Privacy Policy

Last updated: March 2026

1. Introduction

BobPat AI ("we", "our", or "us") is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and your rights with respect to that data when you use our AI-powered fitness and nutrition coaching service. This policy is intended to comply with applicable United States privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Children's Online Privacy Protection Act (COPPA).

2. Data We Collect

When you create an account and use BobPat AI, we collect the following categories of personal data:

  • Account information: Your email address and, optionally, a username. Your username is used by the AI to address you and can assist with account recovery. It is not required to sign in.
  • Fitness profile: Your fitness goals, activity level, workout frequency, experience level, preferred workout duration, and equipment access.
  • Physical stats (optional): Biological sex, age, weight, and height. These are entirely optional and are used solely to generate more accurate calorie targets and personalized recommendations.
  • Dietary information: Dietary preferences, food allergies, and cooking preferences.
  • AI chat messages: The content of your conversations with the AI coaching assistant.
  • Generated plans: AI-generated workout and nutrition plans created for your account.
  • Progress logs: Weight entries, workout completion records, calories consumed entries, and notes you log over time.

We do not collect sensitive personal information such as Social Security numbers, financial account information, precise geolocation, or health information regulated under HIPAA. Fitness and wellness data you voluntarily enter is general wellness information and is not Protected Health Information (PHI) as defined under 45 CFR § 160.103.

3. How We Use Your Data

We use your personal data for the following purposes:

  • Personalizing AI coaching responses and generated workout and nutrition plans based on your profile and goals.
  • Providing, maintaining, and improving the BobPat AI service.
  • Authenticating your account and keeping your data secure.
  • Sending transactional emails, such as email address verification and email change confirmation.
  • Tracking your fitness progress over time, as you log it.

We do not use your personal data to make automated decisions that produce legal or similarly significant effects on you.

4. Third-Party Services

We use the following third-party services to operate BobPat AI:

  • DeepSeek AI:When you send messages to the AI coach or generate plans, the relevant content (your message and relevant profile context) is sent to DeepSeek's API to generate a response. This data is processed by DeepSeek in accordance with their API Terms of Service and Privacy Policy. DeepSeek is an AI service provider; we do not share your full personal profile beyond what is necessary to generate a fitness or nutrition response.
  • Neon (database hosting): Your account data, profile, messages, plans, and progress logs are stored in a PostgreSQL database hosted by Neon. Data is encrypted at rest and in transit.
  • Resend (transactional email): We use Resend to deliver verification emails when you create an account or change your email address. Only your email address is shared with Resend for this purpose, in accordance with their Privacy Policy.

We do not sell your personal data to any third parties, and we do not use your data for advertising purposes.

5. Email Verification

When you create a new account, we send a verification email to confirm your email address before your account is activated. Verification links expire after 24 hours. When you change your email address, we send a confirmation link to your new address that expires after 1 hour. These emails are sent solely for account security and are not used for marketing purposes.

6. AI-Generated Content Disclosure

In compliance with Federal Trade Commission (FTC) guidelines on AI transparency, we disclose that all coaching responses, workout plans, and nutrition plans provided through this service are generated by artificial intelligence (DeepSeek AI), operating under the persona "Bobpat". AI-generated content may contain inaccuracies or errors and is not a substitute for professional advice from a qualified fitness trainer, registered dietitian, or healthcare provider. You should independently verify any recommendations before acting on them.

7. Your Privacy Rights

You have the following rights with respect to your personal data:

  • Access: You can view your profile information and fitness data within the app at any time.
  • Correction: You can update your profile information, username, and fitness goals at any time via the Profile page, and change your email address or password via the Settings page.
  • Deletion:You can permanently delete your account and all associated data (profile, messages, plans, progress logs) by visiting Settings > Account Management and selecting "Delete Account". Deletion is immediate and irreversible.
  • Data portability: You may contact us at support@bobpat.ai to request a copy of your personal data in a portable format.

8. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):

  • Right to Know: You may request information about the categories and specific pieces of personal information we have collected about you, the sources from which we collected it, the purposes for which we use it, and the third parties with whom we share it.
  • Right to Delete: You may request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Correct: You may request correction of inaccurate personal information we maintain about you.
  • Right to Opt Out of Sale or Sharing: We do not sell or share your personal information with third parties for cross-context behavioral advertising. You have the right to opt out of any future sale or sharing of your personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To exercise your California privacy rights, please contact us at support@bobpat.ai. We will respond to verified requests within 45 days as required by law.

9. Do Not Sell or Share My Personal Information

BobPat AI does not sell, rent, or share your personal information with third parties for monetary consideration or for cross-context behavioral advertising purposes. Your data is used solely to provide and improve the BobPat AI service.

10. Data Retention

We retain your personal data for as long as your account is active. When you delete your account, all personal data associated with your account — including your profile, chat messages, generated plans, and progress logs — is permanently and immediately deleted from our systems. We do not retain personal data after account deletion, except as required by applicable law.

11. Data Security

We implement reasonable technical and organizational security measures to protect your personal data, including encryption in transit (HTTPS/TLS), encrypted database storage, hashed passwords (bcrypt), and HTTP-only secure session cookies. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

12. Children's Privacy (COPPA)

BobPat AI is intended for users who are 18 years of age or older. We do not knowingly collect personal data from anyone under the age of 18. If you believe we have inadvertently collected data from a minor under 18, please contact us immediately at support@bobpat.ai so we can delete it promptly.

13. Medical Disclaimer

BobPat AI is not a medical service, healthcare provider, or medical device as defined by the U.S. Food and Drug Administration (FDA). The information and plans provided through this service, including AI-generated workout and nutrition content, are for general wellness and informational purposes only and do not constitute medical advice, diagnosis, or treatment. Always consult a qualified healthcare professional before beginning any new exercise or dietary program, especially if you have any pre-existing health conditions or injuries.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of BobPat AI after any changes constitutes your acceptance of the updated policy.

15. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have a data-related concern, please contact us at support@bobpat.ai. We will respond to data requests within 30 days (or 45 days for verified CCPA requests).