Features How It Works Pricing Testimonials
Log In Get Started

Privacy Policy

Last updated:

Table of Contents

  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. Health and Wellness Data
  5. Data Sharing and Disclosure
  6. Data Security
  7. Data Retention
  8. Your Rights and Choices
  9. Cookies and Tracking
  10. Third-Party Services
  11. Children's Privacy
  12. International Data Transfers
  13. Changes to This Policy
  14. Contact Us

1. Introduction

Welcome to Kinecta ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our wellness platform and related services (collectively, the "Services").

Kinecta provides a comprehensive wellness platform designed for allied health professionals, including physiotherapists, dietitians, exercise physiologists, personal trainers, and wellness coaches, to connect with and support their clients. Given the sensitive nature of health and wellness data, we take extra care to protect your information.

By accessing or using our Services, you agree to this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide when you:

  • Create an Account: Name, email address, password, professional credentials (for health professionals), and profile information.
  • Set Up Your Profile: Profile photo, biographical information, professional qualifications, and practice details.
  • Use Our Services: Health and wellness data, including weight, body measurements, nutrition logs, workout logs, goals, and journal entries.
  • Communicate With Us: Messages, feedback, support requests, and any other communications.
  • Make Payments: Billing information, payment card details (processed securely by our payment processors), and transaction history.

2.2 Information Collected Automatically

When you use our Services, we automatically collect:

  • Device Information: Device type, operating system, browser type, unique device identifiers, and mobile network information.
  • Usage Information: Pages visited, features used, time spent on the platform, click patterns, and interaction data.
  • Log Data: IP address, access times, referring URLs, and system activity.
  • Location Information: General location based on IP address (we do not collect precise GPS location unless you explicitly enable it).

2.3 Information From Third Parties

We may receive information from:

  • Health Professionals: If you are a client, your health professional may share information about your wellness programs and progress.
  • Authentication Providers: If you sign in using a third-party service (e.g., Google), we receive basic profile information.
  • Analytics Providers: Aggregated usage data to help us improve our Services.

3. How We Use Your Information

We use your information to:

3.1 Provide and Improve Our Services

  • Create and manage your account
  • Enable connections between health professionals and clients
  • Track and display your wellness progress
  • Generate personalized meal plans and workout programs
  • Provide AI-powered insights and recommendations
  • Process transactions and send related information
  • Improve, personalize, and expand our Services

3.2 Communicate With You

  • Send service-related notifications (e.g., program assignments, goal updates)
  • Respond to your inquiries and support requests
  • Send promotional communications (with your consent)
  • Notify you about changes to our Services or policies

3.3 Ensure Safety and Security

  • Detect, prevent, and address technical issues
  • Protect against fraudulent, unauthorized, or illegal activity
  • Enforce our Terms of Service and other policies
  • Comply with legal obligations

3.4 Analytics and Research

  • Analyze usage patterns to improve user experience
  • Conduct research and analysis (using aggregated, de-identified data)
  • Develop new features and services

4. Health and Wellness Data

We understand that health and wellness data is particularly sensitive. Here's how we handle it:

4.1 Types of Health Data We Collect

  • Body measurements (weight, body composition, circumferences)
  • Nutrition information (food logs, calorie intake, macronutrients)
  • Exercise and activity data (workouts, exercises completed, duration)
  • Goals and progress tracking
  • Journal entries related to wellness
  • Any health information you choose to share

4.2 Special Protections for Health Data

  • Encryption: All health data is encrypted in transit and at rest using industry-standard encryption protocols.
  • Access Controls: Strict access controls ensure only authorized personnel can access your data.
  • Professional Access: Health professionals can only view data for clients who have explicitly connected with them.
  • No Selling: We never sell your health data to third parties.
  • AI Processing: When we use AI to generate insights, your data is processed securely and not used to train general AI models.

4.3 Consent for Health Data

By using our Services and entering health data, you consent to our collection and processing of this information. You can withdraw consent at any time by deleting your data or account.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

5.1 With Your Health Professional

If you connect with a health professional through our platform, they will have access to your wellness data, progress, and communications within the platform. This is essential for them to provide you with personalized guidance and support.

