This Privacy Policy explains how Inertia Technologies Limited ("we", "our", or "us") collects, uses, shares, and protects your personal data when you use the LetsGxo mobile application. We are registered with the UK Information Commissioner's Office (ICO). Health and biometric data is classified as Special Category Data under UK GDPR and receives the enhanced protections required under Article 9 — it is processed only with your explicit consent and is never sold to any third party.

1. Introduction and Who We Are

LetsGxo is a fitness tracking and social fitness platform operated by Inertia Technologies Limited, a company incorporated in England and Wales (Company Number: 16919325).

We are the data controller for personal data collected through the LetsGxo mobile application (the "App"). We are registered with the Information Commissioner's Office (ICO) under reference number [ICO REGISTRATION NUMBER].

This Privacy Policy applies to all users of the App worldwide, including those using LetsGxo on iOS and Android devices. By creating an account you confirm that you have read and understood this Policy.

Our contact details for privacy matters:


2. Key Definitions

"Personal Data" means any information that identifies or could identify a living individual.

"Special Category Data" means particularly sensitive personal data that receives additional legal protection under UK GDPR Article 9, including health and biometric data.

"AI Coach" means the artificial intelligence coaching and analysis feature available to premium subscribers.

"Wearable Device" means a smartwatch, fitness tracker, or similar connected device you link to the App.

"Social Features" means the community features within the App, including posting activities, sharing photographs, following other users, and commenting.

"UK GDPR" means the UK General Data Protection Regulation as retained in UK law by the European Union (Withdrawal) Act 2018, as amended.


3. Data We Collect About You

We collect data you provide directly, data generated by your use of the App, and data imported from third-party platforms you choose to connect. We are transparent about the purpose for each type of data we collect.

3.1 Account and Profile Data

When you register for LetsGxo we collect:

3.2 Activity and Fitness Data

When you log or import workouts we collect:

3.3 Health and Biometric Data (Special Category)

Where you connect a Wearable Device or enable health tracking we may collect:

This data is classified as Special Category Data under UK GDPR Article 9 and is collected only with your explicit consent. You may withdraw consent at any time via your account settings. Full details are set out in Section 6.

3.4 Location Data

Where you use GPS-based activity tracking we collect real-time GPS coordinates during activities, route maps and waypoints, and start and end locations of activities. A Privacy Zone feature allows you to hide start/end points around sensitive locations such as your home. GPS tracking is optional and can be disabled at any time in your device settings or within the App.

3.5 Photographs and Media

We collect activity photographs and other media you voluntarily upload to posts or your profile, and physique photographs you submit for AI Coach physique analysis (only where you have given explicit consent for this specific feature — see Section 7.4).

3.6 Wearable and Connected Device Data

If you connect a supported platform or device, we receive data from Garmin (via Garmin Connect), Suunto (via the Suunto App), Polar (via Polar Flow), COROS (via the COROS App), Apple (via Apple HealthKit), and Google (via Google Fit / Google Health Connect). Data received is limited strictly to the permissions you grant within those platforms.

Apple HealthKit: Data received via Apple HealthKit is used solely to provide the fitness tracking and AI coaching features you have requested. HealthKit data is never used for advertising or marketing purposes, is never sold to any third party, and is not shared with third parties except as required to provide the features you have explicitly requested.

Google Health Connect: Data received via Google Health Connect is used only to provide the specific functionality you have requested within LetsGxo, including activity tracking and AI coaching. It is not used for advertising and is not sold.

3.7 AI Coaching and Analysis Data

To power the AI Coach we process your historical activity and performance data, health metrics from connected wearables (where consent has been given), your stated training goals and self-reported fitness level, physique photographs (where you have provided explicit consent for physique analysis), and your ratings and feedback on AI coaching recommendations.

3.8 Social and Community Data

If you use Social Features we collect activity posts you share, comments, kudos, and reactions, photographs and captions you publish, your followers and following list, private messages exchanged between users, and content reports you make regarding other users or posts.

3.9 Subscription and Payment Data

Payments for the AI Coach subscription are processed exclusively by Apple App Store or Google Play billing. We do not receive or store your payment card details. We receive only subscription status, subscription tier and renewal date, and transaction reference numbers for support purposes.

