Privacy Policy

Last Updated: August 29th, 2019


At BodyFrame, we appreciate that you trust us with your information and we intend to always keep that trust. This starts with making sure you understand the information we collect, why we collect it, how it is used and your choices regarding your information. This Privacy Policy (the “Policy”) describes our privacy practices in plain language, keeping legal and technical jargon to a minimum.
We do not compromise with your privacy. We design all of our products and services with your privacy in mind. We involve experts from various fields, including legal, security and others to make sure that no decision is taken without respect for your privacy.
We strive to be transparent in the way we process your data. Because we use many of the same online services you do, we know that insufficient information and overly complicated language are common issues in privacy policies. We take the exact opposite approach: we have written our Policy and related documents in plain language. We actually want you to read our policies and understand our privacy practices!
We work hard to keep your information secure. We have teams dedicated to keeping your data safe and secure. We constantly update our security practices and invest in our security efforts to enhance the safety of your information.


1.    WHO WE ARE



This Policy applies to websites, apps and other services operated by BodyFrame. For simplicity, we refer to all of these as our "Services" in this Policy. 
In order to provide you with an awesome user experience, we may collect the information described below. Some of this information you provide to us and some we collect automatically.  We may also collect information from our business partners, and from other third parties as we further describe in this Policy. In addition to this information, we may also automatically collect information from your Facebook friends when they reply to Facebook comments you have uploaded to our site (e.g., their name, comment and photo). We may combine the personal information that we receive from different sources. If you use our intermittent fasting tracker mobile application, Window, you should review the additional terms in Section 17 of this policy for information about what data we collect and how we may use or share your data.
Information you give us
You give us certain information when using our Services. This includes:

•    When you create your account, you provide us with your login credentials, such as email address, name and password. This is to allow you to access the Services more securely and in certain products, access your content on both our web and mobile version of the product.
•    To customize our Services to your requirements, we will ask you to tell us about your goals and other related information. Separately, we may offer you opportunities to add further information, which will provide additional customization of the Services for you. If you choose not to share some or all of this information with us, you will not have access to certain features of our site and mobile applications.
•    To use certain features in our Services, like uploading photos to create a profile picture or sharing through social features, you may allow us to access your camera and photos. Depending on your device, Apple and Android system will ask for your permission before allowing us to access these features.
•    Content, comments, photographs, video submissions or your likeness when you provide it to us as part of our community features, e.g., when you post or share such content to our website or mobile applications’ social features, to social media, such as Facebook, using our website or mobile application or directly to our Facebook page.
•    Features that allow you to share content about your use of our Services with your connections or through your social network.
•    If you contact our support team, we collect the information you give us during the interaction.
Information we automatically collect

We also may automatically collect other types of information in the following ways when you visit the BodyFrame website or engage with one of BodyFrame’s mobile applications:

•    Our server logs automatically collect information, such as:
o    IP address
o    Browser type/version (for example: Firefox 59.0.2 (64 bit))
o    Browser language (for example: German)
o    Operating system used (for example: Windows 10)
o    Internal resolution of the browser window
o    Service provider and signal strength
o    Hardware and software information
o    Device Type
o    AdvertisingID (such as Google's AdvertisingID and Apple's IDFA, both of which are randomly generated numbers that you can reset by going into your device's settings)
o    Adjust ID (this identifier lets us know where our users found our Services online.
o    Time zone
o    Identifiers associated with cookies or other technologies that may uniquely identify your device or browser (e.g., IMEI/UDID and MAC address)
o    Screen resolution
o    JavaScript activation
o    Java on / off
o    Cookies on / off 
o    Colour depth
o    Referrer
o    Time of access

We process this automatically collected data for the following reasons:

