Back to LifeForm Website

 

Effective Date:   22 May 2025
Last Updated:     26 February 2026

1. Who We Are

 

LifeForm is operated by LifeForm App (Pty) Ltd, a private limited company registered in the Republic of South Africa.

Company Name:

LifeForm App (Pty) Ltd

Registration Number:

2025 / 414612 / 07

Registered Address:

 

Unit 63 Ambleside,

56 Ballyclare Drive,

Bryanston,

Johannesburg,

Gauteng, 2021

South Africa

Contact:

help@lifeformapp.io

LifeForm App (Pty) Ltd is the data controller for the purposes of the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the Protection of Personal Information Act, 2013 ("POPIA"), and other applicable data protection laws, except where LifeForm acts as a data processor as described below.

 

This Privacy Policy applies to all LifeForm products and services, including but not limited to the LifeForm mobile applications, websites, corporate wellness programmes ("LifeForm Collective"), and individual subscription services ("LifeForm Solo").

 

 

 

LifeForm Solo (Individual Services)

 

Where users register independently and subscribe to LifeForm directly, LifeForm App (Pty) Ltd acts as the data controller and is responsible for determining the purposes and means of processing personal data.

 

LifeForm Collective (Corporate Wellness Programmes)

 

Where LifeForm is provided through an employer or another organisation (a "Corporate Customer") for the purpose of administering a wellness challenge or programme, the Corporate Customer typically acts as the data controller, and LifeForm App (Pty) Ltd acts as a data processor on behalf of the Corporate Customer.

 

In such cases, LifeForm processes personal data strictly in accordance with the Corporate Customer’s instructions and applicable contractual agreements, including Master Services Agreements (MSAs) and Data Processing Agreements (DPAs).

 

The Corporate Customer’s own privacy policies may also apply to participants.

 

Huawei AppGallery Distribution Disclosure

 

The Huawei AppGallery version of LifeForm is currently distributed via a developer account registered under Dino Jose Batista for application distribution purposes.

 

LifeForm App (Pty) Ltd remains the legal entity responsible for the operation of the LifeForm platform and for the processing and protection of personal data in accordance with this Privacy Policy and applicable data protection laws.

 

2. Who Can Use LifeForm

 

LifeForm is intended for use only by individuals aged 18 years or older. By registering for or using LifeForm, you confirm that you are at least 18 years of age and have the legal capacity to enter into binding agreements and consent to the processing of your personal data in accordance with this Privacy Policy.

 

LifeForm services may be accessed either directly by individual users ("LifeForm Solo") or through participation in corporate wellness programmes provided by an employer or organisation ("LifeForm Collective"). Where LifeForm is provided through a Corporate Customer, eligibility to participate may be subject to the Corporate Customer’s own policies, eligibility criteria, and applicable laws.

 

LifeForm does not knowingly collect personal data from individuals under the age of 18. If we become aware that personal data has been collected from an individual under 18 without valid legal consent, we will take reasonable steps to delete such information as soon as practicable.

 

If you are a parent or legal guardian and believe that a minor has provided personal data to LifeForm, please contact us immediately at help@lifeformapp.io so that we may investigate and take appropriate action.

 

LifeForm services are intended only for lawful use and in accordance with applicable laws and corporate programme requirements.

 

 

3. What Data We Collect

 

We collect the following categories of personal data, either directly from you, from your use of the LifeForm platform, from Corporate Customers where applicable, or through third-party integrations that you choose to connect and authorise.

 

A. Personal Information

 

·       Name

·       Email address

·       Profile photo (optional)

·       Account and login credentials

·       Year of birth (optional, provided voluntarily by the user)

·       Gender (optional, provided voluntarily by the user)

·       Corporate programme identifiers (such as employee ID, participant ID, team, or organisation, where applicable)

 

This information is used to create and manage your LifeForm account, enable participation in LifeForm services, and support programme administration where applicable.

Year of birth and gender are optional and may be provided voluntarily to support personalisation features and demographic reporting within LifeForm services and corporate wellness programmes.

 

B. Health & Wellness Data

 

Depending on your device, connected integrations, and permissions granted, LifeForm may collect the following activity-related data:

 

·       Steps walked

·       Distance travelled

·       Activities and workout types

·       Calories burned

·       Floors climbed

·       Mood and wellness check-ins (where voluntarily provided by the user)

This data is collected solely to enable LifeForm functionality, including challenge participation, progress tracking, wellness insights, leaderboard rankings, and related platform features.

LifeForm only accesses activity data that you explicitly authorise through connected health platforms or devices. LifeForm does not access or collect medical records, diagnostic data, clinical health information, or biometric health measurements such as heart rate, blood pressure, sleep data, or medical conditions.

LifeForm does not write health data back to third-party health platforms.

