Privacy Policy

We collect what we need to run the service for you, store it on US infrastructure with per-user isolation and encryption, never sell or share it, and give you working tools to export or delete it. We do not train AI models on your data. The rest of this page is the long version, written for someone reading line by line.

This policy covers maxforce.ai and the MAXFORCE application. MAXFORCE is operated from South Carolina, United States.

MAXFORCE is offered to United States residents. We do not market the service in the European Union or the United Kingdom. If an EU or UK resident reaches us with a request we will honor the substantive rights described below.

Account information — email, password hash, optional name.

Profile data you enter during activation — focus areas, fitness profile, health profile (height, weight, sleep, stress, goal), business context.

Activity data — training logs, nutrition entries, conversations with Max, calendar interactions, follow-up responses.

Data from connected integrations — calendar events, Salesforce records, and similar — limited to the OAuth scope you authorized.

Standard server logs — IP address, user agent, timestamps, request IDs — for security, abuse prevention, and operations.

Payment card details — handled by our payments processor; we never see, store, or log card numbers. Health data outside what you explicitly enter or import. Browsing activity outside MAXFORCE. We do not run third-party advertising trackers, behavioral profiling pixels, or cross-site retargeting.

To operate the service for you — generating training plans, computing nutrition targets, classifying calendar events, running Remind Me follow-ups, answering questions through Max.

To improve the product based on aggregated, de-identified usage patterns. To communicate with you about your account, billing, and material product changes.

We do not sell or share your personal information. We do not rent it, trade it, or make it available to data brokers.

MAXFORCE does not train AI models on your data. Anthropic, the LLM provider that powers Max, operates an enterprise tier under commercial terms that prohibit training on customer data. There is no setting to toggle and no opt-out to manage — training-on-your-data is not part of the service.

MAXFORCE is not a HIPAA-covered entity and does not operate as one. Fitness, sleep, training, and nutrition data you enter is not Protected Health Information under HIPAA. We treat it carefully — but the legal frame is consumer data, not clinical records.

Max is not a licensed personal trainer, physician, nurse, dietitian, nutritionist, or pharmacist. Max provides zero medical advice. Max is not a substitute for a doctor, therapist, or any licensed health professional. Max is not licensed to diagnose, treat, prescribe, or recommend supplements, medications, or clinical interventions.

We will never claim professional credentials in health, fitness, training, nutrition, supplements, or medicine. If a user-facing surface ever appears to imply such credentials, the implication is unintentional and the disclaimer in this section controls.

Your data is stored on infrastructure operated by Supabase (Postgres database and authentication) and Vercel (application hosting and edge runtime), both based in the United States. AI inference is routed to Anthropic on its enterprise tier, which does not retain prompts or completions for model training. Each provider holds data only as long as needed to deliver its portion of the service.

We use the following sub-processors to operate MAXFORCE:

Supabase — Postgres database and user authentication. United States.

Vercel — application hosting and edge runtime. United States.

Anthropic — large language model inference for Max. Enterprise tier with zero data retention for training. United States.

ElevenLabs— text-to-speech synthesis for Max's voice. United States.

We will give at least thirty days' notice before adding a new sub-processor that processes user data. The current list is maintained at this URL — check this section for changes.

Per-user isolation is enforced at two layers — application code and a database-level Row Level Security policy. OAuth tokens for connected integrations are encrypted with AES-256-GCM before they touch the database; the encryption key lives outside the database. Every state-changing write is recorded in an audit log with actor, action, resource, metadata, request ID, and timestamp. Full posture is documented at /security.

When you connect Google Workspace, Salesforce, Slack, or any future integration, data flows between MAXFORCE and that service per the OAuth scope you authorized. Their privacy policies govern handling of your data on their side. Disconnecting an integration triggers a three-step revoke: we revoke the token at the provider, purge the local credential, and write an audit entry.

Account and profile data — kept for the life of the account. Deleted within thirty days of account closure.

Backups — purged within ninety days of account closure. Backups exist for disaster recovery; they are not used for any other purpose.

Audit log — retained for seven years. Required for security investigations, regulatory inquiries, and SOC-2-ready posture.

Anonymous chat sessions — thirty days from creation, then deleted.

Authenticated chat sessions — ninety days rolling from the most recent message, then deleted.

Server logs — thirty days, then deleted, except where retained as part of the audit log for security-relevant events.

Export — a single click in your account settings returns every row scoped to your user as structured JSON, including audit log entries.

Delete — a single action cascades through every table, revokes every connected integration, invalidates your session, and writes a final audit entry. Backups are purged within ninety days.

Correct — most fields are editable in the product. For anything you cannot reach, email us.

California residents have the right to know what personal information we collect, to delete it, to correct it, to opt out of sale or sharing, to limit use of sensitive personal information, and to be free from discrimination for exercising any of these rights.

We do not sell or share your personal information as those terms are defined under the CCPA and CPRA. There is therefore no sale or share to opt out of, but if that ever changes we will update this section and surface an opt-out before the change takes effect.

To exercise any CCPA right, email us at the address below. We respond to verifiable consumer requests within forty-five days.

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon, Montana, Iowa, Delaware, New Jersey, New Hampshire, and any other state that grants consumer privacy rights have the substantive rights described above — access, deletion, correction, portability, and opt-out of sale or targeted advertising where applicable. We honor those rights regardless of the specific statute and respond on the same timelines as a CCPA verifiable consumer request.

MAXFORCE is offered to United States residents. If you are an EU or UK resident and reach us with a request, we honor the substantive rights granted under the GDPR and UK GDPR — access, rectification, erasure, restriction, portability, and objection — on the same timelines as US requests. We do not maintain an EU representative because we do not market the service in the EU or UK.

If we confirm a security incident that compromises the confidentiality, integrity, or availability of your personal information, we will notify affected users no later than seventy-two hours after confirmation, consistent with applicable law. Notice will describe what happened, what data was involved, what we are doing about it, and what you can do.

We use a session cookie to keep you logged in and a small number of strictly functional cookies for the service to work. We do not use third-party advertising cookies. We do not run cross-site retargeting pixels. We do not sell tracking data — we do not have any to sell.

MAXFORCE is not directed at children under eighteen. We do not knowingly collect data from anyone under that age. If you believe a minor has created an account, email us and we will close it and purge the associated data.

We will announce material changes in-product or by email at least thirty days before they take effect. Non-material edits — typos, clarifications, sub-processor list updates within the notice window — may be made without advance notice. The current version is always at this URL with the “Last updated” date below.

For privacy questions, rights requests, breach reports, or any other matter covered by this policy, reach us at max@maxforce.ai.

We respond to general privacy inquiries within thirty days. We respond to verifiable consumer requests under the CCPA, CPRA, and substantively similar state statutes within forty-five days.