LetsGxo is a fitness tracking and social fitness platform operated by Inertia Technologies Limited, a company incorporated in England and Wales (Company Number: 16919325).
We are the data controller for personal data collected through the LetsGxo mobile application (the "App"). We are registered with the Information Commissioner's Office (ICO) under reference number [ICO REGISTRATION NUMBER].
This Privacy Policy applies to all users of the App worldwide, including those using LetsGxo on iOS and Android devices. By creating an account you confirm that you have read and understood this Policy.
Our contact details for privacy matters:
"Personal Data" means any information that identifies or could identify a living individual.
"Special Category Data" means particularly sensitive personal data that receives additional legal protection under UK GDPR Article 9, including health and biometric data.
"AI Coach" means the artificial intelligence coaching and analysis feature available to premium subscribers.
"Wearable Device" means a smartwatch, fitness tracker, or similar connected device you link to the App.
"Social Features" means the community features within the App, including posting activities, sharing photographs, following other users, and commenting.
"UK GDPR" means the UK General Data Protection Regulation as retained in UK law by the European Union (Withdrawal) Act 2018, as amended.
We collect data you provide directly, data generated by your use of the App, and data imported from third-party platforms you choose to connect. We are transparent about the purpose for each type of data we collect.
When you register for LetsGxo we collect:
When you log or import workouts we collect:
Where you connect a Wearable Device or enable health tracking we may collect:
This data is classified as Special Category Data under UK GDPR Article 9 and is collected only with your explicit consent. You may withdraw consent at any time via your account settings. Full details are set out in Section 6.
Where you use GPS-based activity tracking we collect real-time GPS coordinates during activities, route maps and waypoints, and start and end locations of activities. A Privacy Zone feature allows you to hide start/end points around sensitive locations such as your home. GPS tracking is optional and can be disabled at any time in your device settings or within the App.
We collect activity photographs and other media you voluntarily upload to posts or your profile, and physique photographs you submit for AI Coach physique analysis (only where you have given explicit consent for this specific feature — see Section 7.4).
If you connect a supported platform or device, we receive data from Garmin (via Garmin Connect), Suunto (via the Suunto App), Polar (via Polar Flow), COROS (via the COROS App), Apple (via Apple HealthKit), and Google (via Google Fit / Google Health Connect). Data received is limited strictly to the permissions you grant within those platforms.
Apple HealthKit: Data received via Apple HealthKit is used solely to provide the fitness tracking and AI coaching features you have requested. HealthKit data is never used for advertising or marketing purposes, is never sold to any third party, and is not shared with third parties except as required to provide the features you have explicitly requested.
Google Health Connect: Data received via Google Health Connect is used only to provide the specific functionality you have requested within LetsGxo, including activity tracking and AI coaching. It is not used for advertising and is not sold.
To power the AI Coach we process your historical activity and performance data, health metrics from connected wearables (where consent has been given), your stated training goals and self-reported fitness level, physique photographs (where you have provided explicit consent for physique analysis), and your ratings and feedback on AI coaching recommendations.
If you use Social Features we collect activity posts you share, comments, kudos, and reactions, photographs and captions you publish, your followers and following list, private messages exchanged between users, and content reports you make regarding other users or posts.
Payments for the AI Coach subscription are processed exclusively by Apple App Store or Google Play billing. We do not receive or store your payment card details. We receive only subscription status, subscription tier and renewal date, and transaction reference numbers for support purposes.
We automatically collect device type, manufacturer, model, and OS version; App version; IP address (used to determine approximate country for legal compliance and security purposes only); device advertising identifier (where permitted by your settings); session timestamps, feature usage logs, and in-app event data; and crash reports and performance diagnostics.
If you contact our support team we retain your name, email address, the content of your query, our responses and follow-up correspondence, and supporting files or screenshots you choose to provide.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Creating and managing your account | Account data | Contract performance |
| Providing activity tracking features | Activity data, location data | Contract performance |
| Delivering AI Coach (subscribers only) | All fitness and health data; photos (with consent) | Contract performance + Consent (health/biometric data) |
| Enabling Social Features | Activity posts, photos, profile data | Contract performance + Legitimate interests |
| Wearable and platform integration | Wearable data | Contract performance + Consent (health data) |
| Service notifications | Account data, activity data | Contract performance + Legitimate interests |
| Marketing communications (optional) | Email address, preferences | Consent — unsubscribe at any time |
| Analytics and App improvement | Technical data, usage data | Legitimate interests |
| Security and fraud prevention | Technical data, account data | Legitimate interests + Legal obligation |
| Complying with legal obligations | Any relevant data | Legal obligation |
Processing necessary to deliver the services you have contracted with us to receive, including account management, activity tracking, Social Features, and the AI Coach subscription.
We process certain data on the basis of our legitimate interests in operating, improving, and securing the App, where those interests are not overridden by your rights and freedoms. We have conducted Legitimate Interests Assessments for each applicable purpose. You have the right to object to this processing at any time (see Section 14).