3.10 Technical and Usage Data

We automatically collect device type, manufacturer, model, and OS version; App version; IP address (used to determine approximate country for legal compliance and security purposes only); device advertising identifier (where permitted by your settings); session timestamps, feature usage logs, and in-app event data; and crash reports and performance diagnostics.

3.11 Communications Data

If you contact our support team we retain your name, email address, the content of your query, our responses and follow-up correspondence, and supporting files or screenshots you choose to provide.


4. How and Why We Use Your Data

Purpose Data Used Legal Basis
Creating and managing your accountAccount dataContract performance
Providing activity tracking featuresActivity data, location dataContract performance
Delivering AI Coach (subscribers only)All fitness and health data; photos (with consent)Contract performance + Consent (health/biometric data)
Enabling Social FeaturesActivity posts, photos, profile dataContract performance + Legitimate interests
Wearable and platform integrationWearable dataContract performance + Consent (health data)
Service notificationsAccount data, activity dataContract performance + Legitimate interests
Marketing communications (optional)Email address, preferencesConsent — unsubscribe at any time
Analytics and App improvementTechnical data, usage dataLegitimate interests
Security and fraud preventionTechnical data, account dataLegitimate interests + Legal obligation
Complying with legal obligationsAny relevant dataLegal obligation

5. Legal Basis for Processing (UK and EU GDPR)

5.1 Contract Performance (Article 6(1)(b))

Processing necessary to deliver the services you have contracted with us to receive, including account management, activity tracking, Social Features, and the AI Coach subscription.

5.2 Legitimate Interests (Article 6(1)(f))

We process certain data on the basis of our legitimate interests in operating, improving, and securing the App, where those interests are not overridden by your rights and freedoms. We have conducted Legitimate Interests Assessments for each applicable purpose. You have the right to object to this processing at any time (see Section 14).

5.3 Consent (Articles 6(1)(a) and 9(2)(a))

For Special Category Data (including health metrics, biometric data, and physique photographs) and for optional features such as marketing communications and advertising identifiers, we rely on your explicit, freely given, and specific consent. You may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

5.4 Legal Obligation (Article 6(1)(c))

We process data where required to comply with applicable law, including responding to lawful requests from courts, regulators, or law enforcement authorities.


6. Special Category (Health and Biometric) Data

Health and biometric data — including heart rate, sleep data, and physique photographs submitted for analysis — constitutes Special Category Data under UK GDPR Article 9. We process this data only with your explicit, freely given, specific, and informed consent, and to the extent strictly necessary to provide the specific feature or service you have requested.

Special Category Data is subject to the following commitments:

Physique photographs submitted for AI Coach analysis are processed automatically. They are not viewed or reviewed by human employees except in exceptional circumstances, such as where safety enforcement, legal compliance, or resolution of a complaint you have raised requires it.

You may withdraw consent for health and biometric data processing at any time via Account Settings > Privacy. Withdrawal will limit access to certain features but will not affect your use of the App's core functionality.


7. AI Coaching, Automated Analysis and Profiling

7.1 How the AI Coach Works

The AI Coach analyses your fitness data, health metrics, training history, and (where consented) physique photographs to generate personalised training plans, performance insights, and actionable recommendations. This involves automated processing of your personal data, including profiling. AI features are powered by an AI language model accessed via our secure backend. All requests to our AI provider are transmitted over encrypted channels (TLS 1.2 or higher) and are processed only for the purpose of generating your requested response. Prompts and responses are not retained by our AI provider beyond the duration necessary to generate a response.

LetsGxo is not a medical device. AI Coach outputs are not medical advice and must not be treated as a substitute for the advice of a qualified medical or fitness professional.

7.2 Automated Decision-Making

Recommendations generated by the AI Coach are advisory in nature and are intended to support — not replace — your own judgement. We do not make legally significant or similarly consequential decisions about you based solely on automated processing without human oversight. Where UK GDPR Article 22 applies, you have the right to request human review, express your point of view, and contest any output. Contact us at privacy@letsgxo.com to exercise this right.

7.3 Profiling

We create a fitness profile based on your activity history, health data, and stated training goals in order to personalise your AI Coach experience. You have the right to object to this profiling at any time (see Section 14).

