Privacy Policy

Effective: June 9, 2026 · Last updated: June 12, 2026

This Privacy Policy explains how Show Up Show Out Security ("SUSOS," "we," "us," or "our") collects, uses, and shares information when you visit iFight.xyz (the "Site") or use the iFight mobile app (the "App," and together with the Site, the "Services"). iFight is a training companion and athlete/coach platform for combat sports. By using the Services, you agree to this Policy.

"iFight" is a registered "doing business as" (DBA) name of Show Up Show Out Security, so references to "iFight," "SUSOS," "we," "us," or "our" in this Policy mean the same company.

iFight is offline-first: most of your training data is stored locally on your device and works without an account. If you create an account, your data syncs to our cloud so you can back it up and use it across devices.

1. Information We Collect

Information you provide

• Account & profile: your name and email address, a password or a token from a social sign-in, and profile details you add such as your discipline/sport, units, goals, and gym or team.
• Waitlist: if you join the launch waitlist on iFight.xyz, the email address you submit (collected through Microsoft Forms).
• Training & health content you log: techniques and notes, mat and training sessions, strength workouts, runs, body weight and measurements, nutrition and meals, fasting, hydration, supplements, sleep, competitions and camps, goals, and photos or videos you attach.
• Coaching & gym data: if you join a gym or team or act as a coach, information such as roster membership, lesson plans, messages and broadcasts, bookings, schedules, and the training data you choose to share.
• Payments: if you book a coach or buy a ticket, your payment is processed by Stripe. We receive limited transaction details (such as amount, status, and the last four digits of a card) but not full card numbers.
• Communications & support: messages you send us (for example, to help@susos.co), feedback, and in-app support requests.

Health & fitness data

• The App records training and health information you enter and, if you grant permission, imports data from Apple Health (HealthKit) on iOS or Health Connect on Android, such as workouts, runs, body weight, and sleep.
• We use health and fitness data only to provide the Services to you. We do not use HealthKit or Health Connect data for advertising or marketing, and we never sell it.

Location data

• If you use GPS run tracking, the App collects precise location while you record a route, in order to map your run.
• Location- and map-based features (such as finding gyms or venues) use Google Maps / Google Places and may use approximate location.

Information from third parties

• If you sign in with Apple, Google, Facebook, Discord, or Microsoft, we receive basic profile information from that provider (such as name and email). If you connect Facebook and grant optional permissions, we may receive additional profile fields you authorize.

Information collected automatically

• Usage analytics: to understand how the App is used and decide what to improve, the App records limited product-usage events, such as which screens you open, in-app actions and counts, your platform (iOS or Android), app version, and device model. These events do not include your name, email address, health or training values, message contents, or other free-form text you enter.
• Crash & error diagnostics: when the App hits an error or crash, it sends a diagnostic report containing the error message and technical stack trace, the screen you were on, and the same platform, app-version, and device-model details, so we can find and fix the problem.
• This usage and diagnostic data is associated with your account (so we can group repeated events and prevent abuse), but it is never used to build an advertising profile, is not sold, and is not used for cross-app or cross-site tracking.
• You can turn it off. This collection is on by default, but you can disable it at any time with the "Share usage & diagnostics" switch under More → Data & Sharing in the App. We can also disable it globally for everyone.
• The Site uses only the minimal cookies and local storage needed to function. The waitlist form is provided by Microsoft Forms, which may set its own cookies.

2. How We Use Information

• Provide, sync, and back up the Services and your data across devices.
• Enable coaching and gym features and share the categories of data you have chosen to share with the coaches or gyms you authorize.
• Process payments and bookings (through Stripe).
• Send communications: launch updates if you joined the waitlist, transactional messages, reminders and push notifications you enable, and responses to your support requests.
• Maintain security, prevent fraud and abuse, and debug and improve the Services.
• Comply with legal obligations.

3. How We Share Information

We do not sell your personal information. We share information only as described here:

• Service providers (processors): companies that help us run the Services, including Supabase (cloud database, authentication, sync, and backups), Stripe (payments), Apple and Google (health data you import, maps and places, sign-in, and push notifications), Microsoft (the waitlist form), and the social login providers you choose. These providers may process your data only to provide services to us.
• Coaches and gyms: if you join a gym or team or share data with a coach, they can see the categories of data you choose to share. You control these per-category permissions and can change or revoke them at any time.
• Other users: content you choose to publish (for example, a technique you share to the community feed) is visible to other users.
• Legal and safety: to comply with law, enforce our terms, or protect the rights, safety, and security of our users and the public.
• Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to this Policy.

4. Your Choices and Rights

• Access & export: you can view your data in the App and export a full backup of your data.
• Delete: you can delete your account and associated data from within the App. Deleted gyms or teams may be recoverable for a limited window (about 30 days) before permanent deletion.
• Permissions: you can grant or revoke Health, Location, Camera, and Notification permissions in your device settings, and manage data-sharing with coaches and gyms in the App.
• Usage analytics & diagnostics: you can turn off product-usage analytics and crash diagnostics at any time with the "Share usage & diagnostics" switch under More → Data & Sharing in the App.
• Communications: you can opt out of marketing emails (including waitlist updates) using the unsubscribe option or by emailing help@susos.co, and disable push notifications in your device settings.
• Cookies: you can manage cookies through your browser settings.

California residents (CCPA): you have the right to know what personal information we collect, to request deletion, to opt out of the "sale" of personal information (we do not sell personal information), and not to be discriminated against for exercising your rights. To exercise these rights, contact help@susos.co.

5. Data Retention

We retain personal information only for as long as necessary to provide the Services and for the purposes described in this Policy, or as required by law. When you delete your account, we delete or de-identify your personal data, except where we must retain it to comply with legal obligations, resolve disputes, or enforce our agreements.

6. Data Security

We protect information using measures such as encryption in transit, access controls, and secure infrastructure provided by our cloud vendors. However, no method of transmission over the Internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

7. Children's Privacy

The Services are not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it. If you believe a child has provided us information, contact help@susos.co.

8. International Data Transfers

We are based in the United States and may process and store information in the United States and other countries. Where required, we use appropriate safeguards, such as standard contractual clauses, for international transfers.

9. Changes to This Policy

We may update this Policy from time to time. We will post the updated version here and revise the "Last updated" date above. Material changes may also be communicated through the Services.

10. Contact Us