Privacy Policy

Last Updated: 4/9/2025

Introduction

Welcome to Step Rival ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how your personal information is collected, used, shared, and protected when you use our Step Rival mobile application ("the App").

By downloading, registering with, or using the App, you agree to the terms of this privacy policy.

Information We Collect

Personal Information You Provide

• Account Information: We collect your email address and may collect your name and profile picture when you create an account.
• Authentication Information: If you sign in with Google or Apple, we receive basic account information from these providers.
• Profile Information: Information you provide in your user profile, such as username, profile picture, frames, and shields.
• User-Generated Content: Any data you voluntarily provide when participating in challenges or social features.
• Purchase Information: Transaction data required to process in-app purchases.

Information Collected Automatically

• Health and Fitness Data: Step count, distance walked, and calories from Apple Health (only with your explicit permission).
• Usage Data: Features accessed, time spent, and interactions within the App.
• Device Information: Device type, OS version, device identifiers, and mobile network info.
• Device Location: While the App itself does not request or track your precise GPS location, our backend services (like Firebase) may infer your general geographic region from your IP address for purposes such as regional leaderboards or analytics.

How We Use Your Information

• To provide and improve the App's features.
• To enable competition, leaderboards, and rivalry features.
• To personalize your experience with achievements, quests, and challenges.
• To process in-app purchases securely.
• To communicate with you about your account and progress.
• To analyze usage for improvements.
• To protect against unauthorized or fraudulent activity.

Legal Basis for Processing (GDPR)

We process your data based on one or more of the following legal grounds:

• Your consent (e.g., HealthKit access, marketing).
• Performance of a contract (e.g., App functionality).
• Compliance with legal obligations.
• Our legitimate interests (e.g., security, analytics).

Data Storage and Processing

Your data is stored securely using Firebase services:

• Firebase Authentication – For account security.
• Firebase Firestore – For user profiles, step data, achievements.
• Firebase Storage – For profile images and assets.
• Firebase Functions – For secure server-side processing.

How We Share Your Information

• With Other Users: Your username, profile picture, step count, and achievements may be visible to others.
• Service Providers: For services like analytics, support, or payments.
• Apple and Google: For in-app purchases.
• Business Transfers: If involved in a merger or acquisition.
• Legal Requirements: If required by law or government request.

Your Privacy Rights and Choices

Access and Control

• Access and update your account information in settings.
• Control Apple Health sharing via your device settings.
• Unsubscribe from marketing emails through provided links.
• Request account deletion through the App or by contacting us.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know what personal information we collect and how we use it.
• Request deletion of your personal information.
• Correct inaccurate data.
• Opt-out of the sale or sharing of personal data (we do not sell or share your personal data for cross-context behavioral advertising).
• Limit the use and disclosure of sensitive personal information (SPI). You control sharing of HealthKit data, which may be considered SPI, directly through your device settings. We do not use other SPI in ways that would require an opt-out under CPRA.

EU/EEA Residents – GDPR Rights

As an EEA resident, you have the right to:

• Request access to your personal data.
• Request correction or update of inaccurate data.
• Request erasure (deletion) of your personal data ('right to be forgotten').
• Request restriction of processing of your personal data.
• Receive a copy of your personal data in a structured, commonly used, and machine-readable format (data portability).
• Object to the processing of your personal data based on legitimate interests.
• Withdraw consent at any time (where processing is based on consent), without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights (under CCPA/CPRA or GDPR), please contact us using the details provided in the "Contact Us" section below.

Data Retention

We retain your data as long as necessary for providing the App and fulfilling legal or operational obligations. After that, data is securely deleted or anonymized.

Data Security

We use appropriate technical and organizational safeguards to protect your data. However, no system is 100% secure, and we cannot guarantee absolute protection.

Children's Privacy

The App is not intended for children under 13. We do not knowingly collect data from children. If you believe a child under 13 has provided information, please contact us immediately.

Third-Party Services

We may link to third-party websites or services. These are not under our control, and we are not responsible for their privacy practices.

Third-Party Login Services

We support login via:

• Google Sign-In
• Sign in with Apple

Your data is handled according to the third party's privacy policy during authentication.

In-App Purchases

Payments are processed using Apple's StoreKit and are subject to Apple's privacy policy. We do not store payment details.

App Tracking Transparency (ATT)

We do not use technologies that require Apple's ATT prompt. If we add such functionality, we will request your permission.

International Data Transfers

Your data may be stored or processed in countries outside your own. By using the App, you consent to such transfers.

Changes to This Privacy Policy

We may update this policy from time to time. The latest version will be published with an updated "Last Updated" date.

Contact Us

If you have any questions about this Privacy Policy, contact us at:

Step Rival
Email: alex@devalexcodes.com

By using Step Rival, you acknowledge that you have read this Privacy Policy and consent to our data practices as described herein.