NateNate

Privacy Policy

Last updated: 15 December 2025

This Privacy Policy explains how Nate Labs Ltd ("Nate", "we", "us") collects, uses, shares, and protects personal information when you visit our website, use our mobile app, or interact with our services (together, the "Services").

If you have any questions, contact us at hello@teamnate.app.

1) Who we are

Controller (UK/EU data protection law): Nate Labs Ltd

Contact email: hello@teamnate.app

If you're in the UK, our supervisory authority is the Information Commissioner's Office (ICO).

2) What personal data we collect

We collect information in the following categories (depending on what you choose to use):

A) Account and profile data

  • Name (if provided)
  • Email address
  • Password (stored in hashed form)
  • Basic profile details you provide (e.g., age range, sex/gender, height, weight, training experience, goals)

B) Fitness, health, and lifestyle data (you choose what to provide)

  • Workout plans, sessions, sets/reps/weights, exercise history
  • Body metrics and progress data (e.g., weight check-ins, measurements, photos if you upload them)
  • Nutrition targets and logs (e.g., calories/macros, meals you enter)
  • Recovery/wellbeing inputs you provide (e.g., sleep, soreness, energy)
  • Activity data from connected services (e.g., step counts) if you connect them

Note: Some of this may be considered health-related data under data protection laws. You control what you enter and what you connect.

C) Messages and content you submit

  • Messages to Nate (chat prompts and responses)
  • Support requests and bug reports
  • Any content you choose to upload (e.g., photos, notes)

D) Payments and subscriptions

If you purchase a subscription, payments are handled by third parties (e.g., Apple, Google, Stripe, PayPal) and subscription management may be handled by a provider like RevenueCat.

We may receive limited billing-related info (e.g., subscription status, renewal dates, purchase identifiers), but we do not receive your full card details from Stripe/PayPal, nor your Apple/Google payment card data.

E) Device, usage, and technical data

  • IP address, device type, OS version, app version
  • Approximate location (derived from IP)
  • Log data (e.g., pages/screens viewed, features used, crash/error diagnostics)
  • Cookie and similar tracking data (website)

3) How we use your data

We use personal data to:

  • Provide the Services (create your account, generate plans, deliver coaching, sync data)
  • Personalise your experience (tailor training and nutrition recommendations)
  • Operate and secure the Services (fraud prevention, account security, troubleshooting)
  • Improve Nate (analytics, performance monitoring, feature improvement)
  • Communicate with you (service messages, support, important updates)
  • Process subscriptions (verify entitlements, manage access)
  • Comply with legal obligations (tax, accounting, enforcing terms, responding to lawful requests)

4) Our legal bases (UK GDPR / EU GDPR)

We rely on one or more of the following:

  • Contract: to provide the Services you request (e.g., generating and delivering your plan)
  • Consent: where required (e.g., connecting certain device/health data sources, marketing emails)
  • Legitimate interests: to run and improve Nate (e.g., service analytics, security, preventing abuse)
  • Legal obligation: where we must comply with law (e.g., accounting, regulatory requests)

Where we rely on consent, you can withdraw it at any time (see section 9).

5) AI and automated recommendations

Nate uses software (including machine learning models) to generate training, nutrition, and coaching recommendations based on the information you provide.

  • These recommendations are guidance and should be used with judgment.
  • We do not make decisions that produce legal or similarly significant effects about you.
  • You can update your inputs at any time to change recommendations.

6) How we share your data

We share personal data only as needed to run Nate, including with:

A) Service providers (processors)

Examples include providers for:

  • Hosting and databases
  • Analytics and crash reporting
  • Customer support tooling
  • Email/push notification delivery
  • Subscription management (e.g., RevenueCat)
  • Payment processing (e.g., Stripe, PayPal)
  • App stores (Apple/Google) for in-app purchases and subscription validation
  • AI infrastructure/providers used to deliver chat and recommendation features

These providers are contractually required to protect your data and only process it on our instructions.

B) Legal and safety

We may disclose information if we believe it's reasonably necessary to:

  • comply with law or valid legal process
  • protect the rights, safety, and security of Nate, our users, or others
  • investigate fraud, abuse, or security incidents

C) Business transfers

If we're involved in a merger, acquisition, financing, or sale of assets, your data may be transferred as part of that transaction (with appropriate safeguards).

7) International transfers

We are UK-based, but some of our service providers may process data outside the UK/EEA (for example, in the United States).

Where this happens, we use appropriate safeguards such as:

  • UK International Data Transfer Agreement (IDTA) and/or EU Standard Contractual Clauses (SCCs)
  • additional technical and organisational measures where appropriate

8) Data retention

We keep personal data only for as long as necessary for the purposes described in this policy, including:

  • While your account is active
  • After you close your account, for a limited period where needed for legal, security, dispute resolution, and backup integrity

Typical retention approach (guideline):

  • Account and plan data: retained until you delete your account (then scheduled for deletion)
  • Support and security logs: retained for a limited period (e.g., months)
  • Financial/subscription records: retained as required by tax/accounting laws

You can request deletion at any time (see section 9).

9) Your rights (UK/EU)

Depending on where you live, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data
  • Restrict or object to certain processing
  • Port your data
  • Withdraw consent (where we rely on consent)

To exercise these rights, contact hello@teamnate.app.

Complaints

If you're in the UK and you're unhappy with how we handle your data, you can complain to the Information Commissioner's Office (ICO).

10) Cookies and similar technologies (website)

We use cookies and similar technologies to:

  • make the website work (essential cookies)
  • understand usage and improve performance (analytics)
  • measure marketing effectiveness (where enabled)

You can control cookies via your browser settings.

11) Security

We use reasonable administrative, technical, and organisational measures to protect your data, such as:

  • encryption in transit (and where appropriate, at rest)
  • access controls and least-privilege practices
  • monitoring, logging, and abuse prevention

No method of transmission or storage is 100% secure, but we work hard to protect your information.

12) Children

Nate is not intended for children. If you are under 16, do not use Nate or provide personal data without a parent/guardian's involvement where required by law.

13) Third-party links and integrations

Our Services may link to third-party sites or allow you to connect third-party services. Their privacy practices are governed by their own policies, not ours. Review those policies before connecting or sharing data.

14) Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we'll take reasonable steps to notify you (e.g., in-app or via email). The "Last updated" date reflects the latest version.

15) Contact us

For privacy questions or requests:

Email: hello@teamnate.app

Company: Nate Labs Ltd