 

C. Corporate Programme Data (LifeForm Collective)

 

Where you participate in a corporate wellness programme provided by a Corporate Customer, LifeForm may collect additional information required for programme administration, including:

 

·       Organisation name

·       Department, office, campus, branch or team (where required for programme configuration)

·       Country, region, or city (where required for programme configuration)

·       Team assignments and challenge participation data

·       Leaderboard rankings, challenge progress, and performance summaries

 

This information is used solely for programme administration, participation features, and reporting to the Corporate Customer in accordance with applicable contractual agreements and privacy protections.

 

 

D. Device & Usage Data

 

LifeForm may automatically collect certain technical and usage information necessary for platform operation and security, including:

 

·       Mobile device type and operating system

·       App version

·       Session identifiers

·       App usage metrics and interaction data

·       Time zone

This information is used for system functionality, performance optimisation, fraud prevention, platform security, and service improvement.

LifeForm does not collect precise GPS location.

 

E. Derived and Calculated Data

LifeForm may generate derived data based on the information collected, including:

• Challenge progress and leaderboard rankings
• Activity summaries and performance insights
• Achievement status and participation metrics
• Calculated activity equivalents and progress indicators

 

This derived data is used solely to provide LifeForm services and improve platform functionality and user experience.

 

4. How We Collect Your Data

 

LifeForm collects personal data through the following methods:

 

·       When you create a LifeForm account or register to use the platform

·       When you voluntarily provide information within the app (such as mood check-ins or profile information)

·       When you participate in a corporate wellness programme provided by a Corporate Customer

·       When you connect or authorise third-party health platforms or devices

·       When you interact with the LifeForm platform, which may automatically generate usage and technical data

 

You remain in control of the permissions you grant. You may enable or disable access to third-party integrations at any time through your device settings, connected health platform settings, or LifeForm app settings.

 

Granting access to health platform data is optional. However, certain features may be limited if access is not granted.

 

 

 

Apple Health / HealthKit Integration

 

LifeForm integrates with Apple Health to enable participation in wellness challenges and related features.

 

With your explicit permission, LifeForm may request read-only access to activity-related data such as:

 

·       Steps walked

·       Distance travelled

·       Calories burned

·       Floors climbed

·       Activity and workout data

 

LifeForm does not write data to Apple Health.

LifeForm does not access or collect health data without your explicit authorisation.

LifeForm does not sell, share, or use Apple Health data for advertising or marketing purposes.

Apple Health data is used solely to support LifeForm functionality, including challenge participation, progress tracking, and wellness insights.

You may revoke access at any time through your Apple Health settings.

 

 

 

 

Health Connect Integration (Android)

LifeForm integrates with Health Connect to enable participation in wellness challenges and related platform features.

Health Connect allows LifeForm to access activity-related data from supported devices and health platforms, subject to your explicit permission.

LifeForm only accesses data that you explicitly authorise through Health Connect and does not access data without your permission.

 

a. Collection and Usage of Health Data:

 

With your explicit permission, LifeForm may request read-only access to the following activity-related data from Health Connect:

 

·       Steps walked

·       Distance travelled

·       Calories burned

·       Floors climbed

·       Activity and workout data

 

This data is used solely to support LifeForm functionality, including challenge participation, progress tracking, and wellness insights.

LifeForm does not write data to Health Connect.

LifeForm does not access medical records, diagnostic information, heart rate, sleep data, or other biometric health data.

b. Purpose of Health Data Access:

 

 

Health Connect data is used exclusively to:

 

·       Track participation in LifeForm challenges

·       Calculate challenge progress and leaderboard rankings

·       Provide activity summaries and performance insights

·       Ensure fair and accurate challenge participation

 

 

This data is not used for advertising, profiling unrelated to LifeForm services, or commercial resale.

 

 

c. User Consent and Control:

 

Access to Health Connect data is entirely optional.

You have full control over which data types LifeForm can access and may grant, limit, or revoke permissions at any time through your device settings or Health Connect settings.

Revoking access may limit the availability or functionality of certain LifeForm features.

d. Security Measures:

LifeForm implements appropriate technical and organisational safeguards to protect Health Connect data, including encryption in transit and at rest, access controls, and secure cloud infrastructure hosted on Microsoft Azure.

These safeguards are designed to prevent unauthorised access, disclosure, alteration, or loss of personal data.

e. Data Retention:

LifeForm retains Health Connect data only for as long as necessary to provide LifeForm services and comply with applicable legal obligations.

You may request deletion of your data at any time through the app’s account deletion feature or by contacting help@lifeformapp.io.

f. Third-Party Services:

LifeForm does not sell, trade, or share Health Connect data with advertisers or third parties for marketing purposes.

Health Connect data is used solely to provide LifeForm services.

 

 

Huawei Health  Integration

 

 

LifeForm integrates with Huawei Health to enable participation in wellness challenges and related platform features.

With your explicit permission, LifeForm may access activity-related data from Huawei Health.

LifeForm only accesses data that you explicitly authorise and does not access data without your consent.

a. Collection and Usage of Health Data:

 

With your explicit permission, LifeForm may request read-only access to the following activity-related data from Huawei Health:

 

·       Steps walked

·       Distance travelled

·       Calories burned

·       Floors climbed

·       Activity and workout data

 

This data is used solely to support LifeForm functionality, including challenge participation, progress tracking, and wellness insights.

