Fystash

Terms of Use

Last Updated: 1 June 2026

Welcome to Fystash. These Terms of Use (“Terms”) govern your access to and use of the Fystash mobile application (“App”) and related services provided by Fystash.AI (“we”, “us”, “our”). By downloading, installing, or using the App, you agree to be bound by these Terms.

1. Acceptance of Terms

By creating an account or using the App, you confirm that you are at least 16 years of age and agree to comply with these Terms. If you do not agree, do not use the App.

2. Description of Service

Fystash is an AI-powered fitness and nutrition coaching application that provides:

  • AI-assisted meal logging and nutrition analysis
  • Personalised fitness coaching and workout programming
  • AI-powered coaching via chat
  • Diet plan generation and meal planning
  • Activity and workout tracking
  • Video content creation and sharing (“Stash”)
  • Creator Program with referral-based revenue sharing
  • Community features, social interactions, and progress tracking
  • Optional Google Calendar integration for schedule-aware coaching, daily reports, and user-confirmed calendar events (see Section 3.3 and Section 11.13)

3. Account Registration

You must create an account to use the App. You may register using an email address and password, or by signing in with a third-party authentication provider such as Apple or Google. You agree to:

  • Provide accurate and complete information
  • Maintain the security of your account credentials
  • Notify us immediately of any unauthorised access
  • Accept responsibility for all activity under your account

3.1 Sign In with Google

If you choose to sign in with Google, you authorise the App to access certain information from your Google account via Google’s OAuth 2.0 authentication service. This section describes how we interact with Google user data in compliance with the Google API Services User Data Policy.

Data Accessed from Google:

When you sign in with Google, we access the following data from your Google account:

  • Email address — Your Google account email address
  • Name — Your Google account display name
  • Profile picture URL — The URL of your Google account profile photo
  • Google account identifier — A unique identifier (subject ID) used to link your Google account to your Fystash account

We request only the openid, email, and profile OAuth scopes when you sign in with Google. Sign-in does not request Google Calendar or other Google APIs. Google Calendar is a separate, optional integration with its own permissions, initiated only if you choose to connect it in the App (see Section 3.3 and Section 11.13).

How We Use Google User Data:

Google user data is used solely for the purpose of authenticating your identity and creating or accessing your Fystash account. Specifically:

  • Your email address is used as your account identifier and for account recovery communications
  • Your name is used to pre-populate your profile display name
  • Your profile picture URL may be used as your default profile avatar
  • Your Google account identifier is used to securely link your Google account to your Fystash account so you can sign in again in the future

We do not use Google user data for advertising, market research, or any purpose unrelated to providing and improving the App.

Sharing of Google User Data:

Google user data obtained through sign-in is not shared with any third parties except:

  • Convex — Our backend infrastructure provider, which securely stores your account data (email, name) as part of your user record
  • As required by law or to comply with legal process

We do not sell, rent, or trade your Google user data. Google user data is not shared with any AI service providers (xAI, Google Gemini, or others) as part of AI-powered features.

Storage and Protection of Google User Data:

  • Google user data is stored securely on our backend infrastructure (Convex) with encryption at rest and in transit (TLS/HTTPS)
  • Access to stored user data is restricted to authorised systems on a need-to-know basis
  • We do not store your Google account password or Google OAuth tokens long-term; authentication is handled via secure, short-lived session tokens
  • We apply industry-standard security practices to protect all stored data

Retention and Deletion of Google User Data:

  • Google user data (email, name, profile picture URL, account identifier) is retained for as long as your Fystash account is active
  • You may delete your account at any time through the App settings or by contacting us at support@fystash.ai
  • Upon account deletion, all Google user data associated with your account is permanently deleted within 30 days
  • You may also revoke Fystash’s access to your Google account at any time by visiting your Google Account Permissions page. Revoking access will prevent future sign-ins with Google but will not automatically delete your Fystash account or data — you must separately request account deletion if desired

3.2 Sign In with Apple

If you choose to sign in with Apple, we access your Apple ID email address (or a private relay email if you choose to hide your email) and your name (provided only on first authentication). This data is used solely for authentication and account creation.

