Effective Date: September 9, 2025

Last Updated: September 9, 2025

Introduction

X-Fitt.com ("we," "us," "our," or "X-Fitt") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you visit our website (www.x-fitt.com), make purchases, or interact with us through our services, including our coffee brand, supplements, fitness gear, clothing, and accessories. We operate internationally, with coffee and supplements sold exclusively in the United States and fitness gear, clothing, and accessories sold worldwide.

This policy applies to all users of our website and services, regardless of location, and complies with applicable data protection laws, including but not limited to the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and the California Consumer Privacy Act (CCPA). By using our website or services, you agree to the practices described in this Privacy Policy.

If you have any questions or concerns about this policy, please contact us at:

  • Email: support@x-fitt.com
  • WhatsApp: +1 939 233 5796
  • Postal Address: X-Fitt, 85 Great Portland Street, London, W1W 7LT, United Kingdom

Our company registration number is 16205734.

1. Information We Collect

We collect personal information to provide you with our products and services, improve your experience, and comply with legal obligations. The types of information we collect include:

1.1 Personal Information You Provide

  • Account Creation and Registration: Name, email address, password, and optional information such as phone number or date of birth when you create an account.
  • Purchases and Transactions: Billing and shipping address, payment information (e.g., credit card details, PayPal account), and order history.
  • Contact Information: Information provided when you contact us via email (support@x-fitt.com), WhatsApp (+1 939 233 5796), or other channels, including your name, email, phone number, and inquiry details.
  • Marketing Preferences: Subscription preferences for newsletters, promotional emails, or SMS/WhatsApp marketing messages.
  • Customer Feedback: Information provided through reviews, surveys, or feedback forms.

1.2 Information Collected Automatically

  • Browsing Data: IP address, browser type, device information, operating system, and pages visited on our website, collected via cookies, pixels, and similar technologies.
  • Usage Data: Interactions with our website, such as products viewed, items added to your cart, and time spent on pages.
  • Geolocation Data: Approximate location based on your IP address to tailor content and comply with regional regulations (e.g., restricting coffee and supplement sales to the USA).

1.3 Information from Third Parties

  • Payment Processors: Information from third-party payment providers (e.g., Stripe, PayPal) to process transactions securely.
  • Analytics Providers: Aggregated data from tools like Google Analytics to understand website performance and user behavior.
  • Social Media: Information you share when interacting with us on social media platforms or linking your social media account to our website.

1.4 Special Categories of Data

We do not intentionally collect sensitive personal data (e.g., health, biometric, or religious information) unless explicitly provided by you (e.g., dietary preferences related to supplements). If you provide such data, we will process it only with your explicit consent and for the purpose provided.

2. How We Use Your Information

We use your personal information for the following purposes, based on the legal bases outlined in applicable data protection laws:

  • To Provide Services (Legal Basis: Performance of a Contract):
    • Process and fulfill orders for coffee, supplements, fitness gear, clothing, and accessories.
    • Manage your account and provide customer support via email or WhatsApp.
    • Deliver products to your shipping address and process payments securely.
  • To Improve Our Services (Legal Basis: Legitimate Interests):
    • Analyze website usage to enhance functionality, user experience, and product offerings.
    • Personalize your shopping experience, such as recommending products based on your browsing history.
  • To Communicate with You (Legal Basis: Consent or Legitimate Interests):
    • Send order confirmations, shipping updates, and customer service responses.
    • Provide marketing communications (e.g., newsletters, promotions) if you have opted in.
    • Respond to inquiries submitted via support@x-fitt.com or +1 939 233 5796.
  • To Comply with Legal Obligations (Legal Basis: Legal Obligation):
    • Adhere to tax, customs, and consumer protection regulations in the USA, UK, EU, and other regions where we operate.
    • Restrict sales of coffee and supplements to the USA as per regulatory requirements.
    • Respond to lawful requests from authorities.
  • To Prevent Fraud and Ensure Security (Legal Basis: Legitimate Interests):
    • Detect and prevent fraudulent transactions or unauthorized access to your account.
    • Protect the security of our website and customer data.

3. How We Share Your Information

We may share your personal information with the following parties under strict conditions:

  • Service Providers:
    • Payment processors (e.g., Stripe, PayPal) to process transactions securely.
    • Shipping and logistics partners to deliver your orders.
    • Cloud hosting providers to store data securely.
    • Analytics providers (e.g., Google Analytics) to analyze website performance.
    • Marketing platforms to send promotional emails or SMS/WhatsApp messages (with your consent).
  • Business Partners:
    • For USA customers purchasing coffee or supplements, we may share limited data with regulatory bodies or partners to ensure compliance with FDA or other regulations.
    • For international customers, we may share shipping details with customs or logistics providers to facilitate delivery.
  • Legal Compliance:
    • We may disclose information to comply with legal obligations, such as responding to subpoenas, court orders, or regulatory investigations.
  • Business Transfers:
    • In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, with safeguards to ensure continued protection.

