Hectiks

Last updated: March 8, 2026

1. Data Controller

The data controller responsible for processing your personal data through this application is the individual or entity that operates Hectiks. For any privacy-related requests, please contact us at privacy@hectiks.com.

2. Data We Collect and Why

Data	Purpose	Legal basis
Email address	Account login and verification	Contractual necessity (Art. 6.1.b)
Display name	Personalisation across the app	Contractual necessity (Art. 6.1.b)
Weight, height, gender, date of birth	Calculate daily calorie targets (Harris-Benedict formula)	Explicit consent (Art. 9.2.a) — you consent separately when saving physical info
Training sessions, exercises, sets, notes	Core fitness tracking features	Contractual necessity (Art. 6.1.b)
Food conversion items	Calorie calculation helpers	Contractual necessity (Art. 6.1.b)
IP address, browser info	Session security and fraud prevention	Legitimate interest (Art. 6.1.f)

3. Special Category Data (Health Data)

Your physical measurements — weight, height, gender, and date of birth — may be considered health-related data under GDPR Article 9. We only store this data after you provide explicit, separate consent on your profile page. You can withdraw this consent and delete this data at any time from your profile.

4. Sub-processors

We share your email address with the following third-party service provider to deliver transactional emails (e.g. account verification, deletion confirmation):

Resend — email delivery service. Privacy Policy

We have signed a Data Processing Agreement (DPA) with Resend as required by GDPR Article 28.

5. Data Retention

Session data (IP, browser): retained for 7 days, then automatically deleted.
Account and fitness data: retained until you delete your account.
Health data (physical measurements): retained until you withdraw consent or delete your account.

6. Your Rights

Under GDPR, you have the following rights:

Right of access (Art. 15) — Download all your data from your profile page.
Right to erasure (Art. 17) — Delete your account and all data from your profile page.
Right to portability (Art. 20) — Export your data in JSON format from your profile page.
Right to rectification (Art. 16) — Edit your data at any time from your profile page.
Right to restriction (Art. 18) — Contact us to request restricted processing.
Right to withdraw consent — Withdraw health data consent at any time from your profile page.

To exercise any right not available directly in the app, contact us at privacy@hectiks.com.

7. Supervisory Authority

If you believe we have handled your personal data in violation of GDPR, you have the right to lodge a complaint with your national supervisory authority. In France, this is the CNIL (Commission Nationale de l'Informatique et des Libertés).

8. Cookies

This application uses only essential session cookies required for authentication. No tracking, advertising, or analytics cookies are used. Essential cookies do not require your consent under the ePrivacy Directive.

Privacy Policy