7.4 Physique Analysis

If you choose to use the AI physique analysis feature, you must grant explicit consent before any physique photograph can be submitted or processed. Processing is automated; human review occurs only in exceptional circumstances. You may delete any submitted photograph and revoke consent at any time via Account Settings > AI Coach > Physique Analysis. Upon revocation, further analysis is suspended immediately and existing physique photographs are deleted within 30 days.

7.5 What the AI Coach Remembers

To provide continuity across sessions, the AI Coach has access to your goal profile, training preferences, and coaching style settings; recent AI Coach conversation messages; and activity history, check-in data, and recovery metrics you have logged or synced. The AI Coach does not have access to information outside LetsGxo. You may delete your AI Coach conversation history at any time via Account Settings > AI Coach > Clear History.


8. Social Features — What Others Can See

8.1 Visibility Controls

Each piece of content can be set to Public (visible to all LetsGxo users), Followers Only (default for new accounts), or Private (visible only to you). We recommend reviewing your privacy settings regularly under Account Settings > Privacy.

8.2 Privacy Zones

You can configure a Privacy Zone around any sensitive location — such as your home or place of work — to automatically obscure the start and end points of activities from other users. Privacy Zones are managed under Account Settings > Privacy > Privacy Zones.

8.3 Blocking and Reporting

You may block any user at any time, preventing them from viewing your content or interacting with you. You may also report content or user behaviour that you believe violates our Community Guidelines. Reports are reviewed by our moderation team.


9. Sharing Your Data with Third Parties

We do not sell your personal data to third parties under any circumstances.

9.1 Service Providers

We share data with carefully selected third-party service providers acting as data processors on our behalf, bound by written data processing agreements, and only to the extent necessary for them to deliver their services:

ProviderPurposeLocation
Google LLCCloud infrastructure, database, file storage, user authentication, analytics, crash reporting, fitness data integration, and app billingUSA
Apple Inc.HealthKit health data integration; App Store billingUSA
Anthropic, Inc.AI language model processing for coaching analysis, plan generation, physique analysis, and meal scanningUSA
RevenueCat, Inc.Subscription management and entitlement verificationUSA
Garmin LtdActivity data importUSA / Global
Suunto (Amer Sports)Activity data importFinland / EU
Polar Electro OyActivity data importFinland / EU
COROS Wearables Inc.Activity data importUSA / China*

* By connecting a COROS device you acknowledge that your activity data may be processed in China. Appropriate transfer safeguards apply as described in Section 10.

9.2 Business Transfers

If we are involved in a merger, acquisition, restructuring, or sale of business assets, your personal data may be transferred as part of that transaction. We will notify you before your data becomes subject to a materially different privacy policy, and you will retain the right to request deletion of your account and data.

9.3 Legal Requirements

We may disclose personal data to law enforcement, the ICO, courts, or other regulatory bodies where required or permitted by law, where necessary to protect the safety of any person, or where necessary to enforce our legal rights.

9.4 Aggregated and Anonymised Data

We may share aggregated, anonymised statistics with partners, researchers, or the public. Such data cannot reasonably be used to identify any individual.


10. International Data Transfers

We are a UK-based business. Where we transfer personal data internationally we ensure appropriate safeguards are in place in accordance with UK GDPR Chapter V:

You may request a copy of the relevant transfer mechanism for any specific provider by contacting us at privacy@letsgxo.com.


11. Data Retention

Data TypeRetention Period
Account and profile dataDuration of account, plus up to 30 days post-deletion, then permanently deleted
Activity and fitness dataDuration of account; deleted with account
Health and biometric dataDuration of consent or account (whichever ends first); deleted within 30 days of consent withdrawal or account closure
Physique photographsUntil you delete them or close your account; deleted within 30 days of withdrawal or closure
AI Coach history and recommendationsDuration of account; deleted with account
Social posts, comments, and mediaDuration of account, or until you delete the content
Technical and usage logsUp to 24 months on a rolling basis
Support communications3 years from the date the query is resolved
Financial and subscription records7 years (legal obligation under UK tax law)

12. Security

We implement appropriate technical and organisational security measures to protect your personal data, including:

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and report to the ICO without undue delay, and in any event within 72 hours of becoming aware, as required under UK GDPR Article 33.

