Legal

Privacy Policy

App: Stepper  ·  Developer: Daniel Ryman  ·  Last updated: February 2026

1. Overview

This Privacy Policy explains what data Stepper collects, how it is used, and your rights. By using Stepper you agree to this policy.

This policy covers users worldwide, including those protected by the UK GDPR, EU GDPR, and the California Consumer Privacy Act (CCPA).

2. Data We Collect

2.1 Health & Fitness Data (HealthKit)

Stepper reads the following data from Apple HealthKit with your explicit permission:

This data never leaves your device except as described in section 3. It is not sold or shared with advertisers.

2.2 Account Information

If you choose to sign in with Apple:

Sign-in is optional. Most features work without an account.

2.3 Social & Activity Data

If you use the Friends and Challenges features, the following is stored on our servers:

2.4 Location Data

Stepper accesses your location only in the following cases:

Location is not tracked in the background except during an active workout or territory recording session.

2.5 Screen Time Data (Focus Mode)

The Focus Mode feature uses Apple's FamilyControls framework. App selections made in Focus Mode are stored using opaque system tokens and never leave your device. Stepper cannot read which specific apps you have selected — only the iOS system can interpret those tokens. No app selection data is sent to our servers.

2.6 Push Notification Token

If you grant notification permission, your APNs device token is stored on our servers solely to deliver social notifications (friend requests, challenge updates). It is never used for marketing.

2.7 Diagnostics & Crash Reports (Sentry)

Stepper uses Sentry for crash reporting and stability monitoring. This may include:

Sentry data is processed by Functional Software, Inc. under their Privacy Policy.

2.8 Purchase Information (RevenueCat)

Stepper uses RevenueCat to manage the Stepper Pro subscription. RevenueCat receives:

RevenueCat does not receive your name, email, or health data. See their Privacy Policy.

3. How We Use Your Data

DataPurpose
HealthKit dataDisplay your stats, streaks, achievements, and widget
Account infoIdentify you on the social leaderboard
Social dataFriends list, challenges, leaderboard
LocationTerritory map, workout route display
Push tokenDeliver social and reminder notifications
DiagnosticsFix crashes and improve stability
Purchase infoUnlock Stepper Pro features

We do not use your data for advertising, profiling, or any purpose beyond operating the app.

4. Data Storage & Security

DataStored
HealthKit dataOn your device (Apple's HealthKit store)
Screen Time / Focus Mode selectionsOn your device only
Social data, push tokensSupabase (EU region)
Crash reportsSentry (EU region)
Purchase statusRevenueCat (United States)
App settings, streak, goalsOn your device (UserDefaults)

All server communication uses TLS. Supabase enforces Row Level Security so users can only access their own data and data shared with friends.

5. International Data Transfers

Some of our third-party processors are based outside your country. Where personal data is transferred internationally, we rely on appropriate safeguards:

6. Third-Party Services

ServicePurposePrivacy Policy
Apple HealthKitHealth dataapple.com/privacy
Apple Sign InAuthenticationapple.com/privacy
Apple Screen TimeFocus Mode app blockingapple.com/privacy
SupabaseSocial features backendsupabase.com/privacy
RevenueCatSubscription managementrevenuecat.com/privacy
SentryCrash reportingsentry.io/privacy

7. Data Retention

8. Your Rights

UK & EU Users (UK GDPR / EU GDPR)

You have the right to:

To exercise these rights, email support@stepper.fit. We will respond within 30 days.

UK users may lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk.

EU users may lodge a complaint with your local Data Protection Authority (DPA).

California Users (CCPA)

California residents have the right to:

To make a CCPA request, email support@stepper.fit with the subject line "CCPA Request". We will respond within 45 days.

9. Children's Privacy

Stepper is not directed at children. The minimum age to use the social features is 13 (or 16 in countries where EU GDPR applies a higher age of digital consent). We do not knowingly collect personal data from children below the applicable age. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via an in-app notice. Continued use of the app after changes constitutes acceptance.

11. Contact

Daniel Ryman
Email: support@stepper.fit