•    For the technical provision of our Services in order to be able to provide you with a functioning user friendly experience
•    To provide you with a secure experience and to take measures to protect our website and mobile applications from cyber risks
•    For internal analytics to help us understand your use of our website and mobile applications in order to improve our Services
•    We may assign your computer one or more cookies which may collect information to facilitate access to our website and to personalize your online experience. 
•    We may use standard Internet and mobile tools, such as web beacons, which collect information that tracks your use of our website and/or mobile application and enables us to customize our Services and advertisements.
•    We may use third party analytics tools, such as Google Analytics, to collect and analyze certain user information and behavior in addition to the information we automatically collect from you. This information may include demographic and interest information, such as age, gender and users interests. We use this information for internal business purposes on an aggregated, anonymous basis. To opt-out of Google Analytics data collection, you can visit the following site and follow the opt-out procedures:
•    We may also use certain information, such as the URL of the last web page you visited before coming to our website, your preferences and settings (e.g., time zone), how long you stayed on our website and what Services and features you used for internal analytics and to help us better understand our current and potential customers. We may use this information on an aggregated basis to help us reach out to new potential customers

Information we receive from others
In addition to the information you provide us directly, we receive information about you from others, including:
We may receive information about you from our partners, for instance where our ads are published on a partner's website or platform (in which case they may pass along details on a campaign's performance).
•    App Stores
If you purchase a subscription to one of our apps, neither Google nor Apple provide us with any personal information of the subscription purchaser (like name, email or payment information). Only an anonymized Subscription ID or Order ID gets transferred to BodyFrame. If you create a BodyFrame account, this anonymized subscription information gets attached to your record for the purpose of subscription sharing with your BodyFrame account across multiple devices.
•    Social Media
Some of our mobile applications may offer you the ability to register and login using your third party social media or email account details (like your Facebook or Google logins). Where you choose to do this, we will receive
certain profile information about you from your social media or email provider. The profile information we receive may vary depending on the app you are using, and on the third party provider concerned, but may often include details which may include your name, e-mail address, mobile phone number and friends list. If you login using your Facebook account, your e-mail or your phone number, then we may receive a unique ID in connection with this login. This is solely used for confirmation purposes and is kept separate from all other online identifiers. We will use the information we receive only for the purposes that are described in this Policy or that are otherwise made clear to you in the app you are using. Please note that we do not control, and are not responsible for, other uses of your personal information by your third party social media or email provider. We recommend that you see their privacy policies to understand how they collect, use and share your information, and how you can set your privacy preferences on their sites and apps.

When you use the Service, we may send one or more cookies, small text files containing a string of alphanumeric characters, to your device. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Service. Consult your device's web browser "Help" file to learn the proper way to modify your cookie settings.
For example, when you sign in to our website, we will record your user or member ID and the name on your user or member account in the cookie file on your computer.
We also may record your password in this cookie file. For security purposes, we will encrypt any usernames, passwords, and other user or member account-related data that we store in such cookies. In the case of sites and services that do not use a user or member ID, the cookie will contain a unique identifier. We may allow our authorized service providers to serve cookies from our website to allow them to assist us in various activities, such as doing analysis and research on the effectiveness of our site, content and advertising.
We and our partners may use one or more types of cookies in connection with the Services, classified into one of five categories, namely 'Strictly Necessary Cookies, 'Functionality Cookies', ‘Performance cookies', Targeting Cookies', and 'Social Media Cookies'. We've set out some further information about each category, and the purposes of the cookies we and third parties may set in the following table.
You may also delete or decline cookies by changing your browser settings. (Click "Help" in the toolbar of most browsers for instructions.) If you do so, some of the features and services of our website may not function properly.


Type of cookie    What it does


Strictly Necessary Cookies    These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
These cookies do not store any personally identifiable information.

Functionality Cookies    These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.


Performance Cookies    These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance


Targeting Cookies    These cookies may be set through by our advertising partners serving ads on that site. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites.
They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Type of cookie    What it does


Social Media Cookies    These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools

Note to readers of If you access, we use cookies and similar technologies to collect and store information when you interact with that site, including viewing ads. We, and certain third parties we work with e.g. ad networks and data management platforms, may also use these technologies to better target ads to you based on your online browsing activities.
We may also use web beacons when you visit the BodyFrame website.
Web beacons (also known as clear gifs, pixel tags or web bugs) are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web users or to access cookies. Unlike cookies which are stored on the user’s computer hard drive, web beacons are embedded invisibly on the web pages (or in email) and are about the size of the period at the end of this sentence.
Web beacons may be used to deliver or communicate with cookies, to count users who have visited certain pages and to understand usage patterns. We also may receive an anonymous identification number if you come to our site from an online advertisement displayed on a third-party website.
More information on our use of cookies on our websites can be found in our Cookie Policy.