3.3 Optional Integration — Google Calendar

Connecting Google Calendar is entirely optional and is not required to use Fystash. If you choose to connect, you grant Fystash permission to access your Google Calendar data only as described in Section 11.13 of the Privacy Policy.

  • You connect voluntarily through the mobile App (Settings → Connectors). Initial authorisation uses Google OAuth on mobile; you may manage sync, calendar selection, and disconnect on the website under Integrations after you have connected on mobile.
  • You are responsible for reviewing and confirming the accuracy of calendar events before they are saved to your Google Calendar (see proposal-before-write below).
  • Fystash depends on Google’s Calendar API and related services. We do not guarantee availability, accuracy, or timeliness of calendar data or scheduling features.
  • You may disconnect Google Calendar at any time in the App or on the website, which revokes our access tokens and removes synced calendar data from Fystash, subject to Section 11.13.
  • You agree to comply with Google’s terms of service and the Google API Services User Data Policy, including Limited Use requirements, when using this integration.
  • Proposal before write. If you ask the coach to schedule something (for example, a workout), the App shows an in-app proposal. Nothing is written to your Google Calendar until you tap Accept. On acceptance, we create or update the event on your primary Google Calendar only, and only for events created through Fystash. We do not modify arbitrary existing events you did not create through Fystash.

4. Subscriptions and Payments

4.1 Free Trial

New users may be eligible for a free trial period. If you do not cancel before the trial ends, your subscription will automatically convert to a paid subscription.

4.2 Auto-Renewable Subscriptions

Fystash offers auto-renewable subscription plans:

  • Pro Monthly — Billed monthly
  • Pro Yearly — Billed annually

4.3 Billing

  • Payment is charged to your Apple ID account at confirmation of purchase
  • Your subscription automatically renews unless cancelled at least 24 hours before the end of the current billing period
  • Your account will be charged for renewal within 24 hours prior to the end of the current period at the same price
  • You can manage and cancel your subscriptions by going to your Account Settings on the App Store after purchase

4.4 Refunds

All purchases are processed through Apple. Refund requests must be directed to Apple in accordance with their refund policies.

5. AI-Powered Features and Third-Party Services

5.1 AI Services

The App uses third-party AI services to power its features:

  • xAI (Grok) — Powers the AI fitness and nutrition coach, chat, meal planning, and workout generation
  • Google (Gemini) — Powers food photo analysis and nutrition estimation

5.2 Data Shared with AI Services

When you use AI-powered features, the following data may be sent to these providers:

  • Meal photos you capture or select for nutrition analysis
  • Text messages and voice transcripts sent to the AI coach
  • Fitness profile information (goals, preferences, workout history) to personalise advice
  • Synced Google Calendar event context (titles, times, location, and related fields described in Section 11.13) when you have connected Google Calendar and use schedule-aware coaching or related features

5.3 AI Limitations

AI-generated content, including nutritional estimates, workout recommendations, and coaching advice, is for informational purposes only. It is not a substitute for professional medical, dietary, or fitness advice. Always consult a qualified healthcare professional before making significant changes to your diet or exercise routine.

We do not guarantee the accuracy of AI-generated nutritional data or fitness recommendations.

6. User Content

6.1 Your Content

You retain ownership of content you submit, including photos, messages, profile data, and videos. By submitting content, you grant us a non-exclusive, worldwide, royalty-free, sublicensable, transferable licence to use, host, store, reproduce, modify, distribute, display, and process your content for the purpose of providing, improving, and promoting the App. This licence continues even if you stop using the App, but only for content that has been shared publicly or with other users.

