TowerVital

Privacy Policy

Last updated: April 1, 2026

Hightower Fitness Solutions LLC ("we," "our," or "TowerVital") operates the TowerVital website (towervital.com) and iOS mobile application. This Privacy Policy explains how we collect, use, and protect your information.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored securely using bcrypt hashing). We never store your password in plain text.

Health & Fitness Data

With your explicit permission, our iOS app reads health data from Apple HealthKit, including: sleep analysis, heart rate, heart rate variability (HRV), step count, and active energy burned. This data is used solely to generate your personalized daily fitness plans and health scores. We do not sell your health data to third parties.

Usage Data

We collect information about how you use our services, including pages visited, features used, and AI coach conversations, to improve our product and your experience.

Payment Information

Subscription payments are processed by Stripe. We do not store your credit card number or payment details on our servers. Stripe's privacy policy applies to payment processing.

2. How We Use Your Information

We use your information to:

  • Generate personalized daily fitness and wellness plans
  • Calculate health scores (Sleep, Readiness, Activity, HRV)
  • Provide AI coaching responses tailored to your goals and health data
  • Process subscription payments
  • Send important account and service notifications
  • Improve our products and services

3. Apple HealthKit Data

We comply with Apple's HealthKit guidelines. Specifically:

  • Health data read from HealthKit is only used to provide core app functionality (health scores and personalized plans)
  • We do not sell HealthKit data to advertising platforms or data brokers
  • We do not use HealthKit data for marketing or advertising purposes
  • HealthKit data is transmitted securely (HTTPS/TLS) from the app to our servers
  • You can disconnect Apple Health at any time from the app settings

4. Data Storage & Security

Your data is stored securely on servers provided by Vercel and Neon (PostgreSQL). All data transmission uses HTTPS encryption. Authentication tokens are stored securely on your device using iOS Keychain (via expo-secure-store).

5. Data Sharing

We do not sell your personal information. We share data only with:

  • Stripe — for payment processing
  • xAI (Grok) — AI coach responses are generated using your fitness profile and health data. Conversation data is sent securely to generate responses.
  • Resend — for transactional emails (account verification, etc.)

6. Your Rights

You have the right to:

  • Access your personal data
  • Request deletion of your account and all associated data
  • Disconnect wearable devices and stop health data syncing
  • Opt out of non-essential communications

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data including health data, coach conversations, and fitness plans will be permanently deleted within 30 days.

8. Children's Privacy

TowerVital is not intended for use by anyone under the age of 18. We do not knowingly collect data from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification.

10. Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

Hightower Fitness Solutions LLC
Acworth, GA
Email: support@towervital.com