Legal

Privacy Policy

Effective date: 19 May 2026 · Last updated: 19 May 2026

This Privacy Policy explains how UrbanLuxx ("we", "our", or "us") collects, uses, discloses, and protects information about you when you install or use the UrbanLuxx mobile application, the urbanluxx.com website, and any related services (collectively, the "Service"). UrbanLuxx is a subscription fitness platform that provides on-demand guided workout video content across multiple disciplines.

We take privacy seriously. We collect only what we need to operate the Service, we never sell your personal data, and we limit third-party sharing to the payment processors and platform providers required for the app to function.

1. Who we are and how to reach us

The data controller for personal data processed in connection with the Service is UrbanLuxx, contactable at privacy@urbanluxx.com for all privacy-related questions, requests, and complaints. Our registered business address is Netherlands, Lelystad, Duinbeek 38 8226RL.

2. What information we collect

2a. Information you provide directly

When you create an UrbanLuxx account, we collect:

Email address — required, used as your account identifier and for service communications.
Full name — required, displayed in your profile.
Password — stored only as a salted bcrypt hash; the plain-text password never touches our database and we cannot recover it for you.

If you sign in with Google instead of email, we receive your email address, full name, and profile photo URL from Google. We do not receive your Google password, access to your Gmail, Calendar, or any other Google Workspace data.

2b. Subscription and payment information

When you subscribe to a paid tier (Pro or Signature), payment information is processed by our third-party payment providers (Stripe for web checkouts, and Apple App Store or Google Play for in-app purchases). UrbanLuxx never receives or stores your full credit card number, CVV, or bank account details. We do store:

A Stripe customer identifier so we can attach subscriptions to your account.
The product identifier, tier, status (active, past_due, canceled), and current billing period end date.
For native in-app purchases: a one-way reference to the App Store / Play Store receipt so we can validate ongoing entitlement without retaining the receipt blob beyond what is required.

2c. Information generated by your use of the Service

Workouts viewed and completed — workout id, duration watched, completion timestamp. Used to power your progress stats and history view.
Favorites — list of workouts you have favorited.
Authentication events — login timestamps and the method used (email or Google), retained for security monitoring and rate-limit enforcement.

2d. Device and diagnostic information

Through the Expo platform's observability tooling (expo-insights), the app reports anonymous crash reports, app performance metrics (cold-start time, screen render time), and an Expo-generated install identifier. This identifier is not linked to your account and resets when the app is uninstalled. We use this data exclusively to diagnose crashes and improve performance. No advertising identifiers (Apple IDFA, Google Advertising ID) are collected.

2e. Server logs

Our backend logs each API request with a short-lived request ID, the endpoint, the HTTP status code, the response time, and (where relevant) the authenticated user id. Logs are retained for up to 30 days for security monitoring, debugging, and abuse prevention. IP addresses are processed transiently for rate limiting and are not stored long-term in clear text.

3. How we use your information

To operate the Service: authenticate you, deliver workout content, track your progress, manage your subscription, and process payments.
To improve the Service: diagnose crashes, measure performance, identify bugs, and prioritize fixes based on usage patterns.
To communicate with you: respond to your support requests, send service-related notices (subscription receipts, billing failures, security alerts, material policy changes).
To enforce our terms and protect the Service: detect and prevent fraud, abuse, account takeover, and violation of our Terms of Service.
To comply with legal obligations: retain tax-relevant records, respond to lawful requests from authorities.

4. Legal bases for processing (EU/UK residents)

If you are in the European Economic Area, United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) requires us to identify a legal basis for each use of your personal data:

Contract: processing required to provide the Service you signed up for (account, subscription, content access).
Legitimate interests: security monitoring, fraud prevention, debugging crashes, improving the Service.
Legal obligation: retaining payment records for tax reporting, responding to lawful authority requests.
Consent: any future marketing communications (we do not send marketing emails today; if we ever do, you will be asked to opt in explicitly).

5. Who we share your information with

We do not sell your personal data and we do not share it for advertising purposes. We share limited information with the following categories of providers, only as needed to operate the Service:

Stripe, Inc. — processes web subscriptions. Stripe receives your email, name, and the payment instrument you provide to them. See Stripe's privacy policy.
Apple Inc. — processes iOS in-app purchases via the App Store. See Apple's privacy policy.
Google LLC — processes Android in-app purchases via the Play Store, hosts the Play Console listing, and provides OAuth sign-in. See Google's privacy policy.
MongoDB, Inc. — hosts our primary database (MongoDB Atlas). Database access is restricted to the UrbanLuxx backend and credentialed administrators.
Fly.io — hosts our backend application infrastructure. Server logs are processed within Fly's environment for the retention period stated in Section 2e.
Expo (650 Industries, Inc.) — provides the mobile app delivery pipeline and crash reporting / performance metrics. Diagnostic data sent to Expo does not include account identifiers beyond the anonymous install ID.
Legal compliance recipients: we may disclose information when required by law, court order, or to protect our rights, our users, or the public from harm.

