← Home

Privacy Policy

Last updated: April 16, 2026

Introduction

Steppers ("we", "our", or "the app") is a fitness app that lets you track your daily steps and compete with friends in teams. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data. This Privacy Policy is part of our Terms of Service.

The data controller responsible for your personal data is Guy Tepper, reachable at contact@steppers.game.

Data We Collect

Account Information

When you sign in with Apple or Google, we receive your name and email address (if provided by you) along with a unique account identifier. We use this to create and manage your account.

Health & Fitness Data

With your permission, we read your daily step count from Apple HealthKit (iOS) or Health Connect (Android). We only access step count data — we do not read any other health records, heart rate, sleep, or medical data. Step data is synced periodically, including in the background, so your teams always see up-to-date totals.

Team & Profile Data

When you create or join a team, we store your display name, team membership, and step totals so that team leaderboards and rankings work correctly.

Push Notifications

If you enable push notifications, we collect your device push token along with device details (device name, manufacturer, and OS version) so we can deliver notifications to the correct device. You can disable notifications at any time through your device’s settings.

Camera & Photo Library

During character creation, you may choose to take a photo or select one from your library. We use this image solely to generate your in-app character. The image is uploaded to our cloud storage and is not shared with other users or third parties.

Device & Diagnostic Information

We collect basic device details (device model, operating system, and app version) to help us diagnose issues and ensure compatibility.

How We Use Your Data

  • Display your step count and team rankings within the app.
  • Authenticate your account and keep it secure.
  • Sync step data across your devices in real time.
  • Debug and improve the app experience.

We do not sell your personal data or health data to third parties. We do not use your data for advertising.

Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data under the following legal bases:

  • Contract performance — processing your account information, team data, and step data is necessary to provide the Steppers service you signed up for.
  • Consent — we process your health & fitness data (step counts) and camera/photo data only with your explicit consent, which you can withdraw at any time through your device’s settings.
  • Legitimate interest — we process device and diagnostic information to maintain app stability, fix bugs, and improve the user experience. We have assessed that these interests do not override your rights and freedoms.

Third-Party Services

We use the following third-party services to operate and improve the app:

  • Firebase (Google) — authentication, database, cloud functions, and push notifications. See Firebase Privacy.
  • Sentry — error monitoring and diagnostics. To help us identify and fix issues, Sentry may collect crash information, device details, and information about how you use and navigate the app, such as screens viewed and general interaction patterns. See Sentry Privacy Policy.
  • PostHog — product analytics. To help us improve the app experience, PostHog may collect information about how you use and navigate the app, such as screens viewed and general interaction patterns. See PostHog Privacy Policy.
  • RevenueCat — in-app purchase processing. If you make a purchase, RevenueCat handles the transaction on our behalf. See RevenueCat Privacy Policy.

Data Storage & Security

Your data is stored in Firebase (Google Cloud) and transmitted over encrypted (TLS/SSL) connections. Access to user data is restricted to authenticated users through security rules. We do not store health data on your device beyond temporary caches.

International Data Transfers

Your data may be transferred to and processed in the United States and other countries outside the European Economic Area (EEA) through our third-party service providers (Firebase/Google Cloud, Sentry, PostHog, RevenueCat). These transfers are protected by appropriate safeguards, including the service providers’ compliance with Standard Contractual Clauses (SCCs) approved by the European Commission and, where applicable, the EU–U.S. Data Privacy Framework.

Data Retention

We retain your account and step data for as long as your account is active. If you delete your account through the in-app account settings, we will delete or anonymize your personal data within a reasonable period, except where we need to retain limited records for legal, security, fraud prevention, backup, or processor compliance purposes.

Your Rights

You can:

  • Revoke health data permissions at any time through your device's settings.
  • Delete your account and associated data through the in-app account settings.
  • Access or export the data we hold about you by contacting us.

If you are located in the EEA, you also have the right to:

  • Rectification — request correction of inaccurate personal data we hold about you.
  • Restriction — request that we restrict the processing of your personal data in certain circumstances.
  • Objection — object to processing based on legitimate interest. We will stop processing unless we have compelling grounds that override your rights.
  • Data portability — receive your personal data in a structured, commonly used, machine-readable format.
  • Withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
  • Lodge a complaint — you have the right to lodge a complaint with your local data protection supervisory authority if you believe your data is being processed unlawfully.

To exercise any of these rights, contact us at contact@steppers.game.

Children's Privacy

Steppers is not directed at children under 13 (or under 16 in jurisdictions where GDPR or local law sets a higher age of digital consent). We do not knowingly collect data from children under these ages. If you believe a child has provided us with personal data, please contact us so we can remove it.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page.

Contact Us

If you have questions about this Privacy Policy or your data, please reach out at contact@steppers.game.

GO HOME