Hyperhuman logo
Features
Pricing
Launch Your App
Delivery API
GET STARTED

Privacy Policy

Last Updated: October 1, 2025
Effective Date: October 2, 2025

This policy (together with our Terms and Conditions of Service) explains what personal data we collect, how we use it, and when we share it. It applies to:

  • Consumers using Hyperhuman Club and Training HQ (web apps) and any white-label apps powered by Hyperhuman (the “Consumer Apps”).
  • Team users (organization owners, admins, members, trainers) using Hyperhuman Teams (web app), our Public API, and related tools (the “Business Platform”).

The data controller is Hyperhuman S.R.L., Str. Plugarilor nr. 8G, 500473 Brașov, Romania (EU). Contact: support@hyperhuman.cc. In some cases we act as processor for business customers (see §3.2).

1. Data We Collect

1.1 Information You Provide

  • Account & profile: name, email, password, phone (optional), avatar/photo, country/region, language, timezone, role.
  • Fitness profile (Consumer Apps): age range/date of birth, gender (optional), height/weight (optional), goals, preferences, injuries/limitations (optional).
  • Content & media: videos, images, audio, captions, exercise notes, comments/feedback, forms/messages; CloneMotion™ inputs (trainer images/video) and related consent documentation you upload.
  • Commerce: plan, billing address, tax/VAT IDs (Business), purchase history. Payment cards are processed by our payment processor (e.g., Stripe); we do not store full card details.
  • Support: tickets, chat, email correspondence, call notes.

1.2 Information We Collect Automatically

  • Device & network: IP address, device identifiers, browser/OS, app version, screen size, time zone, language, referrer, crash logs.
  • Usage & telemetry: pages/screens viewed, clicks, session duration, features used, exports, API calls, render/transcode events, errors, performance metrics.
  • Playback & personalization: workouts viewed, progress, completions, ratings, favorites, recommendations shown/clicked.
  • Cookies/SDKs: identifiers for authentication, settings, analytics, and (where permitted) marketing (see §12).

1.3 Health, Activity & Wearables (Optional)

  • Wearables/aggregators (e.g., ROOK, Apple HealthKit, Google Fit): heart rate, duration, steps, estimated calories, workout metadata, rep counts, and similar metrics only if you connect/grant access.
  • Apple HealthKit / Motion & Fitness / Google Fit data is used solely for health/fitness features (personalization, progress, analytics) and never for marketing/advertising or data brokerage. Revoke access anytime in device settings.
  • Do not submit special-category/sensitive data unless necessary for the service you want.

1.4 Data From Other Hyperhuman Services

If you use multiple Hyperhuman products (e.g., Consumer Apps and Business Platform), we may combine and use information across those services to provide and secure the overall experience, consistent with this policy and your settings.

2. What We Use Your Data For

2.1 Providing the Services

Account/org management, authentication, support; delivering, personalizing, and recommending workouts/programs; progress tracking; hosting, transcoding, streaming, and exporting content; AI-enabled creation features (exercise detection, CloneMotion™ silent clips, autogenerated social cuts, multilingual captions/TTS); integrations you enable (YouTube, Stripe, Wix, ROOK).

2.2 Safety, Security & Integrity

Fraud/abuse prevention, malware detection, rate-limiting, access controls, audit logs, incident response, enforcing our terms.

2.3 Improvements & Analytics

Debugging, QA, A/B tests, performance tuning, usage analytics, de-identified/aggregated statistics for capacity planning and product decisions.

2.4 Communications & Marketing

Service messages (account, security, policy updates), onboarding tips, surveys. With consent where required: newsletters, offers, and remarketing (opt out anytime).

2.5 Legal & Compliance

Tax/accounting records; responding to lawful requests; meeting regulatory obligations.

3. Roles, Legal Bases & AI

3.1 Legal Bases (EEA/UK)

  • Contract (to provide the Services); Legitimate interests (security, improvement, analytics); Consent (wearables, some marketing/cookies, optional device permissions); Legal obligation (records, lawful requests).

3.2 Controller vs. Processor

  • Consumer Apps: Hyperhuman is controller.
  • Business Platform: Hyperhuman is processor for end-user data our business customers control; Hyperhuman may be controller for team account/billing/security data. A DPA with SCCs is available where required.

3.3 AI Features & Your Data

  • Features (e.g., exercise detection/labeling, CloneMotion™) process content you upload/authorize. CloneMotion generates silent video clips only—no voice cloning or speech generation.
  • We do not use your private content to train general-purpose foundation models unless you opt in. We may use aggregated/de-identified analytics to improve features and safety.
  • You must have rights/consents to any likeness used as CloneMotion input and to any audio you later add (music, narration, TTS).