6. Where we store your data and international transfers

UrbanLuxx operates a backend hosted in Europe (Amsterdam region). Some of our subprocessors are based in the United States. When personal data is transferred outside the European Economic Area, we rely on the Standard Contractual Clauses approved by the European Commission and additional safeguards as appropriate. Stripe, Apple, Google, MongoDB Atlas, and Expo each maintain their own transfer mechanisms, which they document in their respective privacy policies linked above.

7. How long we keep your data

Account data — retained while your account exists, deleted within 30 days of account deletion (described in Section 11).
Workout history and favorites — deleted at the same time as your account.
Payment records — retained for up to 10 years to comply with applicable tax and financial-record-keeping laws.
Account deletion audit log — we retain a one-way SHA-256 hash of your email plus a deletion timestamp for fraud prevention. No name, plain email, or other identifiers are kept.
Server logs — up to 30 days.
Backups — encrypted backups may retain a snapshot of your data for up to 90 days after deletion before being overwritten.

8. How we protect your data

All traffic to the backend is encrypted in transit (TLS 1.2+).
Passwords are stored as salted bcrypt hashes, never in plain text.
Database storage is encrypted at rest by our database provider.
Access to production data is restricted to authorized administrators using strong authentication.
The mobile app disables Android cleartext HTTP traffic in production builds and uses HTTPS-only networking.
Rate limiting protects authentication endpoints from credential stuffing and abuse.
Webhook signatures from payment providers are cryptographically verified before being processed.

No system is perfectly secure. If we ever discover a breach of your personal data that creates a meaningful risk to you, we will notify you and the relevant authorities within the timeframes required by law.

9. Your rights

Depending on where you live, you have some or all of the following rights regarding your personal data:

Access — request a copy of the personal data we hold about you.
Rectification — correct inaccurate or incomplete data.
Erasure — request deletion of your data (see also Section 11).
Restriction — ask us to restrict processing in certain situations.
Portability — receive a structured, machine-readable copy of the data you provided.
Objection — object to processing based on legitimate interests.
Withdraw consent — where processing is based on consent, you may withdraw at any time without affecting the lawfulness of prior processing.
Complain — lodge a complaint with your local data protection authority. In the Netherlands this is the Autoriteit Persoonsgegevens.

To exercise any of these rights, email privacy@urbanluxx.com from the address associated with your account. We will respond within 30 days; complex requests may take up to 60 days, in which case we will notify you.

10. California residents (CCPA)

If you are a California resident, you have the right to know what personal information we collect, the categories of sources, the business purposes for collection, the categories of third parties with whom we share information, the right to delete, the right to correct, and the right to non-discrimination for exercising these rights. We do not "sell" personal information as defined by the CCPA, nor do we share it for cross-context behavioral advertising.

11. Account deletion

You can delete your UrbanLuxx account at any time:

In the app: Profile → Delete Account. Two confirmation prompts protect against accidental deletion. If you have an active Stripe subscription, it is cancelled immediately on our end.
Without installing the app: visit our account deletion page for instructions on requesting deletion by email.

Native in-app subscriptions purchased through the App Store or Play Store cannot be cancelled by us. You must cancel them in your Apple ID or Google Play account before or after deleting your UrbanLuxx account. See our account deletion guide for step-by-step instructions.

12. Children

UrbanLuxx is intended for adults aged 18 and over. We do not knowingly collect personal information from children under 18. If we learn we have collected information from a child under 18, we will delete it. If you believe a child has provided us with information, please contact privacy@urbanluxx.com.

13. Cookies and similar technologies

The urbanluxx.com website uses only strictly necessary cookies (or equivalent local storage) to remember your preferences while browsing. We do not use analytics cookies, advertising cookies, or third-party tracking pixels on the website. The mobile app uses AsyncStorage to hold your authentication token locally on your device — this is required for the app to keep you logged in across sessions and is not shared with anyone.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When changes are material, we will notify you in the app or by email at least 30 days before the new policy takes effect. The "Effective date" at the top of this page reflects the date the current version became active. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

15. Contact

For any privacy-related question or request, please email privacy@urbanluxx.com. For general support, email support@urbanluxx.com.