6.2 Video Content (“Stash”)

The App allows you to create, upload, and share short-form video content (“Stash”). By uploading video content, you:

  • Confirm that you own or have the right to use all content in your videos, including any music, images, or other media
  • Grant other users the right to view, interact with (like, comment, share), and save your publicly shared videos
  • Acknowledge that your publicly shared videos may be visible to all App users and may appear in recommendation feeds
  • Accept that we may remove or restrict access to your videos at our sole discretion if they violate these Terms or our Community Guidelines
  • Understand that deleted videos may take a reasonable period to be removed from all caches and systems

6.3 Prohibited Content

You agree not to submit content that is:

  • Illegal, harmful, threatening, abusive, or harassing
  • Sexually explicit, pornographic, or depicting nudity
  • Promoting violence, self-harm, or dangerous activities
  • Containing hate speech, discrimination, or targeting individuals or groups
  • Infringing on intellectual property rights, including copyrighted music or video
  • Spam, misleading, or fraudulent
  • Harmful to minors
  • Impersonating another person or entity
  • Containing personal information of others without their consent

6.4 Content Moderation

We reserve the right to review, moderate, and remove any user content at our sole discretion. We may use automated tools and human review to identify content that violates these Terms. Repeated violations may result in account suspension or termination.

6.5 Reporting Content

If you believe any content on the App violates these Terms, is inappropriate, or infringes your rights, you may report it using the in-app reporting feature. We will review reports and take appropriate action, which may include removing the content or suspending the offending account.

7. Community Guidelines

When using community features, you agree to:

  • Treat other users with respect
  • Not engage in harassment, bullying, or discrimination
  • Not share inappropriate or offensive content
  • Not impersonate other users or entities
  • Not use the App to solicit, promote, or engage in any illegal activity
  • Not manipulate engagement metrics (views, likes, comments) through artificial means

We reserve the right to remove content, restrict features, and suspend or permanently terminate accounts that violate these guidelines without prior notice.

8. Copyright and DMCA Takedown

8.1 Copyright Policy

We respect the intellectual property rights of others. If you believe that content on the App infringes your copyright, you may submit a takedown request.

8.2 Filing a Takedown Request

To file a copyright takedown request, send an email to copyright@fystash.ai with the following information:

  • A description of the copyrighted work you claim has been infringed
  • A description of the content you believe is infringing, including its location within the App (e.g., username, video description)
  • Your contact information (name, email address, phone number)
  • A statement that you have a good faith belief that the use of the material is not authorised by the copyright owner
  • A statement, under penalty of perjury, that the information in your notice is accurate and that you are the copyright owner or authorised to act on their behalf
  • Your physical or electronic signature

8.3 Counter-Notification

If your content was removed due to a takedown request and you believe it was removed in error, you may submit a counter-notification to copyright@fystash.ai with the required information under applicable law.

8.4 Repeat Infringers

We may terminate the accounts of users who are found to be repeat copyright infringers.

9. Health Disclaimer

Fystash is a fitness and nutrition tracking tool, not a medical device. The App does not provide medical advice, diagnosis, or treatment.

  • Consult your doctor before starting any new exercise or diet programme
  • If you have food allergies or medical conditions, do not rely solely on the App’s nutritional analysis
  • Stop exercising immediately if you feel pain, dizziness, or discomfort
  • The calorie, macro, and nutritional estimates provided are approximations and may not be fully accurate

10. Intellectual Property

The App, including its design, code, content, logos, and trademarks, is the property of Fystash.AI. You may not copy, modify, distribute, or reverse-engineer any part of the App without our written consent.

11. Privacy Policy

This section constitutes the Privacy Policy for Fystash and describes how we collect, use, store, share, and protect your personal data. By using the App, you agree to the collection and use of information in accordance with this section.

11.1 Information We Collect

Account Information:

When you create an account, we collect:

  • Email address — used for authentication and account recovery
  • Username — displayed on your profile and in community features
  • Password — stored securely using industry-standard hashing (if you register with email/password)

For information collected via third-party sign-in providers (Google and Apple), see Section 3.1 and Section 3.2 above.

