Fortify

Privacy Policy

Last Updated: February 4th, 2026

1. Overview and Purpose

This Privacy Policy explains how Fortify ("Fortify," "we," "us," or "our") collects, uses, stores, and protects information when you access or use the Fortify platform, including our websites, mobile applications, dashboards, APIs, software, hardware integrations, and related services (collectively, the "Platform").

Fortify is built around a data-ownership-first philosophy:

        You own your data.
        Fortify does not sell your data and does not participate in data broker or data resale schemes — now or in the future.
      

By using the Platform, you acknowledge and agree to the practices described in this Privacy Policy.

2. Scope of This Policy

This Privacy Policy applies to:

Athletes
Coaches
Trainers
Organizations
Administrators
Any individual or entity accessing the Fortify Platform

This Policy applies only to data collected through Fortify and does not apply to third-party platforms, devices, or services that you may connect to Fortify.

3. Data Ownership and User Consent

3.1 Athlete Data Ownership

You retain full ownership of your personal data at all times.

Fortify does not claim ownership over:

Your biometric data
Your training data
Your wearable data
Your assessments, logs, or reports
Any personal or performance-related information you provide

Fortify's role is to collect, store, display, analyze, and process your data on your behalf to provide meaningful insights and services.

3.2 Grant of Permission to Use Data

By creating an account, submitting information, or participating on the Platform, you explicitly grant Fortify permission to collect and process your data for legitimate and disclosed purposes, including:

Providing dashboards, analytics, and reports
Supporting training and performance insights
Enabling AI- and rules-based models
Conducting research and system improvement
Ensuring platform security and reliability

This permission is a functional requirement of providing the service and is not a transfer of ownership.

4. Data We Collect

4.1 Information You Provide Directly

This may include:

Account information (name, email, role)
Athlete profiles
Training goals and preferences
Daily check-ins and subjective feedback
Nutrition or recovery logs
Uploaded files, notes, or comments

4.2 Automatically Collected Information

When you use Fortify, we may collect:

Device and browser information
Usage logs and interaction data
IP address and approximate location
Session timestamps and metadata

This data is used to maintain platform functionality, security, and performance.

4.3 Wearable and Third-Party Data

If you choose to connect a wearable device or third-party service, Fortify may collect data such as:

Activity metrics
Sleep data
Heart rate and related signals
Recovery and readiness indicators
Other performance or wellness metrics supported by the integration

You control whether these connections are enabled and may revoke access at any time.

5. How We Use Your Data

Fortify uses data only for legitimate, disclosed, and athlete-aligned purposes, including:

Delivering training insights and performance analysis
Supporting coaches and organizations in decision-making
Improving platform features and reliability
Developing, training, and refining analytical and AI models
Conducting internal research and validation
Producing aggregated, anonymized insights

Fortify does not use data for advertising networks, behavioral targeting, or unrelated commercial exploitation.

6. Research, Analytics, and Model Training

Fortify may use data to support:

Model training and validation
Performance research
Trend analysis
Product development

Where feasible, such use relies on aggregated and anonymized data that cannot reasonably be used to identify an individual.

If identifiable data is used internally, it is handled under strict access controls and solely for legitimate platform purposes.

7. Data Sharing and Disclosure

7.1 What We Do NOT Do

Fortify:

Does not sell personal data
Does not rent personal data
Does not trade personal data
Does not participate in data brokerage or resale markets

This is a permanent principle of the Fortify platform.

7.2 Limited Data Sharing

We may share data only in the following circumstances:

With service providers who support infrastructure, hosting, analytics, or security
With wearable platforms as part of user-initiated integrations
When required by law, regulation, or legal process
To protect the rights, safety, or integrity of users or the Platform

All service providers are required to follow confidentiality and data protection obligations.

8. Third-Party Platforms and Wearables

Third-party platforms (e.g., wearable providers) operate independently of Fortify and are governed by their own privacy policies.

Fortify:

Receives only the data you authorize
Does not control how third parties collect or store data
Is not responsible for third-party privacy practices outside the Fortify Platform

You are encouraged to review the privacy policies of any connected third-party service.

9. Data Security

Fortify implements reasonable administrative, technical, and organizational safeguards to protect data, including:

Encryption in transit and at rest
Role-based access controls
Secure authentication mechanisms
Monitoring and logging

No system can guarantee absolute security, but Fortify is committed to continuously improving safeguards as the platform scales.

10. Data Retention

We retain data only as long as necessary to:

Provide the Platform
Comply with legal obligations
Maintain security and audit integrity
Support research and system improvement

Upon account deletion, personal data may be removed or de-identified, subject to legal and operational requirements. Aggregated or anonymized data may be retained.

11. Your Rights and Choices

Depending on your jurisdiction, you may have the right to:

Access your data
Correct inaccurate data
Request deletion
Export your data
Withdraw certain consents

Requests can be made through the Platform or by contacting Fortify directly.

12. Children and Youth Athletes

Fortify may be used by youth athletes under the supervision of a parent, guardian, or organization.

We do not knowingly collect data from children in violation of applicable laws and rely on organizations and guardians to provide appropriate consent where required.

13. Changes to This Privacy Policy

Fortify may update this Privacy Policy from time to time. Updates will be posted on the Platform.

Continued use of the Platform after changes take effect constitutes acceptance of the updated policy.

14. Contact Information

For privacy-related questions or requests, contact:

Fortify
Exsurgo Inc.
support@fortify.fit
20202 Incas Ter.
Ashburn, VA 20147