As described in Sections 3 and 5 of this Policy, we sometimes work with third parties to deliver offers. Sometimes we or these third parties do so through a mobile "SDK." The SDK is a bit of computer code that app developers can include in their apps to enable data to be collected and notifications to be shown. We may use this and similar technology to deliver certain notifications about our Services that may be of interest to you through mobile applications and browsers based on data we automatically collect from you. If you wish to opt out of these notifications through your mobile device, you can turn off notifications through your device "settings."
The main reason we use your information is to deliver and improve our Services. Additionally, we use your info to help keep you safe and to communicate with you. Read on for a more detailed explanation of the various reasons we use your information, together with practical examples.
To administer your account and provide our Services to you

•    Identify, establish and manage your account, your preferences and our relationship with you
•    Process payment for products or Services you purchase via our website;
•    If you register for one of our mobile applications, for your convenience, we may port over your login and/or profile data to other mobile applications that you purchase from us.
•    Publicly display feedback and comments posted by you on our properties (e.g., use your name, photograph, video submissions and comments when you choose to post through the community features on our site or mobile applications or to Facebook);
•    Display information about your friends (e.g., their name, photograph and comments) that is automatically uploaded when they comment on Facebook messages that you post to our site;
•    Provide you with customer support and respond to your requests

To ensure a consistent experience across your devices

•    Link the various apps and devices you use, so that you can enjoy a consistent experience of our Services on all of them. This will allow us to form a single view of your use of our Services, so you can easily access your subscription on additional devices.

To communicate with you

•    With your consent, to send you newsletters and special offers through email. BodyFrame uses a third party provider, Iterable, to send these emails.
•    You can opt-out of receiving direct marketing communications from us by following the unsubscribe instructions included in our marketing communications. You may still receive non-marketing emails with important information about your account.
•    To send you non-marketing emails or messages, such as those related to transactions, your account, security, or product changes. Examples of service- related messages include an email address confirmation/welcome email when
you register your account, service availability, modification of key features or functions and correspondence with our support team.

To improve our Services and develop new ones

•    Conduct research and analysis of users' behavior to improve our Services and content (for instance, we may decide to change the look and feel or even substantially modify a given feature based on users' behavior). This software may record information such as how often you use the Services, what happens within the Services, aggregated usage, performance data, app errors and debugging information, and where the apps were downloaded from.
•    Develop new features and Services (for example, we may decide to build a new feature further to requests or feedback received from users.
•    BodyFrame uses the Google Analytics tool Firebase in order to carry out analysis on personal information which is gathered by us to carry out data analysis. Any personal information (including App Identifiers) which are provided to Google will become subject to Google's Policy which is located here:

To prevent, detect and fight fraud or other illegal or unauthorized activities

•    We have assessed and created our Services with your privacy in mind. For example, some of our settings default to ON for your safety like encryption; while some of our settings like push notifications default to OFF.
•    Perform data analysis to better understand and design countermeasures against these activities
•    Retain data related to fraudulent activities to prevent against recurrences

To ensure legal compliance

•    Comply with legal requirements
•    Assist law enforcement
•    Enforce or exercise our rights (See our Terms of Service)

To process your information as described above, we rely on the following legal bases:

•    Provide our service to you: Most of the time, the reason we process your information is to perform the contract that you have with us.
•    Legitimate interests: We may use your information where we have legitimate interests to do so. For example, we analyze users' behavior on our Services to continuously improve our offerings and we process information for administrative, fraud detection and other legal purposes.
•    Consent: From time to time, we may ask for your consent to use your information for certain specific reasons, such as to send you email marketing communications. You may withdraw your consent at any time where indicated in the Services or by contacting us at the address provided at the end of this Policy.

