Effective Date: November 12, 2025
This Privacy Policy explains how Fantasy Invest Inc. (“Recovered”, “we”, “us”, “our”) collects, uses, and shares information when you use the Recovered mobile application and related services (the “Services”).
Recovered provides fitness and recovery guidance for training and sports performance. It does not provide medical advice, diagnosis, or treatment and is not a medical device.

This Policy applies to:

• the Recovered mobile apps;
• any websites and customer support channels that link to this Policy.

Third‑party services (such as Apple App Store, Google Play, Apple Health, and Health Connect) are governed by their own privacy policies and terms.

Fantasy Invest Inc. is the data controller for Personal Data processed under this Policy (unless we state otherwise for a specific region).

• Email: support@recoveredapp.com
• Mailing address: 340 S Lemon Ave 1156, Walnut, CA 91789‑2706, United States
• If local law gives you additional privacy contacts or rights (for example, in the EU/UK), those are in addition to this Policy.

We follow data minimization principles: we collect only what we need to provide and improve the Services and to meet our legal obligations.

We collect:

• email address;
• name or nickname;
• login credentials or account identifiers;
• basic profile information (for example, training goals, experience level, preferred language).

We use this to create and manage your account, provide access to premium features, and communicate with you about the Services.

With your explicit permission, Recovered may read certain Health Data from Apple Health (iOS) and Health Connect (Android). Access is read‑only; we do not write or modify health records in these platforms.
We may access the following categories, depending on what you approve:

Heart Rate Variability (HRV)
What we read: HRV values and HRV history available via Apple Health or Health Connect.
Why we read it:

• to calculate your daily recovery score and readiness indicator;

to build HRV‑based trends over time so you can see how your recovery responds to training, rest, and routines;

• to help indicate whether your body is better prepared for higher intensity or needs more rest.

Resting Heart Rate (RHR)
What we read: resting heart rate values and their history, where exposed by Apple Health or Health Connect.
Why we read it:

• to use RHR together with HRV as an indicator of fatigue, stress load, or potential overreaching;
• to refine and contextualize your recovery score and readiness insights.

Sleep Data
What we read: sleep duration and sleep sessions (such as start/end times and total duration) available in Apple Health or Health Connect.
Why we read it:

• to understand whether reduced recovery may be related to insufficient or inconsistent sleep;
• to display simple trends (for example, recent sleep vs. readiness) and make non‑medical recovery suggestions.

Activity and Training Data
What we read: basic information about activity or workout sessions (for example, presence of a workout, duration, and similar high‑level metrics) where provided by Apple Health or Health Connect.
Why we read it:

• to understand your recent training load at a high level;
• to help explain changes in your recovery score over time (for example, heavy training days vs. rest days).

Menstrual Cycle Data (for users who enable it)
What we read: cycle‑related data such as period days, flow information, and cycle phases, where made available via Apple Health or Health Connect and where you specifically grant permission.
Why we read it:

• to adjust recovery insights and training suggestions in line with your current cycle phase;
• to provide more context around changes in readiness and perceived fatigue throughout the cycle.

Historical Health Data (History Permissions)
What we read: historical records of the above health metrics (HRV, RHR, sleep, and activity), as exposed via Health Connect or Apple Health, over a relevant past period.
Why we read it:

• to compute long‑term readiness and recovery trends, rather than just day‑to‑day noise;
• to allow you to see how your readiness evolves over weeks and months;
• to help identify patterns between routines, training load, and recovery.

Important points about Health Data

• Access to each type of Health Data requires your explicit consent through Apple Health or Health Connect permission prompts.
• You can use some parts of the app without connecting Health Data, but certain features (such as precise recovery scores) may be limited.
• We do not use Health Data for advertising, marketing profiles, insurance decisions, or employment decisions.
• We do not sell Health Data or share it with third parties for their own independent use.

We collect information that you enter directly in the app, such as:

• check‑ins and self‑reported wellbeing;
• notes about training, stress, or lifestyle;
• completion of routines and exercises;
• any feedback, survey answers, or form submissions you choose to provide.

We use this to personalize insights and to show you your own history.

Purchases are processed by Apple and Google. We receive from them only the information needed to manage your access, such as:

• product identifier;
• subscription status (active, expired, in trial);
• renewal and expiration dates;
• transaction or receipt identifiers.

We do not receive or store your full payment card numbers or bank account details.

To keep the app working and improve it, we may collect:

• device information (device model, OS version, language, time zone);
• technical identifiers (such as app instance IDs, but not advertising IDs if not needed);
• IP address and approximate region, for security and service functionality;
• crash logs and diagnostics;
• usage information (for example, which screens are opened, how often key features are used, and general interaction patterns).

We use this to ensure performance, fix bugs, secure the Service, and improve usability.

If you contact us, we collect:

• your contact details;
• the content of your messages;
• any attachments (screenshots, logs you choose to send);
• internal notes we create to resolve your request.

We use this information to provide and improve support.

We collect information:

• Directly from you when you create an account, subscribe, complete check‑ins, use routines, or contact support.
• From connected platforms when you approve access in Apple Health or Health Connect; we then read only the data types you have granted.
• From app stores when they send us entitlement signals and receipts to validate your subscription.
• Automatically from your device and app usage (technical logs, diagnostics, and basic analytics events).