LifeForm does not write data to Huawei Health.

LifeForm does not access medical records, diagnostic information, heart rate, sleep data, or other biometric health data.

b. Purpose of Health Data Access:

 

 

Huawei Health data is used exclusively to:

 

·       Track participation in LifeForm challenges

·       Calculate challenge progress and leaderboard rankings

·       Provide activity summaries and performance insights

·       Ensure fair and accurate challenge participation

 

 

This data is not used for advertising, profiling unrelated to LifeForm services, or commercial resale.

c. User Consent and Control:

 

Access to Huawei Health data is entirely optional.

You have full control over which data types LifeForm can access and may grant, limit, or revoke permissions at any time through your device settings or Huawei Health settings.

Revoking access may limit the availability or functionality of certain LifeForm features.

d. Security Measures:

LifeForm implements appropriate technical and organisational safeguards to protect Huawei Health data, including encryption in transit and at rest, access controls, and secure cloud infrastructure hosted on Microsoft Azure.

These safeguards are designed to prevent unauthorised access, disclosure, alteration, or loss of personal data.

e. Data Retention:

LifeForm retains Huawei Health data only for as long as necessary to provide LifeForm services and comply with applicable legal obligations.

You may request deletion of your data at any time through the app’s account deletion feature or by contacting help@lifeformapp.io.

f. Third-Party Services:

LifeForm does not sell, trade, or share Huawei Health data with advertisers or third parties for marketing purposes.

Huawei Health data is used solely to provide LifeForm services.

g. Important notice of cross border data transfer:

 

If you reside outside the European Union and choose to connect Huawei Health to LifeForm, your data may be transferred to secure Microsoft Azure servers located in the European Union and processed in accordance with applicable data protection laws, including GDPR.

 

 

 

 

Fitbit Integration

 

 

LifeForm integrates with Fitbit to support participation in wellness challenges and platform features.

 

With your explicit permission, LifeForm may request read-only access to activity-related data such as:

 

·       Steps walked

·       Distance travelled

·       Calories burned

·       Floors climbed

·       Activity and workout data

 

LifeForm does not write data to your Fitbit account.

LifeForm does not sell or share Fitbit data with third parties.

Fitbit data is used solely to support LifeForm functionality.

You may revoke access at any time through your Fitbit account settings.

 

 

Garmin Integration

 

 

LifeForm integrates with Garmin to support participation in wellness challenges and platform features.

 

With your explicit permission, LifeForm may request read-only access to activity-related data such as:

 

·       Steps walked

·       Distance travelled

·       Calories burned

·       Floors climbed

·       Activity and workout data

 

LifeForm does not write data to your Garmin account.

LifeForm does not sell or share Garmin data with third parties.

Garmin data is used solely to support LifeForm functionality.

You may revoke access at any time through your Garmin account settings.

 

5. Why We Collect Your Data

LifeForm collects and uses your data solely to operate, maintain, and improve the LifeForm platform and to deliver wellness services to individual users and corporate challenge participants.

Specifically, we use your data for the following purposes:

 

 

A. To Provide Core App Functionality

 

We use your data to:

 

·       Track and display your activity progress, including steps walked, distance travelled, and related wellness metrics

·       Enable participation in LifeForm Collective corporate challenges and LifeForm Solo individual wellness programs

·       Calculate challenge rankings, points, achievements, badges, and leaderboards

·       Convert activity data into challenge progress metrics, step equivalents, or wellness scores where applicable

·       Maintain your user account, profile, and preferences

 

 

 

B. To Deliver Wellness Features and Personalised Insights

 

We use your data to:

 

·       Provide wellness summaries, progress visualisations, and trend analysis based on your recorded activity

·       Generate optional AI-assisted trend insights based on anonymised and aggregated activity patterns (for example, average step counts over a defined number of days)

·       Enable optional mood check-ins and personal wellness tracking

·       Improve the relevance and effectiveness of wellness features

 

 

AI-assisted insights are generated using anonymised or aggregated data patterns. No personally identifiable information (such as your name, email address, or identifiable account details) is shared with AI systems when generating these insights.

 

AI-generated outputs are informational only and do not constitute medical advice.

 

 

 

C. To Enable Corporate Wellness Programs (LifeForm Collective)

 

If you participate in a corporate challenge sponsored by your employer or organisation:

 

·       Your activity data is used to calculate individual and team challenge results

·       Your name, profile image, activity totals, and rankings may be visible to other participants within your organisation’s challenge environment

·       Challenge organisers may receive access to participant activity metrics and reports relevant to the challenge

 

Challenge organisers receive only the information necessary to administer and evaluate the challenge.

LifeForm does not share personal health data with employers for employment, insurance, or medical decision-making purposes.

Where possible, LifeForm provides aggregated or de-identified reporting to corporate partners.

