Privacy Policy
Last updated: January 17, 2026
1. Who We Are
Need for Steps ("we", "us", or "our") is owned and operated by Dzmitry Bukuyazau (Poland).
Contact: [email protected].
2. Information We Collect
Depending on how you interact with the iOS application ("App"), we collect:
- Health & Fitness Data — step count data accessed from Apple HealthKit with your permission. This data is read-only and used solely to determine app unlock status.
- App Lock Configuration — your selected apps and step goals stored locally on your device.
- Usage Analytics Events — screen views, feature usage, device model, OS version, locale, IP-derived coarse location.
- Crash & Performance Diagnostics — stack traces, CPU/memory metrics.
- Transaction Receipts — subscription status for in-app purchases.
3. How We Use Your Information
- Read step count from Apple HealthKit to determine if apps should be unlocked based on your configured step goals.
- Operate, maintain and improve the App's performance, UX and security.
- Debug crashes and protect against fraud.
- Comply with legal obligations and enforce our Terms of Service.
4. HealthKit Data
We access your step count data from Apple HealthKit solely to provide the core app functionality. This data:
- Is never sold or shared with third parties for advertising or marketing purposes.
- Is not stored on our servers — processing happens entirely on your device.
- Is accessed only with your explicit permission.
5. Third-Party Processors
We share data only with the processors below under GDPR-compliant agreements:
| Processor | Data Categories | Purpose | Region |
|---|
| PostHog Inc. | Usage analytics events | Product analytics & behaviour insights | EU (Frankfurt) / US |
| Google Firebase | Crash & performance diagnostics | Error monitoring | EU / US |
| RevenueCat Inc. | Transaction receipts, subscription status | Manage in-app purchases | US |
Note: HealthKit step data is never shared with any third-party processor.
6. International Data Transfers
When personal data leaves the EEA, transfers rely on the EU-US Data Privacy Framework or Standard Contractual Clauses.
7. Data Retention
- HealthKit data — not stored; read in real-time from Apple Health.
- App configuration — stored locally on your device until you delete the app.
- Raw analytics events — 12 months (aggregated statistics retained indefinitely).
8. Your Rights
You can access, correct, erase, or port your data, object to processing, or lodge a complaint with a supervisory authority. Email [email protected].
9. Security Measures
TLS 1.3 in transit, AES-256 at rest, role-based access control.
10. Children's Privacy
The App is not directed to children under 13 and we do not knowingly collect data from them.
11. Changes to This Policy
Material changes will be announced in-App and via email at least 14 days before taking effect.
12. Contact Us
Email: [email protected]