Profile & Fitness Data:

To personalise your experience, we collect information you provide during onboarding and throughout your use of the App:

  • Personal details — name, age, gender, height, weight, country
  • Fitness profile — experience level, training goals, preferred workout duration, equipment access, areas of focus
  • Diet preferences — dietary style, allergies, meals per day, daily calorie and macro goals
  • Body measurements — weight logs and progress photos you choose to upload

Usage Data:

As you use the App, we collect:

  • Workout logs — exercises performed, sets, reps, weights, workout duration, and completion status
  • Nutrition logs — meals logged (including photos you upload), water intake, and daily macro/calorie tracking
  • Activity data — GPS routes, distance, pace, elevation, and splits when you use the GPS activity recording feature
  • Chat messages — text messages and voice transcripts sent to the AI coach
  • Meal photos — images you take or select for AI-powered nutrition analysis

Device & Technical Data:

We automatically collect:

  • Device information — device model, operating system version, app version
  • Timezone — your device’s timezone (IANA format) for accurate daily tracking
  • Push notification tokens — if you enable notifications

Location Data:

If you use GPS activity recording (running, cycling, hiking, etc.), we collect precise location data only while you are actively recording an activity. Location data is not collected in the background outside of active recordings. You can decline location permissions and still use all other features of the App.

Subscription & Payment Data:

If you subscribe, Apple or Google processes your payment. We receive:

  • Subscription status — plan type, start date, expiration date, renewal status
  • Transaction identifiers — transaction IDs for purchase verification

We do not receive or store your credit card number, billing address, or other payment instrument details. All payment processing is handled by Apple or Google.

Advertising Data (Free Tier Only):

If you use Fystash on the free tier, we display advertisements via Google AdMob. Pro subscribers, users on the 14-day free trial, and guest users do not see ads and are excluded from advertising data collection. When ads are shown, Google AdMob may collect:

  • Advertising identifier — IDFA on iOS, AAID on Android. Collected only if you grant App Tracking Transparency (ATT) permission. If you decline, ads are still shown but are non-personalised.
  • Coarse location — derived from your IP address by Google for regional ad relevance and fraud prevention. We do not share your precise GPS location with advertisers.
  • Ad interaction data — impressions, clicks, and viewability metrics.
  • Device & technical data — device model, OS version, app version, language, and timezone (used by AdMob for ad delivery and fraud prevention).

See Section 11.4 for full details on AdMob, your choices, and how to opt out.

11.2 How We Use Your Data

We use the data we collect for the following purposes:

  • Provide AI coaching — using chat messages, voice transcripts, fitness profile, workout history, nutrition data
  • Analyse meal photos — using meal photos you upload
  • Generate workout programs — using fitness profile, goals, equipment, experience level
  • Generate diet plans — using diet preferences, calorie/macro goals, allergies
  • Track workouts & nutrition — using workout logs, meal logs, water intake
  • Record GPS activities — using location data during active recordings
  • Personalise the experience — using profile data, usage patterns, timezone
  • Send notifications — using push tokens, timezone (for scheduling)
  • Community features — using username, workout/nutrition summaries (only if you opt in)
  • Improve the App — using aggregated, anonymised usage analytics
  • Process subscriptions — using subscription status, transaction IDs
  • Display advertisements (free tier only) — using advertising identifier (IDFA/AAID), coarse location (from IP), device data, and ad interaction data
  • Google Calendar features (optional) — using synced calendar events when you connect Google Calendar (see Section 11.13)

We display advertisements only to free-tier users, served via Google AdMob (see Section 11.4). Subscribers, trial users, and guests do not see ads. We do not sell your personal data to third parties for monetary consideration.

11.3 Third-Party AI Service Providers

To power AI features such as coaching chat, workout/diet plan generation, and food photo analysis, we send certain data to third-party AI service providers. We obtain your explicit consent before sharing any data with these providers.

