Privacy Policy

Last updated: January 2025

Effective Date: January 15, 2025

Introduction

ZenWalk (“we,” “our,” or “us”), operated by Amzu Information Technology Ltd, respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application and related services (the “Services”).

1. Data Controller

Company: Amzu Information Technology Ltd
Company No: 08516330
Registration: Registered in England and Wales
Email: privacy@zenwalk.fit
DPO: dpo@zenwalk.fit

2. Information We Collect

Account Information

  • Email address (via Apple Sign-In)
  • User ID

Health & Fitness Data Special Category

  • Age (number in years — we do not collect date of birth)
  • Weight
  • Height
  • Fitness level (self-reported)
  • Step counts, workout duration, calories burned
  • Distance travelled, workout intervals

Device & Usage

  • App events, crash logs, and diagnostics
  • Approximate region/country from IP (for fraud/security)

3. How We Use Your Data & Legal Bases (UK GDPR)

  • Provide and improve the Services (e.g., workout tracking, interval coaching, personalised metrics using height/weight/age, syncing across devices) — Performance of a contract.
  • Authenticate and manage your account (Apple Sign-In) — Performance of a contract.
  • Process premium subscriptionsPerformance of a contract.
  • Secure and prevent abuse (fraud detection, rate-limiting) — Legitimate interests.
  • Analytics and product improvement (non-essential analytics where used) — Consent (where required).
  • Compliance with legal obligations (e.g., tax, accounting) — Legal obligation.

Health data notice: We only process health/fitness data (including height, weight, and age) with your explicit consent (UK GDPR Art. 9(2)(a)). You can withdraw consent at any time from in-app settings or by contacting us.

4. Data Storage, Security & Retention

Your data is stored on secure Supabase infrastructure located in the UK/EU with AES-256 encryption at rest and TLS in transit. We apply role-based access controls, least-privilege principles, and monitoring to minimise risk.

Retention: We keep personal data for as long as you maintain an account. After account deletion, we delete or irreversibly anonymise personal data within 30 days, except where a longer period is required for legal, accounting, or security reasons (typically up to 6 years for financial/transaction records in the UK).

5. International Transfers

Where data is transferred outside the UK/EEA (for example, to sub-processors or support tools), we use appropriate safeguards such as the UK International Data Transfer Agreement (IDTA) and/or the EU Standard Contractual Clauses with the UK Addendum, plus supplementary measures where necessary.

6. Sharing Your Data

  • Supabase: Cloud hosting/database provider (processor).
  • Apple: Authentication (Sign in with Apple) and payments (where applicable).
  • Service providers: Security, analytics (if used with consent), and support tools under data processing agreements.
  • We do not sell or “share” your personal information for cross-context behavioural advertising.

7. Your Rights

UK/EEA users: You have the right to access, rectify, erase, restrict, object, and data portability, and to withdraw consent at any time (without affecting prior processing). You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

How to exercise: Email privacy@zenwalk.fit. We aim to respond within 30 days.

8. Children’s Privacy

ZenWalk is intended for users 13+. We do not knowingly collect personal data from children under 13. If you believe a child has provided personal data, contact us and we will delete it.

9. Users in the United States (State Privacy Laws)

We comply with applicable U.S. state privacy laws (including the California Consumer Privacy Act as amended by the CPRA) to the extent they apply. We do not sell or share your personal information, nor use it for automated decision-making that produces legal or similarly significant effects.

Categories we collect

  • Identifiers (e.g., email, user ID)
  • Commercial/payment info (subscription status via Apple; we do not store full card data)
  • Internet/usage data (app events, diagnostics)
  • Geolocation (approximate, derived from IP)
  • Sensitive data: health/fitness metrics (height, weight, age as a number, activity metrics) — with explicit consent

Purposes

  • Provide the Services, authentication, subscriptions, security, debugging, and improvement

Your rights (where applicable)

  • Know/access, correct, delete, data portability
  • Limit use/disclosure of sensitive personal information (we only use health data to provide the Services)
  • Non-discrimination for exercising rights

Submit requests via privacy@zenwalk.fit. If we deny a request, you may appeal by replying to our decision; we will provide information on further escalation where required by law.

10. Jurisdiction & Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of England and Wales. Any disputes relating to this policy shall be subject to the exclusive jurisdiction of the courts of England and Wales.

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we comply with the GDPR/UK GDPR. For users in the United States and other regions, we comply with applicable local privacy laws to the extent required.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you in-app or by email. Your continued use of the Services after the effective date constitutes acceptance of the updated policy.

12. Contact Us

Company: Amzu Information Technology Ltd
Privacy Inquiries: privacy@zenwalk.fit
DPO: dpo@zenwalk.fit
General Support: support@zenwalk.fit

Back to Home