<!--
@llm-meta
file: llms-legal.md
title: Legal — Privacy Policy & Terms
description: Privacy policy and terms of service content for saturday.fit.
category: site-page
keywords: legal, privacy, terms, policy, data
last-updated: 2026-04
related: llms-transparency.md, llms-homepage.md
-->

# Saturday Inc. — Legal Pages

> LLM context file for saturday.fit/legal

## Page Structure

The legal section is an index page at `/legal` linking to five separate policy documents:

### App Policies
- **App Privacy Policy** (`/app-privacy`) — How Saturday collects, uses, and protects data in the mobile app
- **App Terms & Conditions / EULA** (`/app-terms`) — License agreement and terms of use for the Saturday app

### Website Policies
- **Website Privacy Policy** (`/web-privacy`) — How data is handled when visiting saturday.fit
- **Website Terms of Use** (`/web-terms`) — Terms governing use of the saturday.fit website

### Health Data
- **Consumer Health Data Privacy Policy** (`/health-data-privacy`) — Standalone policy for WA My Health My Data Act (MHMDA) compliance

## Key Legal Details

- **Data Controller:** Saturday Inc.
- **Contact email:** support@saturdaymorning.fit
- **Registered address:** 8 The Green, STE A, Dover DE 19901
- **Governing law:** State of Delaware
- **Arbitration venue:** Phoenix, Arizona (via JAMS)
- **Minimum age:** 16 (users under 16 are not permitted)

## Data Collected (App)
- Email address, name
- Health and biometric data: weight, sex, year of birth, sweat level, saltiness, fitness level, eating disorder status, fueling concerns, satiety, cravings, carb intake
- Activity and nutrition data: workouts, nutrition logs, product scans
- Usage data (IP, device info, crash reports)
- Location (transient, for weather — not stored persistently)

## Data Collected (Website)
- Browser, network, device info
- IP address, pages visited, referral pages
- Analytics via Cloudflare Web Analytics (privacy-preserving, no cookies)
- Marketing emails via Klaviyo

## Third-Party Services (App)
- Firebase (Auth, Firestore, Analytics, Crashlytics, Performance Monitoring)
- Klaviyo (email marketing)
- Stripe (payment processing)
- TrainingPeaks (workout sync, user-authorized)
- Intervals.icu (workout sync, user-authorized)
- OpenWeatherMap (weather data)
- Open Food Facts (product database)
- Google Gemini AI (nutrition label analysis)
- Google/Apple Sign-In (authentication)
- Apple App Store / Google Play (in-app purchases)

## User Rights
- **WA MHMDA:** Access, delete, withdraw consent for health data (all users)
- **CCPA/CPRA:** Know, delete, correct, opt out of sale/sharing, limit sensitive PI (California)
- **GDPR:** Access, rectify, erase, portability, restrict, object (Europe)
- **Multi-state:** Access, correct, delete, opt out, appeal (CO, CT, VA, TX, OR, MT, and others)
- **All users:** Withdraw consent, access data, request deletion via support@saturdaymorning.fit

## Important Terms (App EULA)
- Limited, non-exclusive, non-transferable license
- No reverse engineering, sublicensing, or transferring
- Services provided "AS IS" with no warranties
- Liability capped at 12 months of fees paid (with gross negligence carve-out)
- Comprehensive assumption of risk for fitness/nutrition activities
- Saturday staff are not medical doctors
- Mandatory arbitration with class action waiver (JAMS, Phoenix AZ)
- 14-day notice for company-initiated termination with prorated refund
- User can terminate anytime, access continues through billing cycle
- Feedback grants license to Saturday (user retains ownership)

## Important Terms (Website)
- Mandatory arbitration with class action waiver
- EU consumer protection laws are not overridden
- 30-day notice for termination of paid services
- Force majeure and severability clauses included

## Saturday Does NOT
- Sell user data
- Serve advertisements
- Share data with advertisers or data brokers