad privacy notice for users in the United States and other regions where Bazu! may be available. Some jurisdictions provide additional privacy rights. Where required by applicable law, we will honor applicable access, correction, deletion, portability, objection, consent withdrawal, opt-out, appeal, and complaint rights.

  • By using Bazu!, you also agree to the dispute resolution provisions, including any arbitration and class action waiver clauses, outlined in our Terms of Service.
  • Access the data we hold about you
  • Request correction
  • Request deletion
  • Data portability: Request a copy of your personal data by emailing support@getbazu.com. We will respond within 30 days.
  • Withdraw consent
  • Analytics controls: Bazu! does not currently provide an in-app Firebase Analytics opt-in or opt-out setting. Where available, you may limit analytics through website controls, browser privacy settings, device-level privacy settings, or future in-app controls.
  • Opt out of non-essential marketing emails
  • Opt-out of notifications
  • Restrict processing (where applicable)

To make a request, email support@getbazu.com.

If applicable law gives you the right to appeal a privacy request decision, you may appeal by emailing support@getbazu.com with "Privacy Appeal" in the subject line. We will review and respond within the timeframe required by applicable law.

You may opt out of non-essential marketing emails at any time by using the unsubscribe link in an email or by contacting support@getbazu.com. Opting out of marketing emails does not prevent us from sending required account, security, legal, transactional, or service-related messages.

You can delete your account from inside the Bazu! app or by contacting support@getbazu.com. Account deletion removes associated account information, profile details, demographic/body attributes, workout history, routines, goals, custom exercises, and other user-created workout data from active production systems immediately or as soon as technically practicable.

Deleted data may remain in encrypted backups for up to 7 days before those backups expire or are overwritten. We may retain limited information where required for legal, security, fraud-prevention, tax, accounting, App Store, dispute-resolution, suppression-list, email-deliverability, or compliance reasons.

Apple Health data stored in Apple Health remains controlled by Apple Health and your device settings. You can manage Apple Health permissions or delete Apple Health data through Apple Health or iOS Settings.

If you are located in the EEA, UK, Switzerland, or another region with similar privacy rights, you may also have the right to lodge a complaint with your local data protection authority.

We will respond within 30 days for general requests and within 45 days for US-state privacy laws (for example, CCPA/CPRA).

U.S. State Privacy Rights

Residents of certain U.S. states may have additional privacy rights, depending on applicable law. These may include the right to confirm whether we process personal information, access personal information, correct inaccurate information, delete personal information, obtain a portable copy, opt out of targeted advertising, opt out of the sale of personal information, opt out of certain profiling, appeal a denied request, and avoid discrimination for exercising privacy rights.

Bazu! does not sell personal information and does not share personal information for cross-context behavioral advertising. Bazu! does not use personal information for targeted advertising or profiling that produces legal or similarly significant effects.

To exercise applicable rights, email support@getbazu.com. If we deny your request, you may appeal by replying to our decision email with "Privacy Appeal" in the subject line.

Brazil and South America Privacy Rights

If you are located in Brazil or another South American jurisdiction with privacy rights, you may have rights under applicable data protection laws, such as Brazil's Lei Geral de Proteção de Dados (LGPD). These rights may include confirming whether we process your personal data, accessing your data, correcting incomplete or inaccurate data, requesting deletion or anonymization where applicable, receiving information about sharing, withdrawing consent, objecting to certain processing, and lodging a complaint with a data protection authority.

Bazu Fitness LLC acts as the controller for personal information processed to provide Bazu!. Service providers such as Firebase/Google, Apple, and Brevo may process information as described in this Policy. To exercise applicable rights, contact support@getbazu.com.

California Consumer Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA/CPRA):

CategoryExamplesPurposeShared With
IdentifiersName, email address, Firebase user ID, authentication provider IDAccount creation, authentication, support, securityFirebase/Google, Apple where needed
Contact InformationName, email addressAccount support, service messages, privacy requests, email updates, newsletters, waitlists, marketing communications where opted in or permittedFirebase/Google, Brevo, support or email providers if used
Email Marketing InformationEmail address, signup source, signup date, list status, unsubscribe status, email preferencesProduct updates, newsletters, waitlist updates, marketing communications, opt-out managementBrevo
Internet or electronic activityApp events, screens viewed, device/app information, usage eventsProduct analytics, security, app quality, troubleshootingFirebase/Google
DiagnosticsCrash logs, performance data, error reportsDebugging, reliability, security, performance monitoringFirebase/Google
Health & Fitness InformationWorkouts, exercises, sets, reps, weight lifted, duration, rest times, goals, personal records, Apple Watch workout data, Apple Health data if authorizedWorkout tracking, progress insights, sync, user-requested featuresFirebase/Google as processors; Apple Health only per user permission
InferencesProgress insights, training trends, recommendation logicUser-requested insights, app personalization, product improvementNot sold; used to provide Bazu! features
Commercial informationSubscription product ID, purchase status, renewal or expiration status, transaction identifiers, refund or cancellation statusPremium access, restore purchases, fraud prevention, accounting, App Store complianceApple, Firebase/Google where needed
User ContentCustom exercises, routines, goals, notes, bio, profile photo URL if providedApp features, personalization, workout trackingFirebase/Google