Providers we use:

  • xAI (Grok models) — receives chat messages, voice transcripts, fitness profile, workout history, nutrition data, diet plan context, and (if you have connected Google Calendar) synced calendar event context for schedule-aware coaching and related features. Used for AI coaching, workout generation, diet plan generation, meal editing, activity estimation.
  • Google (Gemini models) — receives meal photos, food descriptions, and (if you have connected Google Calendar) synced calendar event context for schedule-aware coaching and related features. Used for food photo analysis, nutrition estimation, and schedule-aware coaching features.

Google Sign-In data (email, name, profile picture, account identifier) is not shared with AI providers. Synced Google Calendar data is shared with AI providers only when you have opted in by connecting Google Calendar and only to provide coaching and related App features—not for advertising or unrelated purposes. See Section 11.13.

How these providers handle your data:

  • Your data is sent securely via encrypted (HTTPS) connections
  • Data is used solely to generate responses to your requests
  • Your data is not used to train these third-party providers’ AI models. See §11.12 below for Fystash’s own optional, opt-in training data program.
  • Data is processed in accordance with each provider’s privacy policy:

During onboarding, we present a clear disclosure of what data is shared with AI providers and ask for your explicit agreement before enabling AI-powered features. You may withdraw consent at any time by contacting us (see Section 18).

11.4 Other Third-Party Services

In addition to AI providers, we use the following services:

  • Convex — Backend database and server infrastructure. Receives all app data including Google/Apple sign-in data (stored securely).
  • Google (OAuth Sign-In) — Third-party authentication. Receives email, name, profile picture URL, account identifier (used solely for sign-in).
  • Google (Calendar API) (optional) — When you connect Google Calendar, Google provides calendar list and event data we request with your consent, and we may create or update events on your primary calendar only after you accept an in-app proposal (owned events only). See Section 11.13.
  • Mixpanel — Product analytics. Receives anonymised usage events, feature engagement.
  • Apple App Store / Google Play — Subscription and payment processing. Receives transaction data, subscription status.
  • Sentry — Error monitoring and crash reporting. Receives device info, anonymised error data.
  • Discord (optional) — Community feed integration. Receives username and activity summaries (only if you opt in to community feeds).
  • Expo — Push notifications. Receives push notification tokens.
  • Google AdMob (free tier only) — Advertising service operated by Google LLC. Receives advertising identifier (IDFA/AAID, only if you grant App Tracking Transparency permission), coarse location (derived from IP), device data, and ad interaction data. Pro subscribers, trial users, and guests are excluded.

These services process data in accordance with their respective privacy policies and provide equivalent data protection.

Advertising (Free Tier Only):

We display advertisements to free-tier users via Google AdMob, an advertising service operated by Google LLC. Pro subscribers, users on the 14-day free trial, and guest users do not see ads.

Data shared with Google AdMob:

  • Advertising identifier (IDFA on iOS, AAID on Android) — for personalised ad delivery, only if you grant App Tracking Transparency permission. If you decline, ads are non-personalised.
  • Coarse location (derived from IP) — for regional ad relevance and fraud prevention. We do not share your precise GPS location with advertisers.
  • Ad interaction data — impressions, clicks, and viewability metrics.
  • Device data — device model, OS version, app version, language, and timezone (used for ad delivery and fraud prevention).

AdMob’s data practices are governed by Google’s Privacy Policy, Google’s Advertising Policies, and Google’s AdMob & AdSense data practices disclosure.

Your choices:

  • Decline tracking on iOS — When prompted, choose “Ask App Not to Track”. Ads will still appear but will be non-personalised, and the IDFA will not be collected.
  • Reset or limit your advertising identifier — iOS: Settings → Privacy & Security → Tracking (toggle off, or per-app). Android: Settings → Google → Ads (reset advertising ID or opt out of personalised ads).
  • Upgrade to Pro — A paid Fystash subscription removes all advertisements.