 

 

D. To Maintain Platform Security, Integrity, and Fairness

 

We use your data to:

 

·       Detect, investigate, and prevent fraud, abuse, cheating, or manipulation of challenge results

·       Ensure fair and accurate leaderboard rankings and challenge outcomes

·       Protect the security and integrity of the platform

·       Protect the security and integrity of the platform

 

 

 

E. To Operate, Improve, and Maintain the Platform

 

We use your data to:

 

·       Maintain and operate LifeForm services

·       Troubleshoot technical issues and resolve bugs

·       Improve system performance, reliability, and user experience

·       Develop new features and wellness tools

·       Conduct internal analytics to improve platform functionality

 

 

Where possible, this analysis uses aggregated or de-identified data.

 

 

 

F. To Communicate With You

 

We use your data to:

 

·       Send important account notifications

·       Provide challenge-related communications

·       Deliver support responses and technical notices

·       Inform you of platform updates, changes, or important information

 

 

We do not send third-party advertising or sell your personal data.

 

 

 

G. Legal and Compliance Purposes

 

We may use your data where necessary to:

 

·       Comply with applicable laws, regulations, and legal obligations

·       Respond to lawful requests from regulators or authorities

·       Enforce legal rights, contracts, and policies

·       Protect the safety, rights, and security of LifeForm, its users, and partners

 

 

 

Explicit Non-Commercialisation Commitment

LifeForm does not sell your personal data.

LifeForm does not use your personal health data for advertising purposes.

LifeForm does not share personal health data with third parties for commercial marketing, profiling, or advertising.

Your health and activity data is used solely to provide LifeForm services.

 

 

Medical and AI Disclaimer

LifeForm is a wellness platform and is not a medical provider.

LifeForm does not provide medical advice, diagnosis, or treatment.

Any information provided through LifeForm — including activity metrics, wellness insights, AI-generated feedback, exercise recommendations, meditation content, or wellness scores — is provided for general informational and wellness purposes only.

You should always consult a qualified healthcare professional before making medical decisions or beginning any health, fitness, or wellness program.

This applies to both LifeForm Collective participants and LifeForm Solo subscribers.

 

 

6. Legal Bases for Processing (GDPR and Global Equivalents)

 

LifeForm processes personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the Protection of Personal Information Act, 2013 ("POPIA"), and other applicable data protection legislation.

 

We rely on the following lawful bases to collect and process personal data:

 

 

 

A. Consent

 

Where required by law, we rely on your explicit consent to process certain categories of data, including activity-related and wellness data accessed through third-party health integrations.

 

You provide consent by:

 

·       Creating an account and agreeing to our Terms and Privacy Policy

·       Granting in-app permissions

·       Authorising device or third-party health platform

 

You may withdraw consent at any time by revoking permissions through your device settings or LifeForm settings. Withdrawal of consent may limit certain platform functionality.

Where activity-related data qualifies as special category personal data under GDPR (such as health-related information), we rely on your explicit consent under Article 9(2)(a) GDPR for processing.

 

 

B. Contractual Necessity

 

 

We process personal data where necessary to:

 

·       Provide LifeForm services

·       Deliver LifeForm Solo subscriptions

·       Administer LifeForm Collective corporate wellness programs

·       Calculate challenge participation, rankings, and performance metrics

·       Maintain user accounts and platform functionality

 

 

Without processing this data, we would be unable to deliver the services you request.

 

 

C. Legitimate Interests

 

 

We may process certain data based on our legitimate interests, provided such interests are not overridden by your rights and freedoms. These legitimate interests include:

 

·       Improving platform performance and user experience

·       Conducting internal analytics

·       Preventing fraud, abuse, or cheating

·       Ensuring system security and platform integrity

·       Developing new features and enhancements

 

Where we rely on legitimate interests, we conduct appropriate balancing assessments as required under applicable law.

 

 

 

D. Legal Obligations

 

 

We may process personal data where necessary to comply with legal and regulatory obligations, including:

 

·       Responding to lawful requests from authorities

·       Complying with financial, tax, or regulatory requirements

·       Enforcing contractual rights

 

 

E. Corporate Wellness Programs (Processor Role)

 

Where LifeForm is provided through a Corporate Customer (LifeForm Collective), the Corporate Customer typically acts as the data controller.

In such cases, LifeForm processes personal data on behalf of the Corporate Customer and in accordance with contractual agreements, including Master Services Agreements (MSAs) and Data Processing Agreements (DPAs).

The lawful basis for processing in these cases is determined by the Corporate Customer.

 

F. Global Equivalents

 

For users outside the European Union, LifeForm processes personal data in accordance with equivalent lawful grounds under applicable data protection laws, including POPIA and other relevant legislation.

 

7. AI Features and Automated Processing

LifeForm may offer features that use automated systems, analytics, or artificial intelligence ("AI") to generate insights, summaries, recommendations, scores, translations, or messages based on your activity, wellness, and usage data. These features are designed to support wellness tracking, improve engagement, and enhance your overall experience.