If you have identified a potential security vulnerability, please report it to security@letsgxo.com. We follow responsible disclosure principles and will aim to acknowledge reports within 48 hours.


13. Children's Privacy

LetsGxo is intended for users aged 18 and over. We do not knowingly collect personal data from anyone under the age of 18, and users must confirm they are 18 or over at the point of account creation. If you believe we have inadvertently collected personal data from a person under 18, please contact us immediately at privacy@letsgxo.com and we will take prompt steps to delete it.


14. Your Rights

14.1 UK and EU GDPR Rights

RightWhat This Means for You
Right of AccessRequest a copy of all personal data we hold about you. We will respond within one calendar month.
Right to RectificationAsk us to correct any personal data we hold that is inaccurate or incomplete.
Right to ErasureRequest deletion of your personal data, subject to our legal retention obligations.
Right to RestrictionAsk us to pause processing of your data in certain defined circumstances.
Right to Data PortabilityReceive your personal data in a structured, machine-readable format (e.g. JSON) and have it transferred to another provider where technically feasible.
Right to ObjectObject to processing based on legitimate interests, or to processing for direct marketing or profiling purposes.
Right re. Automated DecisionsRequest human review of decisions affecting you made solely by automated means; express your view; and contest the outcome.
Right to Withdraw ConsentWithdraw consent at any time for consent-based processing. Withdrawal does not affect the lawfulness of prior processing.

To exercise any of these rights, use the in-app privacy settings or contact us at privacy@letsgxo.com. We will respond within one calendar month of receipt.

14.2 California Residents (CCPA / CPRA)

California residents have additional rights under the CCPA as amended by the CPRA, including the right to know, right to delete, right to correct, right to opt-out of sale or sharing (we do not sell your personal information), right to limit use of sensitive personal information, and right to non-discrimination. Contact us at privacy@letsgxo.com to submit a CCPA / CPRA request. We will respond within 45 calendar days.

14.3 Australian Residents

If you are an Australian resident you have rights under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Unresolved complaints may be lodged with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

14.4 Canadian Residents

If you are a Canadian resident you have rights under PIPEDA and applicable provincial legislation. Unresolved complaints may be referred to the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.


15. Analytics, SDKs and Tracking Technologies

As a mobile application, LetsGxo uses software development kits (SDKs) rather than browser cookies to collect analytics and operational data.

Analytics and Crash Reporting (Google): We use analytics and crash reporting SDKs to monitor App performance. Data collected includes screen views, feature usage patterns, session duration, crash reports, and error logs. You may opt out at any time under Account Settings > Privacy > Analytics.

Device Advertising Identifiers: With your permission we may use your device's advertising identifier (IDFA on iOS; Google Advertising ID on Android) to measure the effectiveness of our user acquisition campaigns. We do not use this for serving targeted advertisements within the App. You can reset or opt out via device settings.

We do not serve third-party advertisements within the App, and we do not engage advertising networks to serve targeted or behavioural advertising to our users.


16. Third-Party Links and Services

The App may display links to third-party websites or integrate with third-party platforms. We are not responsible for the privacy practices of those third parties. Relevant privacy policies include:


17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by displaying a prominent notice within the App before the change takes effect and/or by sending an email notification to your registered address. The "Last Updated" date at the top of this document will always reflect the most recent revision. Previous versions are available upon request by contacting us at privacy@letsgxo.com.


18. Contact Us and Complaints

If you have any questions, concerns, or requests in connection with this Privacy Policy or our handling of your personal data, please contact us:

We aim to respond to all privacy enquiries within 30 calendar days. If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority:

JurisdictionSupervisory Authority
United KingdomInformation Commissioner's Office (ICO) — www.ico.org.uk | Helpline: 0303 123 1113
European UnionYour local EU Data Protection Authority — directory
United States (California)California Privacy Protection Agency (CPPA) — cppa.ca.gov
AustraliaOffice of the Australian Information Commissioner (OAIC) — www.oaic.gov.au
CanadaOffice of the Privacy Commissioner of Canada — www.priv.gc.ca

© 2026 Inertia Technologies Limited. All rights reserved. This is Version 1.0 of the LetsGxo Privacy Policy. For previous versions contact privacy@letsgxo.com.