Skip to content

Privacy Policy

Effective Date: March 4, 2026
Last Updated: March 4, 2026

This Privacy Policy explains how Dakidarts® ("Company," "we," "us," or "our") collects, uses, discloses, and safeguards information when you access or use the Health Fitness API ("Service"), including:

  • the dashboard at https://dashboard.hefitapi.com
  • API endpoints at https://api.hefitapi.com
  • related websites, support communications, billing, and enterprise services

By using the Service, you agree to the collection, use, and sharing of information as described in this Privacy Policy.

1. Information We Collect

Information You Provide Directly

  • Account registration: name, email address, password, organization name
  • Billing information: contact details and payment method metadata (we do not store full credit card numbers — processed securely by third-party providers)
  • API key details: labels/names you assign, user roles (Admin, Developer, Finance)
  • Communications: support tickets, feedback, enterprise inquiries (e.g., concurrency requirements, region preferences, SLA needs)

Information Collected Automatically

  • Usage data: API endpoints requested, timestamps, parameters sent (e.g., age, weight, height — processed ephemerally only), credits consumed, response status
  • Device & network details: IP address, browser type/version, OS, referrer, approximate location (from IP)
  • Security logs: login attempts, API key usage patterns, failed authentication events

Information from Third Parties

  • Payment processors: transaction confirmations
  • Email providers: delivery status and limited engagement metrics (opens/clicks for transactional emails)
  • Analytics tools: anonymized, aggregated usage statistics

Important – Health Data Note
We do not collect, store, or process protected health information (PHI) as defined by HIPAA. All health/fitness parameters (weight, height, age, gender, activity level, etc.) you send are used only ephemerally to generate the response and are not retained, logged as personal records, or used to build profiles. We do not act as a health record system or repository.

2. How We Use Your Information

We use the information to:

  • Provide, authenticate, and improve the Service (accurate calculations, multi-language responses in 8 languages, endpoint performance)
  • Manage accounts, API keys, user roles, credit balances, and billing
  • Process credit top-ups and handle payments
  • Send essential transactional communications (API key creation, billing receipts, quota alerts, password resets)
  • Detect and prevent fraud, abuse, unauthorized access, or service misuse
  • Generate internal, anonymized analytics and aggregated statistics (never linked to identifiable health inputs)
  • Comply with legal obligations and respond to valid legal requests
  • Support enterprise clients (custom deployment planning, SLAs, private regions)

3. How We Share Your Information

We do not sell personal information. We share data only in these limited cases:

  • With service providers (under strict data processing agreements): cloud infrastructure, payment processors, email delivery, support tools, analytics (anonymized)
  • Within your organization: Admins see usage/billing; Finance users see billing only; Developer keys are tied to the parent organization
  • For legal compliance: subpoenas, court orders, regulatory requirements, fraud prevention, rights/safety protection
  • In business transfers: merger, acquisition, or asset sale (with notice where legally required)

4. Data Storage & International Transfers

  • Primary hosting: secure cloud infrastructure in the United States
  • If you access the Service from outside the US, data may be transferred to and processed in the US or other jurisdictions
  • We use appropriate safeguards for international transfers (e.g., Standard Contractual Clauses or equivalent mechanisms where applicable)

5. Data Retention

We keep information only as long as necessary:

  • Account & API key data: while your account is active + a reasonable post-termination period for audit and legal purposes
  • Request logs: short-term (days to weeks) for debugging, abuse detection, billing reconciliation; longer-term only in aggregated, anonymized form
  • Billing/financial records: 7 years (tax and accounting compliance)

After retention periods, data is securely deleted or irreversibly anonymized.

6. Your Rights & Choices

Depending on your location (e.g., GDPR in EEA, CCPA/CPRA in California, or similar laws), you may have rights to:

  • Access, correct, or delete your personal data
  • Opt out of certain processing activities (where applicable)
  • Lodge a complaint with a data protection authority

To exercise these rights, email us at privacy@hefitapi.com. We will respond to verifiable requests in accordance with applicable law.

Developer Responsibility for End-Users
We do not have a direct relationship with your end-users. As the API consumer, you are responsible for:

  • Obtaining lawful consent from individuals before sending their data to our API
  • Providing your own privacy notices and policies to end-users
  • Complying with all applicable privacy and health data laws (GDPR, CCPA, etc.)

7. Security

We use reasonable technical, administrative, and organizational safeguards, including:

  • Encryption in transit (HTTPS/TLS) and at rest (where appropriate)
  • Strict access controls and least-privilege authentication
  • Regular security monitoring, logging, and threat detection
  • Incident response procedures

No internet-based service is 100% secure. We cannot guarantee absolute security.

8. Children’s Privacy

The Service is not directed to children under 16. We do not knowingly collect data from children. If we become aware of such data, we will delete it promptly.

9. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in the Service, legal requirements, or practices. We will post the revised version here and update the “Last Updated” date. For material changes, we may provide additional notice via email or dashboard announcement.

Continued use of the Service after changes constitutes acceptance.

10. Contact Us

For privacy questions, rights requests, or concerns:

Thank you for trusting Health Fitness API to power your health & fitness applications.

Dakidarts® | Health Fitness API
Empowering developers with scalable health intelligence