Your Data Rights

You can ask us whether we hold personal data about you, and request a copy of that data.

Our response will include: the categories of data we process, the purposes of processing, the recipients or sub-processors who receive your data, the retention period, the source if the data was not collected from you, and information about automated decision-making (where applicable).

How to exercise: send an email to info@ownfit.it with the subject "GDPR data request — Access". Use the CTA above to pre-fill a template.

If any personal data we hold about you is inaccurate or incomplete, you can ask us to correct or update it.

Registered users can update most account details (name, email, professional profile) directly in Settings → Account inside the app. For data you cannot edit yourself, email info@ownfit.it with the corrections.

We will notify any sub-processors that received the inaccurate data of the correction, where feasible (Article 19).

You can ask us to delete the personal data we hold about you. We will comply unless we are legally required to retain certain records (e.g. tax and billing records under Italian law).

Registered users can permanently delete their account from Settings → Privacy → Delete Account inside the app. Health and fitness data is soft-deleted on request and irreversibly purged after 30 days, including associated media files.

Visitors who only interacted via the marketing site (contact form, newsletter, demo booking) can request erasure by emailing info@ownfit.it. We will confirm the email address that owns the data before processing the request.

You can ask us to temporarily pause the processing of your data — for example, while a rectification request is being verified, or while you contest the legal basis for processing.

During a restriction, your data is stored but not actively used. We will inform you before the restriction is lifted.

How to exercise: email info@ownfit.it describing which processing you want restricted and why.

You can request a copy of your personal data in a structured, commonly used, machine-readable format (we provide JSON), and have it transmitted to another controller where technically feasible.

This right applies to data you provided to us and that we process based on consent or on the performance of a contract. Examples include: workout logs, body composition measurements, programs you created, messages you sent.

Registered users can trigger an export from Settings → Privacy → Export My Data inside the app. The export downloads (web) or opens the native share sheet (mobile) immediately. If you cannot use the in-app export, email us at the address above and we will deliver the export within 30 days.

You can object to processing based on our legitimate interests (e.g. product analytics) at any time. We will stop the processing unless we can demonstrate compelling legitimate grounds that override your interests.

You can object to direct marketing at any time and we will stop immediately — without exception.

How to exercise: email info@ownfit.it describing what you object to.

Where we rely on your consent (e.g. for processing health and fitness data, or for AI-powered features), you can withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

Registered users can toggle each consent in Settings → Privacy. Withdrawing consent for health data triggers a 30-day soft-delete window for the affected records.

For cookie consent, click "Manage cookies" in the page footer to reopen your preferences.

OwnFit does not make decisions about you that are based solely on automated processing and that produce legal or similarly significant effects. AI-powered features (when enabled) suggest content to fitness professionals, who remain responsible for reviewing and approving any AI output before sharing it with athletes.

To protect your data, we will verify your identity before fulfilling a request. For registered users, we send a confirmation link to the email address on file. For visitors, we may request additional information sufficient to confirm you are the data subject (Article 12(6)).

We will not share data with anyone we cannot reasonably verify as the data subject or their authorised representative.

We respond to data requests within 30 days of receipt (GDPR Article 12(3)). For complex requests, this period may be extended by a further two months — in which case we will inform you of the extension and the reasons within the first 30 days.

Requests are handled free of charge. We may charge a reasonable fee or refuse to act only if requests are manifestly unfounded or excessive — for example, repetitive requests for the same data (Article 12(5)).

If you believe we have mishandled your personal data, you have the right to lodge a complaint with a data protection supervisory authority.

In Italy, the competent authority is the Garante per la protezione dei dati personali — Piazza Venezia 11, 00187 Roma — protocollo@gpdp.it — https://www.garanteprivacy.it.

You may also contact the supervisory authority in your EU country of residence, place of work, or place of the alleged infringement.

The data controller for OwnFit is DAVM. For any data rights request, write to info@ownfit.it. General product enquiries should go to hello@ownfit.com.