Privacy Policy

Last updated: 10 April 2026

PATO ("we", "our", "us") operates the PATO mobile application and web application at app.pato.nz (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, and authentication credentials. If you sign in with Google or Apple, we receive your name and email from the provider — we do not receive or store your social login password.

Health & Fitness Data: You may choose to provide health and fitness information including:

• Body measurements (weight, height, body fat percentage)
• Nutrition logs (meals, calories, macronutrients)
• Workout logs (exercises, duration, intensity)
• Wellness check-ins (sleep, energy, stress, soreness)
• Goals and progress photos

This data is provided voluntarily through your interactions with our AI coaching assistant.

Device Information: We may collect device identifiers, push notification tokens, and browser/app version to deliver notifications and ensure compatibility.

Usage Data: We collect anonymized analytics data (pages visited, features used) to improve the Service.

2. How We Use Your Information

• AI Coaching: Your health and fitness data is processed by AI models (OpenAI and Google Gemini) to provide personalised coaching, meal plans, workout plans, and recommendations.
• Gym Features: If you are a member of a gym using PATO, certain data (name, activity level, streak, level) is visible to your gym's staff through their management dashboard.
• Gamification: Your activity data is used to calculate points, levels, streaks, and badges. Leaderboard rankings are visible to other members of your gym.
• Notifications: We send push notifications for reminders, coaching responses, and gym updates based on your preferences.
• Payments: If your gym uses PATO for membership billing, payment processing is handled by GoCardless. We store your subscription status and payment history but never store bank account details directly.

3. Third-Party Services

We use the following third-party services to operate PATO:

• Supabase — Database hosting and user authentication (hosted in Australia)
• OpenAI — AI language model for coaching conversations
• Google (Gemini) — AI model for image analysis, plan generation, and web search
• GoCardless — Payment processing for gym membership billing
• Google Analytics — Anonymized usage analytics
• Resend — Transactional email delivery
• Vercel — Application hosting
• Railway — API server hosting

Each third-party service processes data in accordance with their own privacy policies. AI providers (OpenAI, Google) process your chat messages and images to generate responses but do not use your data to train their models under our API agreements.

4. Data Storage & Security

Your data is stored in Supabase (PostgreSQL database hosted in Australia) with row-level security policies. All data is transmitted over HTTPS. Authentication tokens are stored securely on your device and expire periodically.

We implement industry-standard security measures including Content-Security-Policy headers, input sanitization, and JWT-based authentication. However, no method of electronic transmission or storage is 100% secure.

5. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or operational purposes.

Chat history, nutrition logs, workout logs, and progress data are retained to provide continuity in your coaching experience. You may request deletion of specific data by contacting us.

6. Your Rights

Under the New Zealand Privacy Act 2020, you have the right to:

• Access your personal information
• Request correction of inaccurate data
• Request deletion of your data
• Know how your data is being used

To exercise these rights, contact us at hi@pato.nz.

7. Children's Privacy

PATO is not intended for users under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16, we will delete it promptly.

8. Gym Membership & Billing

If your gym uses PATO for membership billing, payment is processed via GoCardless Direct Debit. GoCardless collects and stores your bank account details directly — PATO only stores your subscription status, payment amounts, and billing history. GoCardless is authorised by the Financial Conduct Authority (UK) and operates under strict financial regulations.

9. Push Notifications

You may opt in to receive push notifications for coaching reminders, workout prompts, and gym updates. You can disable notifications at any time through your device settings or your PATO profile. We store your push notification subscription token to deliver notifications.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy in the app and updating the "Last updated" date above.

11. Contact Us

If you have questions about this Privacy Policy or your data, contact us at hi@pato.nz.