Since our goal is to provide the best Services we can to you, the main sharing of users' information is with service providers and partners who assist us in operating the Services, with other IAC Group companies and, in some cases, legal authorities. Read on for more details about how your information is shared with others.
With our service providers and partners

•    We use third parties to help us operate and improve our Services. These third parties assist us with various tasks, including data hosting and maintenance, analytics, marketing, advertising and security operations. Some examples of our providers are:
o    Iterable (Customer Engagement)
o    Braze (Customer Engagement)
o    Firebase (Analytics)
o    Looker (Analytics and Reporting)
o    Braintree (Payment Processor)
•    We use your non-personal information (meaning information that, by itself, does not identify who you are such as device information) for targeted online marketing through tools like Facebook Custom Audience to contact interested parties.
•    If you are a user living in the United States of America ONLY, subscribed to the Services as a result of an offer through your healthcare provider (e.g.,
Cigna, Aetna, Humana) and if you consented, we may provide information about your use of the Services to such provider.
•    We follow a strict vetting process prior to engaging any service provider or working with any partner.

With other IAC Group companies
BodyFrame is part of the IAC Group family of businesses which, as of the date of this Policy, includes websites and apps such as Ask Applications, Apalon and iTranslate (for more details, click ).
We share your information with other IAC Group companies to:

•    assist us in technical processing operations, such as data hosting and maintenance, finance, legal, HR and accounting assistance, securing our data and systems and fighting against spam, abuse, fraud, infringement and other wrongdoings.
•    for legitimate business purposes such as corporate audit, analysis and consolidated reporting as well as compliance with applicable laws.

For corporate transactions
We may transfer your information if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.
When required by law
We may disclose your information if reasonably necessary: (i) to comply with a legal process, such as a court order, subpoena or search warrant, government / law enforcement investigation or other legal requirements; (ii) to assist in the prevention or detection of crime (subject in each case to applicable law); or (iii) to protect the safety of any person.
To enforce legal rights
We may also share information: (i) if disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary to protect our legal rights and legal rights of our users, business partners or other interested parties; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.
With your consent or at your request
We may ask for your consent to share your information with third parties. In any such case, we will make it clear why we want to share the information.

Sharing of information laid out in Section 6 sometimes involves cross-border data transfers, for instance from the EEA to the United States of America and other jurisdictions. The United States, EEA Member States, and other countries all have different laws. When your information is moved from your home country to another country, the laws and rules that protect your personal information in the country to which your information is transferred may be different from those in the country in which you live.
The European Commission has adopted standard contractual clauses (also known as Model Clauses), which provide safeguards for personal information that is transferred outside of the EEA. If you live in the EEA, the company responsible for your information, IAC SAM EU, uses these Model Clauses or other suitable safeguards (such as EU-US Privacy Shield to send personal information to our partners and third party service providers in the United States, where they are certified to receive such information under the Privacy Shield Program ) to permit data transfers from the EEA to other countries.

We want you to be in control of your information and be aware of your privacy rights, so here are a few key points to remember:
Depending on your location you may have some or all of the following rights in relation to how we use your personal information:

•    Access: you may request access to your personal information and receive copies of it;
•    Correction: you may have inaccurate/incomplete personal information corrected and updated;
•    Object to, or Limit or Restrict, Use of Data: you can ask us to stop using all or some of your personal information or to limit our use of it.
•    Deletion: in certain circumstances, you can request a right “to be forgotten” (this is a right to have your information deleted or our use of your data restricted). We will honour such requests unless we have to retain this information to comply with a legal obligation or unless we have an overriding interest to retain it.
•    Portability: in certain circumstances, exercise the right to data portability (this is a right to obtain a transferable version of your personal information to transfer to another provider)
•    Consent Management: where we rely on consent to process your personal data, you may withdraw consent at any time. You do not have to provide a reason for your withdrawal where processing is based on consent.
If you wish to exercise any of these rights, or wish to object to our use of your information, please write to us at the address listed below and we will consider your request in accordance with applicable laws.
Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on the rights and freedoms of another person. For example, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.
For your protection, we may ask you to provide proof of identity before we can answer the above requests.
Device permissions. Mobile platforms have permission systems for specific types of device data and notifications, such as camera and microphone as well as push notifications. Where applicable, you can change your settings on your device to either consent or oppose the collection of the corresponding information or the display of the corresponding notifications. Of course, if you do that, certain Services may lose full functionality.
Uninstall. You can stop all information collection by an app by uninstalling it using the standard uninstall process for your device. If you uninstall the app from your mobile device, the unique identifier associated with your device will continue to be stored. If you re-install the application on the same mobile device, we will be able to re-associate this identifier to your previous transactions and activities.

The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and after it is received. Your account information is protected by a password. We work hard to protect you from unauthorized access to or alteration, disclosure or destruction of your personal information. As with all technology companies, although we take steps to secure your information, we do not promise, and you should not expect, that your personal information will always remain secure. We regularly monitor our systems for possible vulnerabilities and attacks and regularly review our information collection, storage and processing practices to update our physical, technical and organizational security measures.
We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. If you believe that your account or information is no longer secure, please notify us immediately at

We know that our customers lead busy active lives and, similar to a gym membership, sometimes may need to turn off our service for a while and then join back at a later time. For your convenience, we retain your profile and account information for so long as you use our Services and for up to 2 years following your suspension of Service so that you can be up and running quickly when you are ready to return.
Unless you have opted out, we may continue to keep you on our email list for so long as you use our Services and for up to 2 years thereafter to make you aware of improvements to our features and special offers. You can opt-out of those emails at any time.  We retain other information only for as long as is necessary for the purposes set out in this policy, for as long as your account is active or as needed to provide the Services to you. We will also retain and use your information to the extent necessary:

•    to comply with applicable law;
•    to evidence our compliance with applicable law;
•    if there is an outstanding issue, claim or dispute requiring us to keep the relevant information until it is resolved; or
•    if the information must be kept for our legitimate business interests, such as enforcing our terms or fraud prevention. For example, information may need to be kept to prevent a user who was banned for security incidents from opening a new account.

Keep in mind that even though our systems are designed to carry out data deletion processes according to the above guidelines, we cannot promise that all data will be deleted within a specific timeframe due to technical constraints.

Our Services are intended for general audiences over the age of 18 years old. We do not knowingly collect information from children under the age of 18 years old. If you are not over 18 years old then DO NOT
DOWNLOAD OR USE THE SERVICES. If you believe that we may have personal information from or about a child under the age of 18 years old please contact us at and we will promptly delete that personal information.

Because we're always looking for new and innovative ways to help you enjoy our services, this policy may change over time. We will notify you of any material changes to the way we use your information so that you have time to review the changes.

For our European users, our Data Protection Officer is responsible for ensuring your rights are respected and to review and oversee how we collect and use your personal information. They can be reached by contacting

If you have questions about this Policy, here's how you can reach us:

The BodyFrame website and mobile applications may link to websites operated by third parties that we do not control. We do not monitor, control, or endorse the information collection or privacy practices of any third parties. We strongly encourage you to become familiar with the privacy practices of every website you visit and to contact them if you have any questions about their respective privacy policies and practices.

Under the California Shine The Light law, California residents have the right to request from us a list of all third parties to which we have disclosed personal information during the preceding year for direct marketing purposes. We do not currently engage in the type of sharing covered by that law and so no such list exists. For questions about this policy, please contact us at We do not obey Do Not Track signals from a user’s Internet browser. We make no representations concerning third parties that do not collect personal information
directly through the Website. These disclosures are made under Cal. Bus. & Prof. Code § 22575.

Window: Except as otherwise provided herein, if you use Window, we may use and share your data as set forth in this Privacy Policy. If you choose to enter your weight and connect to Apple Health Data, Window does not pass or share this data.