11.5 Data Storage & Security

  • All data is stored securely on Convex cloud infrastructure
  • Data is encrypted in transit (TLS/HTTPS) and at rest
  • Authentication is handled using industry-standard secure token-based methods
  • We apply the principle of data minimisation — we only collect data that is necessary to provide the App
  • Access to personal data is restricted to authorised personnel and automated systems on a need-to-know basis

11.6 Data Retention

  • Account data is retained for as long as your account is active
  • Chat messages and AI interactions are retained to maintain conversation context and coach memory. AI-generated outputs are automatically removed from third-party provider systems after processing
  • Workout, nutrition, and activity logs are retained for as long as your account is active to provide historical tracking and analytics
  • Meal photos are stored for as long as your account is active
  • Google Calendar data (selected calendars, synced events, and related fields) is retained while Google Calendar remains connected and is deleted when you disconnect Google Calendar or delete your account, as described in Section 11.13
  • Analytics data is retained in aggregated, anonymised form

When you delete your account, all personal data is permanently deleted within 30 days, except where retention is required by law.

11.7 Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access — Request a copy of the personal data we hold about you
  • Correction — Request correction of inaccurate data
  • Deletion — Request deletion of your account and all associated data. You can delete your account directly within the App under Settings, or by contacting us
  • Data Portability — Request an export of your data in a machine-readable format
  • Withdraw Consent — Withdraw your consent for AI data processing at any time. Note that withdrawing consent will disable AI-powered features
  • Restrict Processing — Request that we limit processing of your data in certain circumstances

To exercise any of these rights, contact us at privacy@fystash.ai. We will respond to all requests within 30 days.

11.8 Children’s Privacy

The App is not intended for children under 13 years of age (or under 16 in the European Economic Area). We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly. If you believe a child has provided us with personal data, please contact us at privacy@fystash.ai.

We configure Google AdMob with age-appropriate ad content settings and do not knowingly serve targeted ads to children.

11.9 International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence, including the United States and other jurisdictions where our third-party providers operate. We ensure that appropriate safeguards are in place to protect your data in accordance with applicable data protection laws.

11.10 Google API Services User Data Policy Compliance

Fystash’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. For Google Sign-In, see Section 3.1. For optional Google Calendar, see Section 11.13.

11.11 Jurisdiction-Specific Disclosures

For California Residents (CCPA / CPRA):

  • We do not sell your personal information for monetary consideration
  • For free-tier users only, we share limited identifiers (such as the IDFA, when permitted via App Tracking Transparency) with Google AdMob for cross-context behavioural advertising. Subscribers, trial users, and guests are excluded from this sharing.
  • You may opt out of this sharing at any time by:
    • Declining App Tracking Transparency on iOS (or revoking it later via Settings → Privacy & Security → Tracking)
    • Resetting or limiting your advertising identifier in your device settings, or
    • Upgrading to a paid Fystash plan, which removes all advertisements
  • You have the right to know what data we collect, request deletion, and opt out of personalised advertising at any time

For European Economic Area Residents (GDPR):

  • Legal basis for processing: Consent (AI data sharing), Contractual Necessity (providing the App), Legitimate Interest (analytics, security)
  • Data Controller: Fystash.AI, contactable at privacy@fystash.ai
  • You have the right to lodge a complaint with your local Data Protection Authority

For Australian Residents (Privacy Act 1988):

  • We comply with the Australian Privacy Principles (APPs)
  • You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached

11.12 Improving Fystash AI (Optional, On by Default)

You can choose to help improve Fystash’s AI coach by sharing anonymized chat data with us. This setting is ON by default for new accounts — you’ll see a pre-checked toggle on the AI Data Policy screen during signup, and you can turn it off at any time there or later in Settings → Privacy → “Help improve Fystash”. When enabled:

  • What is captured. The text of your messages to the coach, the coach’s reply, the tools the coach used, and basic metadata (model used, response time, language). Captured turns from incognito chats are never collected, regardless of this setting.
  • What is NOT captured. Your name, email, phone number, payment info, or any data unrelated to your coach conversations. Identifying details in messages are removed before any training use.
  • How it is used. Fystash may use this data to train and evaluate AI models that we own and operate, in order to improve the quality of the coach. We may also share aggregated, anonymized datasets with research partners under strict confidentiality agreements. We do not sell your raw conversation data.
  • Storage and retention. Captured data is stored on Cloudflare R2, encrypted at rest with AES-256, in a private bucket controlled solely by Fystash. Raw (un-scrubbed) data is retained for up to 30 days; anonymized data may be retained indefinitely.
  • Your control. You can turn this setting off at any time in Settings. You may also request deletion of all previously captured data by contacting us (see Section 18). Deleting your account also deletes any captured turns associated with your account.

11.13 Google Calendar (Optional Integration)

Google Calendar is separate from Sign In with Google. You are never required to connect a calendar to use Fystash. If you opt in, you authorise additional Google OAuth permissions only for calendar features described below.

How you connect and where:

  • Connect — In the mobile App: Settings → Connectors → Google Calendar. Authorisation uses Google OAuth with a secure redirect through our backend (Convex). You choose which calendars to sync.
  • Website — Initial connect is available in the mobile App only. After you connect on mobile, you may sync, disconnect, and change which calendars are selected on the website under Integrations.

Google OAuth scopes (plain English):

  • Sign In with Google (login only): openid, email, profile — account creation and authentication only (Section 3.1).
  • List your calendars (calendar.calendarlist.readonly) — so you can see and select which calendars to sync.
  • Read events (calendar.events.readonly) — read events on calendars you selected only.
  • Create or update Fystash events (calendar.events.owned) — after you accept an in-app proposal, create or update events on your primary Google Calendar that Fystash created; we do not edit other existing events.

What calendar data we access and store:

For calendars you select, we sync events within approximately 30 days in the past and 90 days in the future. We store fields needed for coaching and reporting, such as event title, start and end times, timezone, location (if present), calendar identifier, and related metadata. We do not use calendar data for advertising, and we do not sell calendar data.

Why we use calendar data:

  • Schedule-aware AI coaching and chat context
  • Daily reports and related insights tied to your schedule
  • Creating or updating calendar events you explicitly accept through the coach (proposal-before-write)

Proposal before write:

When you ask the coach to schedule something, the App shows an in-app proposal card. No event is written to Google Calendar until you tap Accept. Accepted events are created or updated on your primary Google Calendar only, and only for events owned by Fystash through this integration.

AI providers and calendar data:

When Google Calendar is connected and you use schedule-aware coaching or related features, synced calendar context may be sent to our AI service providers (such as xAI and Google Gemini) solely to provide those features—not for advertising, market research, or unrelated purposes. Google Sign-In data remains subject to Section 3.1 and is not shared with AI providers.

Sharing and processors:

  • Convex — hosts encrypted calendar OAuth tokens and synced calendar data on our backend
  • Google (Calendar API) — source of calendar list and event data; receives create/update requests only after you accept a proposal
  • AI providers (xAI, Google Gemini) — only as described above when you use coaching features with Calendar connected
  • As required by law or legal process

We do not sell or rent Google Calendar data. Calendar data is not used for ads.

Security:

Calendar OAuth refresh and access tokens are stored encrypted on our backend (Convex). All data is transmitted over TLS (HTTPS).

Your controls:

  • Choose which calendars to sync when connecting or later in App or website Integrations settings
  • Disconnect in the App or website Integrations, which revokes tokens and removes synced calendar data from Fystash
  • Revoke Fystash’s access at any time via your Google Account Permissions page (this does not by itself delete your Fystash account)

Retention:

Calendar data and tokens are kept while Google Calendar remains connected. When you disconnect Google Calendar or delete your Fystash account, synced calendar data and tokens are removed from Fystash in accordance with our deletion practices (see Section 11.6).