For Special Category Data (including health metrics, biometric data, and physique photographs) and for optional features such as marketing communications and advertising identifiers, we rely on your explicit, freely given, and specific consent. You may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
We process data where required to comply with applicable law, including responding to lawful requests from courts, regulators, or law enforcement authorities.
Health and biometric data — including heart rate, sleep data, and physique photographs submitted for analysis — constitutes Special Category Data under UK GDPR Article 9. We process this data only with your explicit, freely given, specific, and informed consent, and to the extent strictly necessary to provide the specific feature or service you have requested.
Special Category Data is subject to the following commitments:
Physique photographs submitted for AI Coach analysis are processed automatically. They are not viewed or reviewed by human employees except in exceptional circumstances, such as where safety enforcement, legal compliance, or resolution of a complaint you have raised requires it.
You may withdraw consent for health and biometric data processing at any time via Account Settings > Privacy. Withdrawal will limit access to certain features but will not affect your use of the App's core functionality.
The AI Coach analyses your fitness data, health metrics, training history, and (where consented) physique photographs to generate personalised training plans, performance insights, and actionable recommendations. This involves automated processing of your personal data, including profiling. AI features are powered by an AI language model accessed via our secure backend. All requests to our AI provider are transmitted over encrypted channels (TLS 1.2 or higher) and are processed only for the purpose of generating your requested response. Prompts and responses are not retained by our AI provider beyond the duration necessary to generate a response.
LetsGxo is not a medical device. AI Coach outputs are not medical advice and must not be treated as a substitute for the advice of a qualified medical or fitness professional.
Recommendations generated by the AI Coach are advisory in nature and are intended to support — not replace — your own judgement. We do not make legally significant or similarly consequential decisions about you based solely on automated processing without human oversight. Where UK GDPR Article 22 applies, you have the right to request human review, express your point of view, and contest any output. Contact us at privacy@letsgxo.com to exercise this right.
We create a fitness profile based on your activity history, health data, and stated training goals in order to personalise your AI Coach experience. You have the right to object to this profiling at any time (see Section 14).
If you choose to use the AI physique analysis feature, you must grant explicit consent before any physique photograph can be submitted or processed. Processing is automated; human review occurs only in exceptional circumstances. You may delete any submitted photograph and revoke consent at any time via Account Settings > AI Coach > Physique Analysis. Upon revocation, further analysis is suspended immediately and existing physique photographs are deleted within 30 days.
To provide continuity across sessions, the AI Coach has access to your goal profile, training preferences, and coaching style settings; recent AI Coach conversation messages; and activity history, check-in data, and recovery metrics you have logged or synced. The AI Coach does not have access to information outside LetsGxo. You may delete your AI Coach conversation history at any time via Account Settings > AI Coach > Clear History.
Each piece of content can be set to Public (visible to all LetsGxo users), Followers Only (default for new accounts), or Private (visible only to you). We recommend reviewing your privacy settings regularly under Account Settings > Privacy.
You can configure a Privacy Zone around any sensitive location — such as your home or place of work — to automatically obscure the start and end points of activities from other users. Privacy Zones are managed under Account Settings > Privacy > Privacy Zones.
You may block any user at any time, preventing them from viewing your content or interacting with you. You may also report content or user behaviour that you believe violates our Community Guidelines. Reports are reviewed by our moderation team.
We do not sell your personal data to third parties under any circumstances.
We share data with carefully selected third-party service providers acting as data processors on our behalf, bound by written data processing agreements, and only to the extent necessary for them to deliver their services:
| Provider | Purpose | Location |
|---|---|---|
| Google LLC | Cloud infrastructure, database, file storage, user authentication, analytics, crash reporting, fitness data integration, and app billing | USA |
| Apple Inc. | HealthKit health data integration; App Store billing | USA |
| Anthropic, Inc. | AI language model processing for coaching analysis, plan generation, physique analysis, and meal scanning | USA |
| RevenueCat, Inc. | Subscription management and entitlement verification | USA |
| Garmin Ltd | Activity data import | USA / Global |
| Suunto (Amer Sports) | Activity data import | Finland / EU |
| Polar Electro Oy | Activity data import | Finland / EU |
| COROS Wearables Inc. | Activity data import | USA / China* |
* By connecting a COROS device you acknowledge that your activity data may be processed in China. Appropriate transfer safeguards apply as described in Section 10.
If we are involved in a merger, acquisition, restructuring, or sale of business assets, your personal data may be transferred as part of that transaction. We will notify you before your data becomes subject to a materially different privacy policy, and you will retain the right to request deletion of your account and data.
We may disclose personal data to law enforcement, the ICO, courts, or other regulatory bodies where required or permitted by law, where necessary to protect the safety of any person, or where necessary to enforce our legal rights.
We may share aggregated, anonymised statistics with partners, researchers, or the public. Such data cannot reasonably be used to identify any individual.
