Our security approach

AllFitUp is designed to protect coaching businesses and client information through practical administrative, technical, and organizational safeguards. Security is a shared responsibility between AllFitUp, Customers, Coaches, team members, and Clients.

Safeguards we may use

• Encrypted connections using HTTPS/TLS for data in transit.
• Access controls designed to limit data access by role and workspace permissions.
• Authentication controls, including password protections and optional enhanced login features as available.
• Least-privilege access for internal personnel where feasible.
• Logging, monitoring, and abuse detection to help identify suspicious activity.
• Backups and disaster recovery processes designed to support service continuity.
• Vendor and sub-processor review proportional to risk.
• Secure development practices, code review, dependency updates, and vulnerability management as the product matures.
• Incident response procedures for triage, containment, investigation, remediation, and notification.

Customer responsibilities

• Use strong, unique passwords and protect login credentials.
• Limit team access to people who need it.
• Remove former staff, coaches, contractors, and clients promptly.
• Avoid sharing accounts or passwords.
• Configure workspace roles and permissions carefully.
• Use secure devices and networks.
• Notify AllFitUp promptly at backend@allfitup.com of suspected unauthorized access, phishing, credential compromise, or security incidents.

No system is perfectly secure

Although we work to protect the Services, no platform, network, database, or transmission method is completely secure. AllFitUp cannot guarantee absolute security, uninterrupted operation, or prevention of all unauthorized access.

Responsible disclosure

Security researchers may report suspected vulnerabilities to backend@allfitup.com. Do not access, modify, delete, export, or disclose user data. Do not disrupt the Services. Reports should include steps to reproduce, affected endpoints, severity, and contact details. AllFitUp may recognize helpful reports at its discretion, but no bounty is offered unless explicitly stated in writing.