Bazu! does not sell personal information. Bazu! does not share personal information for cross-context behavioral advertising.

California residents may request access, correction, deletion, portability, or information about how their personal information is used by contacting support@getbazu.com.

Some fitness, health, Apple Health, demographic/body attribute, account login, and precise device or diagnostic information may be considered sensitive personal information under certain laws. Bazu! uses sensitive personal information only to provide requested app features, maintain security, process subscriptions, comply with law, and improve product reliability. Bazu! does not use sensitive personal information to infer characteristics for advertising or cross-context behavioral advertising.

Right to Know: Request details about personal information we've collected about you in the past 12 months, including categories of data, sources, business purposes, and third parties with whom we share data.

Right to Delete: Request deletion of your personal information, subject to certain legal exceptions (for example, completing transactions, security purposes, legal compliance).

Right to Correct: Request correction of inaccurate personal information we maintain about you.

Right to Opt-Out of Sale/Sharing: We do NOT sell or share your personal information for cross-context behavioral advertising purposes.

Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

How to Exercise Your Rights: Email support@getbazu.com with "California Privacy Request" in the subject line. Include your name and email address associated with your account. We will respond within 45 days. You may designate an authorized agent by providing written authorization.

Verification: For security, we may request additional information to verify your identity before processing requests.

Nevada Privacy Rights

Nevada residents may request that we not sell certain personal information as defined under Nevada law. Bazu! does not currently sell personal information. To submit a Nevada privacy request, email support@getbazu.com with "Nevada Privacy Request" in the subject line.

7. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information, including:

  • Encryption in transit using TLS
  • Encryption at rest through Firebase and Google Cloud defaults
  • Access control and least-privilege principles
  • Secure authentication and session management
  • User-scoped Firebase security rules designed to restrict workout, profile, and account data to the authenticated account owner and authorized service operations
  • Reasonable security practices and internal access controls

No system can be guaranteed 100% secure, but we work to protect personal information using safeguards appropriate to the nature of the data we process.

If we become aware of a security incident affecting personal information, we will notify affected users as required by applicable law, which may include email, in-app notice, website notice, or other legally required methods.

8. International Data Transfers

Bazu Fitness LLC is based in the United States. Because Bazu! uses Firebase and Google Cloud services provided by Google, your information may be transferred to, stored in, or processed in the United States and other countries where Google, its affiliates, or its subprocessors operate.

If you are located outside the United States, your information may be processed in countries that may not provide the same level of data protection as your home country.

Email marketing and list-management information is processed by Brevo, which is established in the European Union (France) and processes data in accordance with GDPR. Brevo and its subprocessors may also operate in other countries.

For users in the EEA, United Kingdom, and Switzerland, international transfers are protected through appropriate transfer mechanisms where required, which may include Standard Contractual Clauses, the UK International Data Transfer Addendum where applicable, adequacy decisions where applicable, and Google's participation in the EU-U.S. Data Privacy Framework, Swiss-U.S. Data Privacy Framework, and UK Extension to the EU-U.S. Data Privacy Framework where applicable.

9. Children's Privacy

Bazu! is not intended for users under 16 years old. We do not knowingly collect personal information from anyone under 16.

If you believe data was collected from a child under 16, contact us immediately.

10. Third-Party Links

The app or website may contain links to external sites. We are not responsible for their content or privacy practices.

11. Changes to This Privacy Policy

We may update this Policy periodically. If changes are material, we will notify users via in-app notice, email (if appropriate), or an update banner on the website. The “Last updated” date will always reflect the latest version.

12. Contact Us

Bazu Fitness LLC
Email: support@getbazu.com
For privacy-specific inquiries: support@getbazu.com

Back to HomeTerms of Use