We are a UK-based business. Where we transfer personal data internationally we ensure appropriate safeguards are in place in accordance with UK GDPR Chapter V:
You may request a copy of the relevant transfer mechanism for any specific provider by contacting us at privacy@letsgxo.com.
| Data Type | Retention Period |
|---|---|
| Account and profile data | Duration of account, plus up to 30 days post-deletion, then permanently deleted |
| Activity and fitness data | Duration of account; deleted with account |
| Health and biometric data | Duration of consent or account (whichever ends first); deleted within 30 days of consent withdrawal or account closure |
| Physique photographs | Until you delete them or close your account; deleted within 30 days of withdrawal or closure |
| AI Coach history and recommendations | Duration of account; deleted with account |
| Social posts, comments, and media | Duration of account, or until you delete the content |
| Technical and usage logs | Up to 24 months on a rolling basis |
| Support communications | 3 years from the date the query is resolved |
| Financial and subscription records | 7 years (legal obligation under UK tax law) |
We implement appropriate technical and organisational security measures to protect your personal data, including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and report to the ICO without undue delay, and in any event within 72 hours of becoming aware, as required under UK GDPR Article 33.
If you have identified a potential security vulnerability, please report it to security@letsgxo.com. We follow responsible disclosure principles and will aim to acknowledge reports within 48 hours.
LetsGxo is intended for users aged 18 and over. We do not knowingly collect personal data from anyone under the age of 18, and users must confirm they are 18 or over at the point of account creation. If you believe we have inadvertently collected personal data from a person under 18, please contact us immediately at privacy@letsgxo.com and we will take prompt steps to delete it.
| Right | What This Means for You |
|---|---|
| Right of Access | Request a copy of all personal data we hold about you. We will respond within one calendar month. |
| Right to Rectification | Ask us to correct any personal data we hold that is inaccurate or incomplete. |
| Right to Erasure | Request deletion of your personal data, subject to our legal retention obligations. |
| Right to Restriction | Ask us to pause processing of your data in certain defined circumstances. |
| Right to Data Portability | Receive your personal data in a structured, machine-readable format (e.g. JSON) and have it transferred to another provider where technically feasible. |
| Right to Object | Object to processing based on legitimate interests, or to processing for direct marketing or profiling purposes. |
| Right re. Automated Decisions | Request human review of decisions affecting you made solely by automated means; express your view; and contest the outcome. |
| Right to Withdraw Consent | Withdraw consent at any time for consent-based processing. Withdrawal does not affect the lawfulness of prior processing. |
To exercise any of these rights, use the in-app privacy settings or contact us at privacy@letsgxo.com. We will respond within one calendar month of receipt.
California residents have additional rights under the CCPA as amended by the CPRA, including the right to know, right to delete, right to correct, right to opt-out of sale or sharing (we do not sell your personal information), right to limit use of sensitive personal information, and right to non-discrimination. Contact us at privacy@letsgxo.com to submit a CCPA / CPRA request. We will respond within 45 calendar days.
If you are an Australian resident you have rights under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Unresolved complaints may be lodged with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
If you are a Canadian resident you have rights under PIPEDA and applicable provincial legislation. Unresolved complaints may be referred to the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.
As a mobile application, LetsGxo uses software development kits (SDKs) rather than browser cookies to collect analytics and operational data.
Analytics and Crash Reporting (Google): We use analytics and crash reporting SDKs to monitor App performance. Data collected includes screen views, feature usage patterns, session duration, crash reports, and error logs. You may opt out at any time under Account Settings > Privacy > Analytics.
Device Advertising Identifiers: With your permission we may use your device's advertising identifier (IDFA on iOS; Google Advertising ID on Android) to measure the effectiveness of our user acquisition campaigns. We do not use this for serving targeted advertisements within the App. You can reset or opt out via device settings.
We do not serve third-party advertisements within the App, and we do not engage advertising networks to serve targeted or behavioural advertising to our users.
The App may display links to third-party websites or integrate with third-party platforms. We are not responsible for the privacy practices of those third parties. Relevant privacy policies include:
We may update this Privacy Policy from time to time. We will notify you of material changes by displaying a prominent notice within the App before the change takes effect and/or by sending an email notification to your registered address. The "Last Updated" date at the top of this document will always reflect the most recent revision. Previous versions are available upon request by contacting us at privacy@letsgxo.com.
If you have any questions, concerns, or requests in connection with this Privacy Policy or our handling of your personal data, please contact us:
We aim to respond to all privacy enquiries within 30 calendar days. If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority:
| Jurisdiction | Supervisory Authority |
|---|---|
| United Kingdom | Information Commissioner's Office (ICO) — www.ico.org.uk | Helpline: 0303 123 1113 |
| European Union | Your local EU Data Protection Authority — directory |
| United States (California) | California Privacy Protection Agency (CPPA) — cppa.ca.gov |
| Australia | Office of the Australian Information Commissioner (OAIC) — www.oaic.gov.au |
| Canada | Office of the Privacy Commissioner of Canada — www.priv.gc.ca |
© 2026 Inertia Technologies Limited. All rights reserved. This is Version 1.0 of the LetsGxo Privacy Policy. For previous versions contact privacy@letsgxo.com.