5.2 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

  • Cloud hosting and storage (Supabase, AWS)
  • Payment processing (Stripe)
  • Email delivery services
  • Analytics services
  • AI/ML services for generating insights (OpenAI)

These providers are contractually obligated to protect your information and use it only for the services they provide to us.

5.3 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Kinecta, our users, or others.

5.4 Business Transfers

If Kinecta is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your information.

5.5 With Your Consent

We may share your information for other purposes with your explicit consent.

6. Data Security

We implement comprehensive security measures to protect your information:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
  • Authentication: Secure authentication with password hashing and optional two-factor authentication.
  • Access Controls: Role-based access controls and principle of least privilege.
  • Infrastructure Security: Our infrastructure is hosted on secure, SOC 2 compliant cloud providers.
  • Regular Audits: We conduct regular security assessments and penetration testing.
  • Employee Training: Our team receives regular security and privacy training.
  • Incident Response: We have procedures in place to detect, respond to, and recover from security incidents.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as necessary to:

  • Provide our Services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Conduct legitimate business purposes

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal, regulatory, or legitimate business purposes.

Health professionals may retain records of client interactions as required by their professional obligations and applicable laws.

8. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

8.1 Access and Portability

You can access your personal information through your account settings. You may request a copy of your data in a portable format.

8.2 Correction

You can update or correct your information through your account settings or by contacting us.

8.3 Deletion

You can delete your account and associated data. Some information may be retained as required by law or for legitimate business purposes.

8.4 Opt-Out

You can opt out of:

  • Marketing communications (via unsubscribe links or account settings)
  • Certain cookies and tracking (via browser settings or cookie preferences)
  • Push notifications (via device settings)

8.5 Data Processing Restrictions

In certain circumstances, you may request that we restrict processing of your personal information.

8.6 Complaints

If you believe your privacy rights have been violated, you have the right to lodge a complaint with your local data protection authority.

8.7 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@kinecta.io. We will respond to your request within 30 days.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Keep you logged in
  • Remember your preferences (e.g., theme settings)
  • Understand how you use our Services
  • Improve our Services
  • Provide relevant content

9.1 Types of Cookies We Use

  • Essential Cookies: Required for the platform to function properly.
  • Functional Cookies: Remember your preferences and settings.
  • Analytics Cookies: Help us understand how you use our Services.

9.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our Services.

10. Third-Party Services

Our Services may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you access.

10.1 Key Third-Party Services

  • Supabase: Database and authentication infrastructure
  • Stripe: Payment processing
  • OpenAI: AI-powered features (meal plan and workout generation)
  • Analytics providers: Usage analytics

11. Children's Privacy

Our Services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@kinecta.io, and we will delete such information.

Health professionals working with minor clients are responsible for obtaining appropriate parental consent and ensuring compliance with applicable laws.

12. International Data Transfers

Kinecta is based in Australia. If you access our Services from outside Australia, your information may be transferred to, stored, and processed in Australia or other countries where our service providers operate.

We ensure appropriate safeguards are in place for international transfers, including:

  • Standard contractual clauses approved by relevant authorities
  • Data processing agreements with our service providers
  • Compliance with applicable data protection laws

12.1 Australian Privacy Principles

We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

12.2 GDPR (European Users)

If you are in the European Economic Area (EEA), we process your data in compliance with the General Data Protection Regulation (GDPR). Our legal bases for processing include:

  • Performance of a contract (providing our Services)
  • Legitimate interests (improving our Services, security)
  • Consent (marketing communications, health data processing)
  • Legal obligations

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Updating the "Last updated" date
  • Sending you an email notification (for significant changes)
  • Displaying a notice within our application

We encourage you to review this Privacy Policy periodically. Your continued use of our Services after any changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Kinecta Privacy Team

Email: privacy@kinecta.io

General Inquiries: hello@kinecta.io

Website: https://kinecta.io

For data protection inquiries from the European Union, you may also contact our EU representative (details available upon request).