Finofo Fit operates with a straightforward principle — we collect only what we need to keep your training journey safe and personalized. This notice explains how information moves through our systems, what we do with it, and what choices you have along the way.
Our platform exists to help athletes train smarter while reducing injury risk. Everything we ask for serves that purpose. If it doesn't contribute to safer CrossFit practices or better educational experiences, we don't request it.
Cookie and tracking-related information lives in a separate document. If you're looking for details about analytics tools, session identifiers, or browser fingerprinting, head over to our cookie policy instead.
What We Obtain and Why
Information enters our systems through three primary channels — account creation, educational interactions, and communication exchanges.
Account Formation
When you register, we ask for basics: your name, email address, and a password you create. Some users add optional details like training experience level or specific movement goals. We need these to recognize you when you return and to customize educational content that matches your current skill level.
Educational Engagement
As you move through webinars, safety guides, or technique breakdowns, our system records which materials you've accessed and how far you've progressed. This helps us suggest relevant next steps and remember where you left off. If you're halfway through a kettlebell swing tutorial, we won't reset your progress next time you log in.
Direct Communication
When you reach out through our contact form or email help@finofo-fit.com, we retain those messages along with your email address and any details you choose to share. Support inquiries sometimes include training history or injury concerns — we keep these to provide informed responses and to spot patterns that might improve our educational materials.
We don't ask for payment information. Our educational resources operate on a no-cost basis, so there's no checkout process and no financial data passing through our platform.
How Information Gets Used
Every piece of data we collect serves operational purposes tied to safer training and better education.
Your account information lets us authenticate your access and send relevant updates. If we're hosting a webinar on shoulder mobility for intermediate athletes, we'll notify users who've indicated interest in that area. The alternative would be blasting everyone with everything, which wastes your time and our credibility.
Progress tracking exists so you can pick up where you stopped without hunting for the right video timestamp or article section. It also helps us identify which educational materials resonate and which ones need reworking. If most users abandon a particular safety guide halfway through, that's a signal we need to improve its structure or clarity.
Communication records serve two functions. First, they ensure continuity when multiple team members handle support requests — nobody wants to explain their rotator cuff issue three times to three different people. Second, they help us refine our educational approach. If twenty people ask the same question about Olympic lift progressions, we probably need a dedicated resource addressing that topic.
Internal Access
Only team members who need specific information to do their jobs can reach it. Support staff see communication histories. Content developers access aggregated usage patterns. Our technical administrator handles system security and backup operations. Nobody gets blanket access to everything.
External Movement and Storage
Your information primarily stays within our infrastructure, but certain situations require limited external transfers.
Service Providers
We rely on a hosting provider to keep our platform running and a transactional email service to deliver account notifications. These vendors access only what they need to perform their specific functions — server maintenance or message delivery. Both operate under contractual obligations that mirror our own privacy commitments.
Legal Requirements
If a court order, subpoena, or legitimate regulatory request arrives, we'll comply with applicable law. This hasn't happened yet, but it's a possibility worth mentioning. We'd push back on overly broad requests and notify affected users unless legally prohibited from doing so.
We don't sell, rent, or otherwise commercialize your information. Period. Our business model doesn't depend on data brokerage, and introducing that would fundamentally contradict why we built this platform in the first place.
Data Location
Information lives on servers located in the United States, managed by our hosting provider's facilities. Backups get created daily and stored in geographically separate locations to protect against hardware failures or natural disasters.
Retention, Security, and Your Choices
How Long We Keep Things
Active account information persists as long as your account exists. If you stop using our platform but don't formally close your account, we'll eventually archive inactive accounts after three years of zero activity. Archived means we stop sending emails and restrict access, but the data remains available if you decide to return.
Communication records stay accessible for two years from the date of last contact. After that, they move to cold storage for another year before deletion. This timeline balances operational needs against privacy principles — recent inquiries inform support quality, but five-year-old messages serve no practical purpose.
Protection Measures
We employ industry-standard safeguards: encrypted data transmission, password hashing, restricted administrative access, regular security audits, and monitored backup systems. Our hosting provider maintains physical security at data centers, including access controls and environmental protections.
Despite these measures, perfect security doesn't exist. Network breaches happen to organizations with far larger security budgets than ours. We're transparent about this reality rather than making absolute promises we can't guarantee.
What You Can Do
You can view or update your account information anytime after logging in. If you want to see everything we've recorded about you, email help@finofo-fit.com with "Data Request" in the subject line. We'll send a complete export within ten business days.
Account deletion is permanent and happens within thirty days of your request. We'll remove your information from active systems, though backup archives might retain copies for up to ninety days before those get overwritten during normal rotation cycles.
If you've subscribed to educational updates or webinar notifications, every message includes an unsubscribe option. Using it won't affect your account access — you'll just stop receiving those specific communications.