Examples of AI-supported or automated processing may include, but are not limited to:

·       Progress insights and trend summaries based on completely anonymous data – no personal information or identifiable parameters are used to calculate trends.

·       Wellness recommendations and suggestions – for example, a brisk walk around the block will help you to reach your target

·       Goal suggestions and performance feedback – for example, a brisk walk around the block will help you to reach your target

 

Purpose and nature of automated processing

 

These automated processes are used solely to support the operation and improvement of LifeForm’s services. They help provide relevant insights, personalize your experience, and enable wellness programme functionality.

Automated processing performed by LifeForm does not produce legal effects or similarly significant decisions affecting your legal rights, employment status, healthcare, insurance eligibility, or financial standing.

Automated outputs are informational in nature and are not intended to replace professional medical advice, diagnosis, or treatment.

 

No sale of data and no training of external AI models

 

LifeForm does not sell your personal data or health-related data.

LifeForm does not use your personal data or health-related data to train public, shared, or external AI models.

Your data remains under LifeForm’s control at all times.

 

Human oversight and safeguards

 

Where appropriate, LifeForm may review automated outputs internally to:

·       Improve Accuracy

·       Improve safety and reliability

·       Detect technical errors or anomalies

·       Improve overall system performance

 

Such reviews are conducted under strict access controls, confidentiality obligations, and security safeguards.

LifeForm does not use automated processing to make decisions that would significantly affect you without appropriate safeguards.

 

Your control and choices

 

You retain control over your data and integrations. You may:

• Disconnect health platform integrations at any time

·       Modify your data permissions through your device or app settings

·       Delete your account and associated personal data

·       Contact LifeForm to request access, correction, or deletion of your data

 

Where applicable, LifeForm will honour your legal rights regarding automated processing in accordance with GDPR, POPIA, and other applicable laws.

 

Medical and informational disclaimer

 

LifeForm is a wellness platform and not a medical service.

AI-generated insights, summaries, recommendations, scores, translations, or wellness feedback are provided for informational and general wellness purposes only. They are not medical advice and should not be relied upon as a substitute for professional medical advice, diagnosis, or treatment.

You should consult a qualified healthcare provider before making medical or health-related decisions.

 

8. Where We Store Data

LifeForm securely stores personal data using trusted cloud infrastructure providers that implement industry-standard security safeguards.

Primary data storage is hosted on:

Microsoft Azure – West Europe (Netherlands) data centre

This location was selected to provide strong data protection standards and compliance with the General Data Protection Regulation (GDPR).

LifeForm implements multiple layers of security to protect your data, including:

 

 

Encryption at rest

 

All databases and storage systems are encrypted using strong encryption standards, including AES-256 encryption and Transparent Data Encryption (TDE), to protect stored data from unauthorized access.

 

 

 

Encryption in transit

 

All data transmitted between your device and LifeForm servers is encrypted using secure Transport Layer Security (TLS) protocols (TLS 1.2 or higher), helping protect your data from interception during transmission.

 

 

 

Security Infrastructure Controls

 

LifeForm relies on secure cloud infrastructure environments with access controls, authentication safeguards, network protection, and monitoring designed to protect the confidentiality, integrity, and availability of your data.

 

 

 

Access Controls

Access to personal data is restricted to authorized personnel and service providers who require access to perform legitimate operational, security, or support functions, and who are subject to confidentiality obligations.

LifeForm takes reasonable technical and organizational measures designed to protect your personal data against unauthorized access, loss, misuse, alteration, or disclosure.

9. Data Security and Device Protection

 

LifeForm is designed to minimise the storage of personal data on user devices.

 

LifeForm does not store sensitive personal data persistently on a user’s device. All personal data is securely stored within LifeForm’s controlled systems and cloud infrastructure.

 

Information displayed within the application is retrieved in real time from LifeForm servers using secure OAuth 2.0 Bearer Token authentication mechanisms over encrypted connections.

 

If unauthorised access is gained to a user’s device, locally stored application data does not contain sensitive personal data, as such information is not stored persistently on the device.

 

LifeForm implements appropriate technical and organisational security measures to protect personal data against unauthorised access, loss, misuse, or alteration.

 

10. Data Sharing and Integrations

 

 

Third-party integrations you choose to connect

If you choose to connect LifeForm with third-party health or wearable platforms, such as:

·       Apple Health / Apple HealthKit

·       Google Health Connect

·       Fitbit

·       Garmin

·       Huawei Health

·       Whoop (via connected health platforms)

·       Other supported integrations

 

LifeForm may receive data from those platforms based on the permissions you grant.

LifeForm does not control how those third-party platforms process your data. Their own privacy policies apply to their processing activities.

You may disconnect integrations at any time through your device or LifeForm settings.

 

Legal and regulatory disclosures

LifeForm may disclose personal data where required to:

·       Comply with applicable laws, regulations, or legal processes

·       Respond to lawful requests from public authorities

·       Protect LifeForm’s legal rights

·       Prevent fraud, abuse, or security threats

·       Enforce LifeForm’s legal agreements

 

 

 

No sale of personal data

LifeForm does not sell, rent, or trade personal data or health-related data to advertisers, data brokers, or unrelated third parties.