4. Information We Receive From Other Sources

This includes information we receive about you if you use other services we provide. We work closely with third parties (e.g., business partners; sub-contractors for technical, payment and delivery services; advertising networks; analytics providers; search information providers; credit reference agencies). We will notify you when we receive information about you from them and the purposes for which we intend to use that information.

This also includes information obtained when you access the Site and/or any of the Services through a social media or other account operated by a third party, such as Facebook, Instagram, Google or YouTube API Services. Any information about you that we receive from such third parties will be governed by their privacy policies as well as ours.

Google & YouTube APIs. Hyperhuman’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Google’s privacy policy can be found there, and you can revoke app access in your Google security settings.

5. Additional Information We May Request & Third-Party Services

For a better experience, we may require certain personally identifiable information, including but not limited to name, email, location, body measurements, date of birth. The information we request will be retained and used as described in this policy.

The apps/services use third-party services that may collect information used to identify you. Examples include (non-exhaustive):

  • Google Analytics
  • Firebase Crashlytics
  • Facebook
  • YouTube API Services

6. Not Sharing Your User Data With AI Models

As part of our commitment, the Hyperhuman Product does not share user data with AI models. The Hyperhuman Product doesn’t share your user data with AI models, other external parties, external databases, or external platforms for model training. See §3.3 for our limited, aggregated/de-identified analytics use.

7. Sharing Your Information

We share personal data only as needed to operate the Services or as required by law:

  • Service providers/subprocessors (hosting/CDNs, analytics/crash reporting, email/SMS, support tooling, rendering/transcoding, security).
  • Payment processing (e.g., Stripe for payments, payouts, chargebacks/KYC). We do not store full card numbers.
  • Integrations you enable (YouTube publishing, Wix widgets, ROOK wearables). Data flows are limited to what’s needed for the enabled integration and your configuration.
  • Organization/Distributor (white-label apps): access/enrollment and progress aggregates as part of the service.
  • Legal & safety: comply with law, enforce terms, protect users/platform.
  • Corporate transactions: merger, acquisition, financing, or sale of assets (subject to this policy).
  • Aggregated/De-identified information: for insights/reporting that does not identify you.

We do not sell your personal data.

8. International Transfers

We primarily process/store data in the EU/EEA, but may transfer data to other countries where we and our providers operate. For EEA/UK personal data, we use adequacy decisions, SCCs, and other safeguards. Backups may retain copies for limited periods under strict controls.

9. Security

We use appropriate administrative, technical, and organizational measures (encryption in transit, hardened networks, access controls, key management, endpoint protection, audits). No system is 100% secure. If a security incident is likely to pose high risk to your rights, we will notify you and authorities as required.

10. Retention

We keep data only as long as necessary for the purposes described and legal requirements:

  • Account data while active + a reasonable period for records/disputes.
  • Content/media while active or until you delete it.
  • Backups/logs for limited periods, then purged.
  • Legal holds as required by law/court order/investigation.

11. Your Rights

Depending on your location, you may have rights to access, rectify, erase, restrict, object (including marketing), port data, withdraw consent, and complain to a supervisory authority. To exercise rights, email support@hyperhuman.cc. We may verify identity and request details; we respond within required timelines (typically 1 month).

You can opt out of marketing in settings or message footers; revoke wearable and Google/YouTube access in device/account settings.

12. Cookies & Similar Technologies

We use cookies/SDKs to:

  • keep you signed in and remember preferences (strictly necessary);
  • measure performance and diagnose issues (analytics/performance);
  • improve features and personalize content (functionality);
  • where permitted, measure campaigns and show relevant messages (marketing).

Manage cookies in your browser/device settings. Blocking some cookies may impair functionality. Mobile SDK preferences can be managed in-app and via device privacy controls.

13. Children

The Services are for users 18+. We do not knowingly collect data from children. If you believe a child provided data, contact support@hyperhuman.cc so we can delete it.

14. Third-Party Links & Social Features

Third-party sites and social features are governed by their own policies. Review them before providing data; we are not responsible for their practices.

15. Account Deletion

Delete your account anytime:

  • In-app (Profile → Account → Delete Account), or
  • Email support@hyperhuman.cc or use in-app support chat.

Deletion begins promptly and completes within 10 business days, subject to legal/financial records and retention schedules. Tokens/keys are revoked. Residual backups may persist briefly and are purged per schedule. If you are an org owner/admin, transfer ownership or close the org first.

16. Changes to This Policy

We may update this policy for product or legal changes. We’ll post updates here and, where required, notify you in-app or by email. The effective date is at the top. Continued use after the effective date constitutes acceptance.

17. Contact

All privacy questions, requests, complaints, and other communications: support@hyperhuman.cc.
See our terms index at https://hyperhuman.cc/legal.