We use Personal Data and Health Data for the following purposes:

• Tailor insights and routines to your preferences, history, and usage patterns.
• Analyze aggregated and de‑identified data to improve algorithms, make features more useful, and understand how users in general interact with the app.

We do not use identifiable Health Data for advertising or to build marketing profiles.

Where privacy laws require a legal basis, we rely on:

• Performance of a contract – to provide and operate the Services you choose to use.
• Legitimate interests – for example, to secure the app, prevent fraud, improve features, and perform basic analytics.
• Consent – for access to Health Data via Apple Health / Health Connect and for certain marketing communications.
• Legal obligations – to comply with laws, regulations, and lawful requests.
• You can withdraw your consent for Health Data access at any time by changing permissions in Apple Health or Health Connect. This does not affect processing already carried out but stops further access.

Because Health Data is particularly sensitive, we make these commitments:

• We only access Health Data after your explicit approval through Apple Health / Health Connect dialogs.
• We use Health Data solely for non‑medical fitness and recovery‑related features.
• We do not sell Health Data.
• We do not use Health Data for targeted advertising or cross‑app behavioral advertising.
• We restrict internal access to Health Data to personnel and systems that need it to operate the Service.
• Where possible, we use Aggregated Data and De‑identified Data to analyze and improve our algorithms, rather than identifiable data.

Local vs Cloud Processing

• Core calculations may be done locally on your device and/or on secure servers we control.
• Raw Health Data generally remains within Apple Health or Health Connect on your device; we read it as needed to compute your recovery metrics.
• In your Recovered account, we may store derived values such as your daily recovery scores, basic trend indicators, and simplified summaries, so that you can see your history within the app.
• These derived values are used only for recovery and readiness features and are not shared for advertising.

We do not sell Personal Data. We share Personal Data only in these situations:

We engage trusted service providers to help us operate the Service (for example, cloud hosting, analytics, crash reporting, customer support tools, email delivery, and security services).
These providers:

• act on our instructions;
• are bound by confidentiality and data protection obligations;
• may not use your information for their own independent purposes.

Apple and Google process your purchases and may collect their own device and transaction data under their policies. We receive only the minimum information needed to confirm your subscription and provide premium access.

We may disclose information if we reasonably believe it is necessary to:

• comply with applicable law or legal process;
• respond to valid requests from public authorities;
• enforce our terms and policies;
• protect the rights, property, or safety of Recovered, our users, or others.

If all or part of our business is involved in a merger, acquisition, reorganization, sale of assets, or bankruptcy, Personal Data may be transferred as part of that transaction, subject to applicable law and, where required, appropriate notice.

Where laws like the CPRA define “sharing” for cross‑context behavioral advertising, we do not share Personal Data, including Health Data, for that purpose.

Recovered is based in the United States, and we may process Personal Data there and in other countries where we or our service providers have operations.
Where required by law, we use appropriate safeguards for international transfers (such as Standard Contractual Clauses) and take steps to ensure that your rights are protected.

We retain Personal Data only for as long as necessary for the purposes described in this Policy, including:

• while your account is active and you use the Services;
• for a limited time afterwards, where required or permitted by law (for example, for accounting, dispute resolution, or security).

Health‑related derived data (such as your recovery scores stored in your account) are retained while your account is active and for a limited additional period, then deleted or irreversibly de‑identified in line with our retention rules.
You may request deletion of your account and associated Personal Data at any time, subject to legal retention requirements.

We implement administrative, technical, and organizational measures designed to protect Personal Data against unauthorized access, disclosure, alteration, and destruction. These include, for example:

• encryption in transit and at rest where appropriate;
• access controls and least‑privilege principles;
• monitoring and logging of critical systems;
• regular review of our security practices.

No system can be guaranteed to be perfectly secure, but we work continuously to protect your information.

You may request access to your Personal Data, ask for it to be corrected, deleted, or exported (where applicable) by contacting support@recoveredapp.com. We will respond within the timeframes required by law.

If you are a California resident, you may have additional rights, including the right to know certain information, to request deletion, and to correct inaccurate data. You also have the right to opt out of sale or “sharing” of Personal Data; we do not sell or share Personal Data as defined in these laws.

If you are in the EEA, UK, Switzerland, or other regions with comparable laws, you may have rights to:

• access, rectification, and erasure;
• restriction of processing;
• data portability;
• object to certain processing based on legitimate interests;
• lodge a complaint with your local supervisory authority.

The Services are not directed to children under 13 years of age (or under 16 where local law requires a higher age). We do not knowingly collect Personal Data from children in these age groups.
If you believe that a child has provided Personal Data to us, please contact us so we can take appropriate steps, such as deletion.

We may update this Policy from time to time. When we make material changes, we will provide appropriate notice, for example via the app, by email, or on our website.
The “Effective Date” at the top shows when this Policy was last updated. Your continued use of the Services after the effective date means that you accept the updated Policy.

If you have questions about this Policy or wish to exercise your privacy rights, you can contact us at:

• Email: support@recoveredapp.com
• Mail: Fantasy Invest Inc., 340 S Lemon Ave 1156, Walnut, CA 91789‑2706, United States