 

 

Third-Party Access and Consultants

LifeForm does not engage external consultants, contractors, or third-party service providers to access, analyse, or process personal data outside of its secure service infrastructure.

Personal data is managed internally by LifeForm personnel and is hosted within LifeForm’s designated cloud infrastructure providers.

No personal data is shared with external consultants, marketing agencies, analytics firms, or other third-party organisations for commercial purposes.

 

 

11. Payments & Purchases

LifeForm does not collect, process, or store your full credit card number, banking credentials, or other sensitive financial payment information when purchases are made through the LifeForm app.

Payment processing is handled by secure, authorized third-party payment providers, and LifeForm receives only limited transaction information necessary to operate and manage its services.

 

Individual subscriptions and in-app purchases (LifeForm Solo)

For individual users subscribing to LifeForm services ("LifeForm Solo"), payments are processed securely through authorized app distribution platforms, including:

 

·       Apple App Store

·       Google Play Store

·       Huawei AppGallery

·       Other authorised app marketplaces where LifeForm is made available

 

These platform providers act as independent data controllers for payment transactions. LifeForm does not receive or have access to your full payment card number, bank account details, or payment authentication credentials.

Payment processing, billing management, refunds, and payment security are governed by the respective privacy policies and terms of the applicable platform provider.

 

Subscription and transaction metadata

LifeForm (Solo) may receive limited, non-sensitive transaction metadata from payment providers for operational purposes. This may include:

 

·       Subscription status

·       Subscription activation and expiration dates

·       Transaction identifier

·       Product or subscription type

·       Purchase confirmation status

 

 

This information is used solely to:

 

·       Activate and manage your access to LifeForm services

·       Verify purchases and subscription validity

·       Provide customer support

·       Maintain service functionality

·       Prevent fraud, abuse, or unauthorised access

 

LifeForm does not use this information for advertising or unrelated commercial purposes.

 

Corporate wellness programmes (LifeForm Collective – participant access)

If you participate in a corporate wellness programme, challenge, or service sponsored by your employer or another organization ("LifeForm Collective"):

 

·       Your access to LifeForm services may be provided and paid for by that organisation

·       You are not required to provide payment information directly to LifeForm to participate

·       LifeForm does not collect or process personal financial or payment information from individual participants in corporate-sponsored programmes

 

Corporate customers are responsible for payment arrangements under separate contractual agreements with LifeForm.

 

Corporate customer billing and payment information (organizational customers)

For organizations that purchase LifeForm services directly, LifeForm may collect and process business contact and billing information necessary to manage contractual relationships and provide services.

 

This may include:

 

·       Organization name

·       Billing contact name

·       Billing contact email address

·       Billing address

·       Invoice and transaction records

·       Payment status and billing history

·       Applicable tax or regulatory billing information

 

 

This information is used solely for legitimate business purposes, including:

• Contract administration
• Billing and invoicing
• Financial recordkeeping and auditing
• Customer support
• Legal, tax, and regulatory compliance

 

LifeForm does not collect or store corporate customers’ banking passwords, payment authentication credentials, or full payment card numbers unless processed through secure, authorized payment processors.

Corporate billing information is handled in accordance with applicable data protection laws and appropriate security safeguards.

 

Payment provider responsibility

Third-party payment providers, including Apple, Google, and Huawei, are responsible for:

·       Payment processing

·       Payment security

·       Fraud prevention

·       Billing management

·       Refund processing

·       Payment disputes handling

 

 

LifeForm is not responsible for payment processing errors, billing disputes, or refund requests handled by third-party payment providers.

Users should contact the relevant platform provider directly for payment-related assistance.

 

No storage of sensitive financial information

LifeForm does not store:

·       Credit card numbers

·       Bank account credentials

·       Payment authentication credentials

·       Payment security codes

 

All financial transactions are processed securely by authorized third-party payment providers.

 

Legal basis for processing payment-related data

LifeForm processes limited payment-related metadata based on:

• Contractual necessity, to provide access to subscribed services

·       Legitimate business interests, including fraud prevention and service integrity

·       Legal obligations, including financial recordkeeping and regulatory compliance

 

 

 

12. International Data Transfers

LifeForm operates globally. Your personal data may be transferred to, stored, and processed in countries outside your country of residence, including the European Union (EU), where our primary cloud infrastructure is hosted.

All LifeForm user data is securely stored and processed using Microsoft Azure servers located in the Europe West (Netherlands) region.

If you access LifeForm from outside the European Union, your information may be transferred to and processed in the EU. These transfers are necessary to provide the LifeForm platform and its services.

We implement appropriate safeguards to protect your personal data in accordance with applicable data protection laws, including:

•       Compliance with the General Data Protection Regulation (GDPR)

•       Encryption of data in transit and at rest

•       Contractual data protection obligations with service providers

•       Access controls and security safeguards to prevent unauthorized access

Where required by applicable law, we rely on approved legal mechanisms for international data transfers, such as Standard Contractual Clauses (SCCs) or equivalent safeguards.

