Privacy Policy

Last updated: January 2025

Introduction

Welcome to Fastly ("we," "our," or "us"), operated by ZF Solutions AB, a company registered in Sweden (Org. No. 559439-8116). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, and safeguard your data when you use our mobile application and services.

Data Controller:
ZF Solutions AB
Minkvägen 46
Stockholm, Sweden
Email: hello@fastlyapp.co

Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Password (encrypted)
  • Account preferences

Fasting Data

To provide our core services, we collect and store:

  • Fasting start and end times
  • Fasting goals and preferences
  • Weight tracking data (optional)
  • Notes and journal entries (optional)

Usage Information

We automatically collect certain information about how you use the app:

  • Device information (model, operating system version)
  • App usage statistics
  • Crash reports and diagnostic data

How We Use Your Information

We use the collected information to:

  • Provide and maintain our fasting tracking services
  • Personalize your experience and provide customized recommendations
  • Send you notifications about your fasting schedule (with your permission)
  • Analyze app usage to improve our services
  • Process payments and manage subscriptions
  • Respond to your support requests
  • Detect and prevent fraud or security issues

Data Storage and Security

Your data is stored securely using industry-standard encryption:

  • All data is encrypted in transit using SSL/TLS
  • Data at rest is encrypted using AES-256 encryption
  • We use Supabase for secure cloud storage
  • Payment information is processed securely through RevenueCat and Apple

Third-Party Services

We work with trusted third-party service providers to deliver and improve our services:

Supabase - Database and authentication services
Purpose: Secure storage of your account information and fasting data
Privacy Policy: supabase.com/privacy
RevenueCat - Subscription and payment processing
Purpose: Managing subscription status and entitlements across platforms
Privacy Policy: revenuecat.com/privacy
Apple App Store - In-app purchases and subscriptions
Purpose: Processing payments for iOS in-app purchases
Note: We do not have access to your Apple payment information. All payment processing is handled securely by Apple.
Privacy Policy: apple.com/privacy
Stripe - Payment processing for web purchases
Purpose: Processing payments for subscriptions purchased through our website
Note: We do not store your credit card information. All payment data is processed and stored securely by Stripe.
Privacy Policy: stripe.com/privacy

Apple-Specific Privacy Information

In-App Purchases

When you make purchases through the Apple App Store, Apple processes your payment information. We only receive confirmation of your purchase and your subscription status. We do not receive or store your credit card information, billing address, or other payment details.

Subscription Management

Your App Store subscriptions are managed through your Apple ID settings. We receive limited information about your subscription status (active, expired, cancelled) to provide you with appropriate access to premium features.

Data Not Collected

We do NOT collect:

  • Payment card information
  • Billing addresses
  • Health data from Apple Health/HealthKit
  • Location data (unless explicitly granted and only while using the app)
  • Contacts or photos
  • Data from other apps

Data Linked to You

The following data is collected and linked to your identity:

  • Email address (for account management)
  • Fasting session data (times, durations, goals)
  • User preferences and settings
  • Purchase and subscription history

Data Not Linked to You

The following data may be collected but is not linked to your identity:

  • Crash logs and diagnostics
  • Anonymous usage statistics
  • Performance metrics

Your Rights and Choices

General Rights

You have the right to:

  • Access - Request a copy of your personal data
  • Correction - Update or correct your information
  • Deletion - Request deletion of your account and data
  • Export - Download your data in a portable format
  • Opt-out - Disable notifications and marketing communications

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions
  • Right to Opt-Out: You have the right to opt-out of the "sale" of your personal information. We do not sell your personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

To exercise any of these rights, contact us at hello@fastlyapp.co

Do Not Sell My Personal Information

We do not sell, rent, or share your personal information with third parties for their marketing purposes. We do not engage in the sale of personal information as defined by the CCPA or other privacy laws.

Data Retention

We retain your personal data only as long as necessary to provide our services and comply with legal obligations:

  • Active Accounts: Your data is retained for as long as your account is active
  • Cancelled Subscriptions: Your data remains accessible even after subscription cancellation, allowing you to maintain your fasting history
  • Account Deletion: When you request account deletion, we will delete your personal data within 30 days, except where required by law to retain certain records (e.g., transaction history for tax purposes)
  • Backup Systems: Deleted data may remain in backup systems for up to 90 days

Children's Privacy

FastTrack is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at hello@fastlyapp.co. We will take steps to delete such information from our systems within 30 days.

Age Verification: By creating an account, you represent that you are at least 13 years old. Users between 13 and 18 years old must have parental or guardian consent to use the App.

Cookies and Tracking Technologies

Our mobile app does not use cookies. However, our website may use the following:

  • Essential Cookies: Required for website functionality and security
  • Analytics: We may use analytics services to understand how visitors use our website (anonymous data only)

You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.

Health Data Disclaimer

Important: Fastly is a wellness tool and is not intended to diagnose, treat, cure, or prevent any disease or medical condition. The app does not provide medical advice. Always consult with a qualified healthcare provider before starting any fasting program or making changes to your diet or exercise routine.

International Data Transfers

Fastly is operated by ZF Solutions AB, based in Sweden (European Union). Your data is primarily processed and stored within the EU through our service providers.

Cross-Border Transfers: Some of our service providers (Supabase, Stripe) may process data in the United States or other countries. These transfers are protected by:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • EU-U.S. Data Privacy Framework compliance (where applicable)
  • Appropriate technical and organizational security measures

We ensure that all international data transfers comply with GDPR requirements and provide adequate protection for your personal data.

Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: To provide our fasting tracking services to you
  • Consent: For optional features, marketing communications, and notifications (you can withdraw consent at any time)
  • Legitimate Interests: To improve our services, prevent fraud, and ensure security
  • Legal Obligation: To comply with applicable laws and regulations

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Supervisory Authority

As a company based in Sweden (EU), we are subject to the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY). If you are in the EU and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with IMY or your local data protection authority.

Swedish Authority for Privacy Protection (IMY)
Website: www.imy.se
Email: imy@imy.se

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Data Controller: ZF Solutions AB

Address: Minkvägen 46, Stockholm, Sweden

Email: hello@fastlyapp.co

Support: hello@fastlyapp.co