We do not sell or share your personal information for cross-context behavioral advertising (as defined by the CCPA) unless explicitly disclosed and you have not opted out (see Section 7 for California-specific rights).

4. Cookies and Tracking Technologies

We use cookies and similar technologies (e.g., pixels, web beacons) to enhance your experience, analyze website performance, and deliver personalized content. Types of cookies include:

  • Essential Cookies: Necessary for website functionality, such as maintaining your shopping cart or login session.
  • Analytics Cookies: Track website usage to improve performance and user experience.
  • Marketing Cookies: Deliver personalized ads based on your interests (with your consent).

You can manage cookie preferences through your browser settings or our website’s cookie consent tool. Note that disabling essential cookies may affect website functionality.

5. International Data Transfers

As an international business based in the UK, we may transfer your personal information to countries outside the UK or EU, including the USA, for processing (e.g., payment processing, shipping, or cloud storage). We ensure such transfers comply with applicable laws, using mechanisms like:

  • Standard Contractual Clauses (SCCs): For transfers to countries without an adequacy decision from the UK/EU.
  • Adequacy Decisions: Where the receiving country is recognized as providing adequate data protection (e.g., transfers within the EU).
  • Safeguards: Contracts with service providers requiring them to protect your data in accordance with UK/EU standards.

For USA customers, data related to coffee and supplement purchases is processed in compliance with US regulations, including the CCPA.

6. Data Security

We implement robust technical and organizational measures to protect your personal information, including:

  • Encryption of sensitive data (e.g., payment details) during transmission and storage.
  • Secure servers hosted by reputable cloud providers.
  • Regular security audits and vulnerability assessments.
  • Access controls to limit who can view your data within our organization.

Despite these measures, no system is completely secure. If you suspect unauthorized access to your account, contact us immediately at support@x-fitt.com or +1 939 233 5796.

7. Your Rights

Depending on your location, you may have the following rights under applicable data protection laws:

  • Access: Request a copy of the personal information we hold about you.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of your data, subject to legal exceptions (e.g., order records for tax purposes).
  • Restriction: Limit how we process your data in certain circumstances.
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests, including marketing.
  • Withdraw Consent: Withdraw consent for processing (e.g., marketing emails) at any time.

California Residents (CCPA Rights)

If you are a California resident, you have additional rights under the CCPA:

  • Right to Know: Request details about the personal information we collect, use, or share.
  • Right to Delete: Request deletion of your personal information, subject to exceptions.
  • Right to Opt-Out: Opt out of the sale or sharing of your personal information for marketing purposes.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise your rights, contact us at support@x-fitt.com or +1 939 233 5796. We will respond within the timeframes required by law (e.g., 30 days for GDPR, 45 days for CCPA).

8. Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this policy or as required by law:

  • Account Data: Retained while your account is active and for up to 7 years after account closure to comply with tax and legal obligations.
  • Order Data: Retained for 7 years to comply with tax, customs, and consumer protection laws.
  • Marketing Data: Retained until you unsubscribe or withdraw consent.
  • Browsing Data: Retained for up to 2 years for analytics purposes, unless you request deletion.

After the retention period, we securely delete or anonymize your data.

9. Children’s Privacy

Our website and services are not intended for children under 16. We do not knowingly collect personal information from children under 16 without parental consent. If you believe we have collected such information, contact us at support@x-fitt.com, and we will take steps to delete it.

10. Third-Party Links

Our website may contain links to third-party websites (e.g., payment processors, social media platforms). We are not responsible for the privacy practices of these websites. Please review their privacy policies before providing personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes by posting a notice on our website or contacting you directly (e.g., via email). Your continued use of our website or services after the effective date constitutes acceptance of the updated policy.

12. Contact Us

For questions, concerns, or to exercise your data protection rights, please contact us at:

  • Email: support@x-fitt.com
  • WhatsApp: +1 939 233 5796
  • Postal Address: X-Fitt, 85 Great Portland Street, London, W1W 7LT, United Kingdom

If you are in the UK or EU and believe we have not resolved your concern, you have the right to lodge a complaint with a supervisory authority, such as the UK Information Commissioner’s Office (ICO) at www.ico.org.uk or your local EU data protection authority.

13. Additional Information for California Residents

In addition to the rights outlined in Section 7, California residents can request a “Notice at Collection” detailing the categories of personal information we collect and the purposes for which they are used. To request this notice or exercise your CCPA rights, contact us at support@x-fitt.com.

We do not knowingly sell or share personal information of consumers under 16 without affirmative authorization.