By using LifeForm, you acknowledge that your information may be transferred to and processed in jurisdictions that may have different data protection laws than your country of residence. Regardless of location, LifeForm applies GDPR-level protections to all users.

 

 

13. Data Retention

LifeForm retains personal data only for as long as necessary to provide our services, fulfill contractual obligations, comply with legal requirements, and maintain the security and integrity of our platform.

Retention periods vary depending on the type of data and how it is used.

Account Data

We retain your account information for as long as your account remains active. If you delete your account, your personal data will be securely deleted or anonymized within 30 days, except where retention is required by law or for legitimate business purposes.

Health and Activity Data

Health and activity data (such as steps, distance, and activity records) is retained while your account is active to provide historical progress, analytics, and challenge participation features. Upon account deletion, this data is permanently deleted or anonymized within 30 days, except where required for legal compliance or dispute resolution.

Corporate Challenge Data (LifeForm Collective)

If you participate in a corporate wellness challenge, certain participation records may be retained for a limited period after the challenge ends to:

•       Provide final reports to the organizing company

•       Resolve disputes or support inquiries

•       Maintain platform integrity and fraud prevention

Where possible, reports provided to organizations use aggregated and de-identified data.

Payment and Subscription Data

LifeForm does not store full payment details. Subscription and purchase metadata may be retained as required for financial reporting, fraud prevention, legal compliance, and accounting purposes.

System Logs and Security Data

We retain technical logs, security records, and system diagnostics for a limited period to maintain platform performance, detect abuse, and protect against unauthorized access.

Legal and Compliance Requirements

Certain data may be retained longer where required by applicable laws, tax regulations, dispute resolution, or enforcement of our agreements.

 

 

14. Security Measures

LifeForm implements appropriate technical, organizational, and administrative safeguards designed to protect personal data against unauthorized access, disclosure, alteration, loss, or destruction.

These safeguards include, but are not limited to, the following:

Encryption and Data Protection

•       AES-256 encryption for data stored within our systems

•       Transparent Data Encryption (TDE) for SQL Server databases

•       Transport Layer Security (TLS) 1.3 for data transmitted between devices, applications, and servers

•       Encryption of sensitive data both in transit and at rest

Secure Infrastructure

LifeForm is hosted on Microsoft Azure cloud infrastructure located in the Netherlands (European Union), which provides enterprise-grade physical, technical, and operational security safeguards, including:

•       Secure data centres with physical access controls

•       Network firewalls and intrusion detection systems

•       Continuous monitoring and threat protection

•       Redundant systems to support availability and resilience

Access Controls and Internal Safeguards

•       Role-based access controls to limit access to personal data

•       Access granted only to authorized personnel and service providers with legitimate business need

•       Confidentiality obligations for employees, contractors, and service providers

•       Secure authentication and credential management practices

Operational Security Practices

•       Regular security monitoring, logging, and auditing

•       Security updates, patches, and vulnerability management

•       Secure software development practices

•       Data minimization principles to limit unnecessary collection or access

Third-Party Service Providers

Where LifeForm uses third-party service providers (such as cloud hosting, analytics, or AI processing providers), those providers are contractually required to implement appropriate security safeguards and protect personal data in accordance with applicable privacy and data protection laws.

Incident Response

LifeForm maintains procedures to detect, investigate, and respond to security incidents. Where required by law, we will notify affected users and relevant authorities of data breaches in accordance with applicable legal requirements.

Limitation of Security

While we implement strong safeguards, no method of transmission or storage is completely secure. Users are responsible for maintaining the confidentiality of their account credentials and protecting access to their devices.

 

15. Your Rights and Choices

Depending on your location and applicable law, you may have certain rights regarding your personal data. LifeForm respects these rights and provides mechanisms to exercise them.

You have the right to:

Access

Request access to the personal data we hold about you, including information about how it is used and shared.

 

Correction

Request correction of inaccurate, incomplete, or outdated personal data.

 

Deletion

Request deletion of your personal data, subject to certain legal or contractual obligations that may require limited retention.

You may delete your LifeForm account at any time directly within the app (via the Account or Settings menu) or by contacting us at help@lifeformapp.io. Once deletion is confirmed, your personal data will be permanently deleted within 30 days, except where retention is required by law.

 

Withdraw Consent

Withdraw consent for specific data processing activities at any time. This may include disconnecting third-party health integrations or disabling optional features. Withdrawal of consent does not affect processing already performed.

 

Restriction of Processing

Request that we restrict the processing of your personal data in certain circumstances, such as where you contest its accuracy.

 

 

Object to Processing

Object to certain types of data processing where permitted by applicable law.

 

Data Portability

Request a copy of your personal data in a structured, commonly used, and machine-readable format, where technically feasible.

 

Manage Permissions and Integrations

You may control and revoke permissions for health integrations, device access, and other optional data sharing at any time through your device settings or within the LifeForm app.

