Privacy Policy

Plus Ultra Health Pty Ltd · Last Updated: 19 January 2026

1. Introduction

Plus Ultra Health Pty Ltd (“Plus Ultra Health”, “we”, “us”, or “our”) is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (“Eliya”), web platform, and related services (collectively, the “Services”).

We comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), as well as the Singapore Personal Data Protection Act 2012 (PDPA) where applicable.

If you have any questions or concerns about this policy or our practices, please contact us at privacy@plusultrahealth.com.

2. Information We Collect

2.1 Information You Provide Directly

When you register for an account or use our Services, we may collect:

  • Name (first and last) — Account identification, personalisation
  • Email address — Account creation, communications, support
  • Date of birth — Age verification (18+ requirement), program suitability
  • Country — Data residency compliance, content localisation
  • State/Province — Regional compliance (where applicable)
  • Fitness archetype/goals — Content personalisation, program recommendations

2.2 Information Collected Automatically

When you use our Services, we automatically collect:

  • Device information: Device type, operating system, unique device identifiers
  • Usage data: Features accessed, time spent, interaction patterns
  • Log data: IP address, browser type, access times, referring URLs
  • Performance data: App crashes, diagnostics, performance metrics

2.3 Information from Third Parties

If you choose to link third-party services, we may receive:

  • Health and fitness data from Apple Health, Google Fit, Strava, or Garmin (only with your explicit consent)
  • Authentication data from Google or Apple Sign-In (limited to name and email)

2.4 Sensitive Information

We do not collect sensitive information (as defined under the Privacy Act 1988) without your explicit consent. This includes health information beyond basic fitness metrics, racial or ethnic origin, political opinions, religious beliefs, and sexual orientation.

3. How We Use Your Information

We use your personal information for:

  • Service Delivery: Creating and managing your account, providing personalised fitness and rehabilitation programs, enabling communication with healthcare practitioners
  • Personalisation: Recommending exercises and programs based on your fitness archetype, customising content to your goals and experience level
  • Communication: Sending service-related notifications, responding to enquiries and support requests
  • Improvement and Analytics: Analysing usage patterns to improve our Services, conducting research and development
  • Safety and Compliance: Detecting and preventing fraud or abuse, complying with legal obligations

4. How We Share Your Information

We do not sell your personal information. We may share your information with your consent, with trusted service providers (cloud hosting, authentication, analytics, email), with healthcare practitioners you are connected to, or as required by law.

5. International Data Transfers

Your information is primarily stored in Sydney, Australia. Where transfers occur to other jurisdictions, we ensure appropriate safeguards are in place including contractual protections equivalent to the Australian Privacy Principles and Singapore PDPA.

6. Data Retention

We retain your personal information for as long as necessary:

  • Account information: Duration of account + 2 years after deletion
  • Workout history: Duration of account + 2 years after deletion
  • Communication records: 7 years (regulatory compliance)
  • Analytics data: Anonymised after 2 years

You may request deletion of your account and associated data at any time.

7. Data Security

We implement encryption in transit (TLS 1.3) and at rest (AES-256), secure authentication with optional multi-factor authentication, regular security assessments, access controls and least-privilege principles, and incident response procedures.

8. Your Rights

You have the right to:

  • Access — Request a copy of your personal information
  • Correction — Request correction of inaccurate or incomplete information
  • Deletion — Request deletion of your account and personal information
  • Withdraw consent — Withdraw consent for optional processing
  • Data portability — Export your data in a machine-readable format
  • Complaint — Lodge a complaint with the relevant supervisory authority

Australia: Office of the Australian Information Commissioner (OAIC) — www.oaic.gov.au — 1300 363 992

Singapore: Personal Data Protection Commission (PDPC) — www.pdpc.gov.sg

9. Children's Privacy

Our Services are intended for users aged 18 years and older. We do not knowingly collect personal information from individuals under 18 years of age.

10. Contact Us

Plus Ultra Health Pty Ltd
Email: privacy@plusultrahealth.com

This Privacy Policy complies with the Australian Privacy Act 1988 and Singapore PDPA 2012.