Privacy Policy — DeskFit
1. Introduction
This Privacy Policy explains how OQapps ("we", "us", or "our") collects, uses, and protects your personal information when you use the DeskFit mobile application ("the App"). DeskFit is a wellness application for office and remote workers. It provides 2-5 minute video exercises targeting neck, back, eyes, and wrists, along with specialized programs (e.g., for sciatica or carpal tunnel relief), smart reminders, and pain tracking.
By downloading, installing, or using the App, you agree to the collection and use of information in accordance with this Policy. If you do not agree, please do not use the App.
2. Information We Collect
We collect the following categories of information:
- Account information: email address, name, and (optionally) profile picture.
- Device information: device model, operating system version, advertising identifiers (IDFA on iOS, AAID on Android), language, and region.
- Usage data: screens viewed, features used, session length, and interactions with notifications.
- Health-related information: fitness and wellness-related information you choose to log (such as symptoms, mood, sleep schedule, or dietary intake). This data is treated as sensitive and stored securely.
- Subscription and purchase information: subscription status, transaction identifiers, and renewal dates. We do not receive your full payment card details — Apple and Google process payments directly.
- Communications: messages you send to our support team.
- Crash and diagnostic data: automatically collected when the app crashes, to help us fix bugs.
3. How We Use Your Information
We use the information we collect for the following purposes:
- To provide and operate the App — including authentication, syncing your data across devices, and delivering core features. (Legal basis under GDPR: performance of contract.)
- To improve and develop the App — analyzing how features are used so we can fix bugs, optimize performance, and build better products. (Legal basis: legitimate interest.)
- To provide customer support — responding to your questions and resolving issues. (Legal basis: performance of contract.)
- To send service-related communications — such as account confirmation, security alerts, and important updates. (Legal basis: legitimate interest / legal obligation.)
- To send marketing communications — only if you have opted in. You can unsubscribe at any time. (Legal basis: consent.)
- To comply with legal obligations — such as tax, accounting, or law-enforcement requests. (Legal basis: legal obligation.)
4. Third-Party Service Providers
We use the following third-party services to operate the App. Each provider has its own privacy policy, which governs how they handle your data:
| Service | Purpose | Privacy policy |
|---|---|---|
| Supabase | Authentication, database, and file storage | Privacy policy |
| Apple | Sign in with Apple | Privacy policy |
| Google Sign-In authentication | Privacy policy | |
| Apple | In-app purchases, App Store distribution, and Sign in with Apple | Privacy policy |
| Google Play Billing and Google Play distribution | Privacy policy | |
| Adapty | Subscription management and analytics | Privacy policy |
| Expo | Push notification delivery | Privacy policy |
We share with each provider only the minimum information needed to perform their function. We do not sell your personal information to data brokers.
5. Data Sharing and Disclosure
Beyond the third-party service providers listed above, we may share your information in the following limited circumstances:
- Legal requirements: if required by law, court order, or governmental authority.
- Business transfers: in connection with a merger, acquisition, or sale of assets, in which case the acquiring party will be bound by this Policy.
- With your consent: for any other purpose you explicitly approve.
We do not sell, rent, or trade your personal information.
6. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the App. After account deletion, we delete or anonymize your data within 30 days, except where retention is required by law (e.g., financial records, which we retain for up to seven years).
Anonymized analytics that cannot identify you may be retained indefinitely.
7. Your Rights and Choices
If you are in the European Economic Area, the United Kingdom, or Switzerland (GDPR)
You have the following rights:
- Right of access — request a copy of the personal information we hold about you.
- Right to rectification — correct inaccurate information.
- Right to erasure ("right to be forgotten") — request deletion of your personal information.
- Right to restriction of processing.
- Right to data portability — receive your data in a portable format.
- Right to object to processing based on legitimate interest.
- Right to withdraw consent at any time, where processing is based on consent.
- Right to lodge a complaint with your local data protection authority.
If you are a California resident (CCPA / CPRA)
You have the right to:
- Know what personal information we collect, use, disclose, and sell or share.
- Delete personal information we have collected about you.
- Correct inaccurate personal information.
- Opt out of the sale or sharing of your personal information (we do not sell or share for cross-context behavioral advertising).
- Limit use of sensitive personal information.
- Non-discrimination for exercising your rights.
To exercise any of these rights, contact privacy@oqapps.pro. We will respond within 30 days (45 days under CCPA, with one possible extension).
For all users
You can delete your account at any time. See our Account Deletion page for instructions.
8. International Data Transfers
Your information may be processed in the United States or other countries where our service providers operate. When we transfer personal data from the EEA, UK, or Switzerland to a country that has not received an adequacy decision, we use Standard Contractual Clauses (SCCs) approved by the European Commission to safeguard the transfer.
9. Security
We use industry-standard measures to protect your information, including encryption in transit (TLS) and at rest, access controls, and regular security audits. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
If we become aware of a breach affecting your personal information, we will notify you and the relevant authorities as required by applicable law.
10. Children's Privacy
The App is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13 (or under 16 in the European Economic Area). If you believe a child has provided us with personal information, please contact privacy@oqapps.pro and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through the App, by email, or through a prominent notice on our website at least 30 days before they take effect. Continued use of the App after changes take effect constitutes acceptance of the updated Policy.
12. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, contact us:
- Privacy email: privacy@oqapps.pro
- General support: support@oqapps.pro
- Website: https://oqapps.pro
13. Fitness and Wellness Information
DeskFit processes wellness and fitness information you log (such as pain points, exercises completed, and reminders). We do not sell, share, or use this information for advertising. You can delete this data at any time by contacting privacy@oqapps.pro.
Document version: v1.0 · Effective: May 08, 2026 · Last updated: May 08, 2026
If you have questions about this document, contact us at legal@oqapps.pro.