Please note that restricting certain permissions or deleting data may limit the availability or functionality of certain LifeForm features.

 

Corporate Challenge Participants

If you participate in a LifeForm Collective corporate wellness challenge, some data may be processed on behalf of your organization to administer the challenge. You retain your personal data rights, and requests can be directed to LifeForm directly.

 

Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe your personal data has been processed unlawfully.

For South Africa, this is the Information Regulator.
For the European Union, this is your local supervisory authority under GDPR.

 

 

16. Children’s Privacy

LifeForm is intended for use only by individuals aged 18 years and older. We do not knowingly collect, use, or process personal data from individuals under the age of 18.

If we become aware that personal data has been collected from a person under 18 without appropriate legal authorization, we will take prompt steps to delete such information from our systems.

If you are a parent, guardian, or legal representative and believe that a minor has provided personal data to LifeForm, please contact us at help@lifeformapp.io so that we can investigate and take appropriate action.

Corporate wellness program organisers are responsible for ensuring that participants meet applicable age requirements and legal eligibility criteria.

LifeForm does not design its services for use by children, nor does it knowingly target or market its services to individuals under 18.

 

 

17. Cookies and Tracking Technologies

17.1 Overview

LifeForm is primarily a mobile application but may use cookies, local storage, device identifiers, and similar tracking technologies on our website and within app-based and web-based components of the platform.

These technologies help us:

• Authenticate users and maintain secure sessions
• Remember user preferences and settings
• Improve platform performance and reliability
• Understand usage patterns and improve user experience
• Support analytics and platform functionality

These technologies do not give LifeForm access to sensitive payment credentials or private health records beyond what is necessary to provide the service.

 

17.2 Types of Tracking Technologies We Use

We may use the following categories:

Essential Technologies

Required for core platform functionality, including:

·       User authentication and login sessions

·       Security and fraud prevention

·       Account management

·       Challenge participation and leaderboard functionality

These cannot be disabled without affecting platform functionality.

 

 

Analytics and Performance Technologies

Used to understand how users interact with LifeForm so we can improve reliability and user experience.

Examples include:

·       Firebase Analytics

·       Azure Application Insights

·       Crash reporting tools

These technologies collect anonymized or pseudonymized usage data and do not identify users personally unless necessary for account functionality.

 

Functional Technologies

Used to remember preferences such as:

·       Language selection

·       Notification settings

·       App configuration preferences

 

 

Advertising Technologies

LifeForm does not use advertising or retargeting technologies within the app.

 

 

17.3 Third-Party Service Providers

LifeForm uses trusted third-party services that may use tracking technologies to support platform functionality, including:

·       Microsoft Azure (cloud infrastructure and security)

·       Firebase Analytics

·       Azure Application Insights

·       App store platforms (Apple App Store, Google Play, Huawei AppGallery)

These providers operate under strict contractual data protection obligations and are prohibited from using your data for unauthorized purposes.

 

17.4 Device and App Identifiers

LifeForm may use device identifiers, app instance identifiers, and similar technologies to:

·       Maintain secure user sessions

·       Prevent fraud or abuse

·       Improve platform performance

·       Diagnose errors and technical issues

These identifiers do not provide LifeForm access to unrelated personal information stored on your device.

 

17.5 Consent

Where required by applicable law, LifeForm will request your consent before using non-essential tracking technologies.

By continuing to use LifeForm, you acknowledge and agree to the use of essential technologies necessary to operate the platform securely and effectively.

 

18. Changes to This Privacy Policy

LifeForm may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, technologies, or data processing practices.

If we make material changes, we will notify you through appropriate channels, which may include:

·       In-app notifications

·       Email notifications

·       A prominent notice on our website or platform

Where required by applicable law, we may request your consent to the updated Privacy Policy before the changes take effect.

The "Effective Date" at the top of this Privacy Policy indicates when it was last updated.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

Your continued use of LifeForm after changes become effective constitutes your acknowledgment and acceptance of the updated Privacy Policy, unless applicable law requires explicit consent.

 

 

19. Contact Us

LifeForm is operated by LifeForm (Pty) Ltd, which acts as the data controller for personal data processed through the LifeForm platform.

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, or if you wish to exercise your privacy rights, you may contact us using the details below:

Email: help@lifeformapp.io

 

Postal Address:
LifeForm App (Pty) Ltd
Unit 63 Ambleside
56 Ballyclare Drive
Bryanston
Johannesburg, 2021
South Africa

We will respond to privacy-related requests in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the Protection of Personal Information Act (POPIA).

 

 

20. User Agreement and Acknowledgment

By downloading, accessing, registering for, or using the LifeForm platform, you acknowledge that:

·       You have read and understood this Privacy Policy

·       You agree to the collection, use, and processing of your personal data as described herein

·       You consent to the transfer, storage, and processing of your data as necessary to provide LifeForm services

If you do not agree with this Privacy Policy, you should not use the LifeForm platform.

This Privacy Policy is available at all times within the LifeForm app and on our official website.