Help / Last updated 29th June 2023 (updated API information)

fitIQ - Privacy Policy

Your privacy is of the utmost importance, and I understand that sharing physiological metrics might raise some questions as to how they are handled. First and foremost I am a user of fitIQ too, and I will treat your data as I would hope and expect mine to be treated elsewhere. If you have any concerns at all, please reach out for help.

Personal information collected

The only personal information collected upon sign up is your email address. The password you provide is encrypted and securely stored using industry best practices. Even if comprimised, your original password cannot be recovered.

Health metrics & physiological data collected

Via CSV upload

If you choose to import data from WHOOP by uploading a WHOOP-provided data export, only the subset of that data needed for the site to function will be securely stored and encrypted on our servers. This data is secured against unauthorised access. No data other than that currently needed by various aspects of the site is stored. In particular, no journal data whatsoever is currently processed nor stored. Journal entries can be analysed by the user, but this is done entirely client-side using local file processing and local browser storage: no journal data is ever sent to our servers when doing so. Free-form journal ‘notes’ will never be processed nor imported.


You can also import your data by connecting with the WHOOP API and syncing whenever you choose. The information provided by the API is very similar to that provided by the CSV export functionality and is handled by fitIQ in exactly the same way as outlined above. If you connect with the WHOOP API we securely store an access token, provided by WHOOP, to call their API, along with your WHOOP User ID (which is a non-identifying unique number). Your WHOOP credentials (email, password) are never shared with fitIQ, and we do not request any personal (such as your name or age) or physiological details (such as weight or max heart rate).

Data shared with third parties

None of your personal or WHOOP data is ever shared with any third parties. If you opt-in to doing so, you may choose to share a limited overview of some of your goals, recoveries and streaks via your public profile, but this is completely optional and not enabled by default.


If you sign in to we will set a cookie containing details about your session, so that you can access authenticated areas of the website and your data (and only your data) within them.

Additionally, two third-party cookies are set, outlined below:

  1. Stripe: we use Stripe to handle payments and their JavaScript SDK sets a cookie to enable their service to function. Its value is meaningless to anyone other than Stripe and we never read it directly.
  2. Google Analytics: we use Google Analytics to collect standard visitor information in order to better understand how people use fitIQ.