Privacy Policy

1. Health and Fitness Data

Step Count Data: We access your daily step count from Apple HealthKit (iOS) to track progress, sync across devices, and share with friends and club members you choose.

Walking Status: We collect information about when you start and stop walking sessions, including step counts at the start and end of walks.

Data Source Information: We identify which device or app (e.g., iPhone, Apple Watch, fitness trackers) is providing your step data to help ensure accuracy.

How We Use It: To provide core App features, including step tracking, goal progress, sharing with friends and club members, and activity logging.

Sharing: Your step data is shared only with friends you have mutually connected with in the App and members of clubs you join. You can control sharing through App settings.

2. Account Information

• Email Address: Collected when you create an account or sign in with email
• Display Name: Your chosen name shown in the App
• Username: Optional unique username (e.g., @username)
• Phone Number: Optional, used to help friends find you and for contact matching
• Profile Picture: Optional photo you upload
• Account Creation Date: Timestamp of when you created your account

How We Use It: To create and manage your account, enable social features, and provide customer support.

Sharing: Your profile information (display name, username, profile picture) is visible to your friends in the App, members of clubs you join, and users you interact with.

3. Contact Information

Device Contacts: With your permission, we access your device contacts (names and phone numbers) to suggest friends who are already using the App and help you invite contacts to join the App.

Contact Matching: We match phone numbers from your contacts with phone numbers provided by other users to suggest friends. This matching happens locally and on our servers using normalized phone numbers.

How We Use It: To help you find and connect with friends, and to invite contacts to join the App.

Sharing: We do not share your contact list with other users. We only use contact information to suggest friends and send invitations.

4. Social Data

• Friends List: Information about your connections with other users
• Friend Requests: Friend requests you send and receive
• Club Memberships: Clubs you create or join, including member lists and club settings
• Activities: Activity feed entries (e.g., goal completions, walking sessions, friend activities)
• Notifications Preferences: Your preferences for push notifications

How We Use It: To provide social features, activity feeds, and notifications.

Sharing: Your social data is visible to your friends (mutual connections), members of clubs you join, and club administrators (for clubs you join).

5. Discord Integration (Optional)

If you connect your Discord account:

• Discord User Information: Discord username, user ID, avatar
• OAuth Tokens: Encrypted access and refresh tokens for Discord API access
• Voice Channel Status: Information about Discord voice channels you join (only if you enable sharing)
• Tracked Channels: Discord channels you choose to track for friend notifications

How We Use It: To provide Discord integration features, including voice channel status sharing with friends.

Sharing: Your Discord voice status is shared only with friends who have enabled Discord notifications, and only for channels you choose to track.

Security: Discord OAuth tokens are encrypted using AES-256-CBC before storage.

6. Subscription and Payment Information

• Subscription Tier: Your current subscription level (Basic, Authenticated, or Pro)
• Subscription Status: Active subscription status, expiration dates, and renewal information
• Purchase History: Information about subscription purchases and renewals

How We Use It: To manage subscriptions, provide Pro features, and process payments.

Third-Party Service: Subscription management is handled by RevenueCat, which processes payments through Apple's App Store. We do not store your payment card information.

7. Device and Technical Information

• Push Notification Tokens: Device tokens for sending push notifications
• Device Information: Device type, operating system version, app version
• Crash Reports: Information about app crashes and errors to help us fix bugs
• Analytics Data: Aggregated usage data to improve the App (e.g., feature usage, screen views)

How We Use It: To send notifications, improve app stability, and understand how users interact with the App.

Sharing: Analytics data is aggregated and anonymized. We do not share personally identifiable analytics data.

8. User Content

• Profile Pictures: Photos you upload as your profile picture
• Club Information: Club names, descriptions, and settings you create
• Activity Logs: Activities you generate (e.g., reaching step goals, starting walks)

How We Use It: To provide App features and display your content to friends and club members.

Sharing: Your user content is visible to friends and club members as described in the Social Data section above.

With Other Users

Your step data, profile information, and activities are visible to your friends and club members. You control who can see your data through friend connections and club memberships.

With Service Providers

We use third-party services that help us operate the App:

• Firebase (Google): Authentication, database, cloud functions, push notifications, analytics, and storage
• RevenueCat: Subscription management and payment processing
• Discord: OAuth integration (if you connect Discord)
• Resend: Email delivery for verification and password reset emails
• Apple: HealthKit for step data access

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.

Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

Storage Location: Your data is stored on Firebase servers (Google Cloud Platform), primarily in the United States.

Encryption:

• All network communications use HTTPS/TLS encryption
• Discord OAuth tokens are encrypted using AES-256-CBC before storage
• Sensitive data is protected using industry-standard encryption

Security Measures: We use Firebase security rules, authentication, and access controls to protect your data.

Data Retention: We retain your data for as long as your account is active or as needed to provide services. You can delete your account at any time through App settings.

Access and Correction

You can access and update your account information through the App settings.

Data Deletion

You can delete your account at any time through App settings. This will:

• Delete your account and profile information
• Remove you from all clubs
• Delete your step data and activities
• Cancel any active subscriptions

Some information may be retained for legal or business purposes (e.g., transaction records).

Health Data

You can revoke HealthKit access at any time through iOS Settings > Privacy & Security > Health > Steps Club.

Contacts

You can revoke contacts access at any time through iOS Settings > Privacy & Security > Contacts > Steps Club.

Push Notifications

You can manage push notification preferences in App settings or through iOS Settings.

Discord Integration

You can disconnect your Discord account at any time through App settings.