FitFind
Sign in

Privacy Policy

Last updated: 30 May 2026

1. Who we are

FitFind is operated by FitFind Technologies Inc., a Canadian corporation. When this policy says “we”, “us”, or “our”, it means FitFind Technologies Inc. acting as the data controller for fitfind.ca.

All personal information is stored in Canada (AWS ca-central-1, Montréal) in compliance with PIPEDA (federal) and Quebec Law 25 (provincial).

Contact our Privacy Officer at: privacy@fitfind.ca

2. What data we collect and why

Account data

When you create an account we collect your email address and a hashed password. Purpose: account authentication and communication.

Usage data

We collect anonymised analytics events (pages visited, listings clicked, searches run) to understand how the site is used and improve it. No personal data leaves your browser in these events.

Personalisation signals (opt-in only)

If you install our browser extension and explicitly opt in, the extension records anonymised product-category signals on supported retailer websites. It does not record URLs, keystrokes, form data, or browsing on non-retailer sites.

You can withdraw consent and delete all signals at any time from your profile settings.

3. Cookies

  • sb-auth-token — Supabase authentication session. Essential. Expires on sign-out or after 7 days of inactivity.
  • ph_* — Analytics. Can be blocked without affecting site functionality.
  • fitfind_splash_seen — Remembers welcome screen. Local storage only, never transmitted.

We do not use advertising cookies or sell data to third parties.

4. How long we keep your data

  • Account data: Until you delete your account.
  • Raw personalisation signals: 90 days, then aggregated and anonymised.
  • Aggregated preference profile: Until account deletion or consent withdrawal.
  • Error logs: 30 days.
  • Analytics events: 12 months in aggregated form.

5. Your rights (PIPEDA / Law 25)

You have the right to:

  • Access a copy of the personal data we hold about you
  • Correction of inaccurate data
  • Withdrawal of consent at any time
  • Erasure (where legally permitted)
  • Data portability in a machine-readable format
  • Complaint to the Office of the Privacy Commissioner of Canada

To exercise any of these rights, email privacy@fitfind.ca. We will respond within 30 days.

6. Data processors

  • AWS (Amazon Web Services) — database, compute, storage — ca-central-1 (Montréal)
  • Supabase Inc. — authentication layer
  • Cloudflare Inc. — edge CDN and bot protection
  • Sentry Inc. — error monitoring

We do not sell personal data. We do not share data with advertisers.

7. Affiliate links

FitFind displays listings that include affiliate links. When you click and make a purchase, we may earn a commission from the retailer at no extra cost to you. Affiliate relationships do not influence rankings — listings are ordered by AI-computed authenticity scores.

8. Changes to this policy

We will notify registered users by email of any material changes at least 14 days before they take effect. The “Last updated” date always reflects the current version.