Limited Use:

Our use of Google Calendar data is limited to providing and improving user-facing calendar-related features in the App, in compliance with the Google API Services User Data Policy, including Limited Use requirements.

12. Limitation of Liability

To the maximum extent permitted by law:

  • The App is provided “as is” without warranties of any kind
  • We are not liable for any indirect, incidental, special, or consequential damages
  • Our total liability shall not exceed the amount you paid for the App in the 12 months preceding the claim
  • We are not responsible for any harm resulting from following AI-generated advice

13. Creator Program

13.1 Overview

The Fystash Creator Program allows eligible users to earn revenue by referring new users to the App through unique referral codes. Participation is voluntary and subject to these Terms.

13.2 Eligibility and Activation

Any registered user may activate a Creator profile through the App. By activating, you agree to the Creator Program terms described in this section.

13.3 Revenue Share

  • Creators earn a percentage of net revenue (after platform fees charged by Apple or Google) from subscriptions purchased by users they referred
  • The current revenue share rate and duration are displayed in the Creator dashboard and may change at our discretion
  • Revenue share applies only during the active referral window for each referred user
  • Self-referrals are not permitted

13.4 Referral Codes

  • Each Creator receives one auto-generated referral code and may create up to three custom vanity codes
  • Referral codes must be 3–12 alphanumeric characters
  • You may not use misleading, offensive, or trademarked terms as referral codes
  • We reserve the right to remove or reassign referral codes at our discretion

13.5 Payouts

  • Creator earnings are tracked in the App and may be requested as payouts once the minimum payout threshold is reached
  • Payouts are currently processed via PayPal. Additional methods may be offered in the future
  • Payouts are processed within 5–7 business days of a valid request
  • We reserve the right to withhold or claw back earnings in cases of fraud, chargebacks, subscription refunds, or Terms violations

13.6 Tax Responsibility

You are solely responsible for reporting and paying any taxes applicable to your Creator earnings. We may require tax identification information before processing payouts, as required by applicable law.

13.7 Creator Video Submissions

Creators may submit exercise demonstration videos for potential inclusion in the App’s exercise library. Submitted videos:

  • Are subject to review and may be approved, declined, or removed at our sole discretion
  • Grant us a perpetual, worldwide, royalty-free licence to use, display, and distribute the video within the App if approved
  • Must be original content that you have the right to distribute

13.8 Program Modifications and Termination

We reserve the right to modify, suspend, or terminate the Creator Program at any time, with or without notice. Any pending, confirmed earnings at the time of termination will be honoured, subject to the payout threshold and fraud review.

14. Termination

We may suspend or terminate your account if you:

  • Violate these Terms or Community Guidelines
  • Engage in fraudulent or abusive behaviour
  • Fail to pay subscription fees
  • Repeatedly post content that infringes on others’ rights
  • Manipulate the Creator Program or referral system

You may delete your account at any time through the App settings or by contacting us. Upon account deletion:

  • Your profile and personal data will be removed in accordance with our Privacy Policy
  • Publicly shared content (videos, comments) may remain visible but will be disassociated from your identity
  • Any pending Creator earnings below the payout threshold will be forfeited

15. Changes to Terms

We may update these Terms from time to time. We will notify you of material changes through the App or via email. Continued use of the App after changes constitutes acceptance of the updated Terms.

16. Governing Law

These Terms are governed by the laws of Australia. Any disputes shall be resolved in the courts of Australia.

17. Age Restrictions

You must be at least 16 years of age to use the App. If you are under the age of 18, you represent that you have your parent or guardian’s consent to use the App and agree to these Terms. We do not knowingly collect personal information from children under 16. If we become aware that a user is under 16, we will terminate their account and delete their data.

18. Contact Us

If you have questions about these Terms, contact us at:

Apple’s Standard End User License Agreement (EULA) also applies to your use of this App. You can review it at: https://www.apple.com/legal/internet-services/itunes/dev/stdeula/