Privacy Policy
Last updated: April 8, 2026
1. Data I Collect
1.1 Account Data
When you create an account, I collect your email address and display name. Authentication is handled via Supabase Auth and optionally Google Sign-In or Sign in with Apple. I do not store your password — authentication tokens are managed securely by these providers.
1.2 Health Data (HealthKit)
With your explicit permission, StoicWalk reads your daily step count from Apple HealthKit. I also write your step data back to Apple Health to keep your activity in sync. This data is:
- Stored locally on your device and in your personal Supabase account record
- Used solely to determine whether you have reached your daily step goal
- Never sold, shared with advertisers, or used for any purpose beyond core app functionality
- Never used for insurance, financial, or employment decisions
1.3 App Blocking Preferences (Screen Time / FamilyControls)
The apps you choose to block are selected using Apple's Screen Time framework and stored locally on your device via Apple's ManagedSettings framework. I do not transmit your app selection list to any server.
1.4 Usage and Streak Data
I store your streak history, step goal settings, and achievement progress in your Supabase account to sync data across reinstalls and devices.
1.5 Purchase Data
Subscriptions and in-app purchases are processed by Apple and managed via RevenueCat. I receive your subscription status and entitlement information but do not see or store your payment card details.
1.6 Notifications
If you enable push notifications, I use Apple Push Notification service (APNs) to send you goal reminders. You can disable notifications at any time in iOS Settings.
2. Data I Do Not Collect
- I do not use any third-party analytics or advertising SDKs
- I do not collect device identifiers for advertising purposes
- I do not track your location
- I do not share data with third parties for marketing
3. Third-Party Services
The following third-party services are used and have their own privacy policies:
- Supabase — database and authentication (supabase.com/privacy)
- RevenueCat — subscription management (revenuecat.com/privacy)
- Google Sign-In — optional authentication (policies.google.com/privacy)
- Apple — HealthKit, Sign in with Apple, Screen Time, APNs (apple.com/privacy)
4. Legal Basis for Processing (GDPR)
For users in the European Economic Area, I process your data on the following legal bases:
- Contract performance — account data and streak data are necessary to provide the service
- Explicit consent — HealthKit data and Screen Time access require your explicit permission and can be withdrawn at any time in iOS Settings
- Legitimate interest — ensuring app security and preventing fraud
5. Data Retention
I retain your account and usage data for as long as your account is active. If you delete your account, your personal data is removed from my systems within 30 days. Step and streak data stored locally on your device is removed when you uninstall the app.
6. Your Rights
Depending on your location, you may have the following rights:
- Access the personal data I hold about you
- Request correction of inaccurate data
- Request deletion of your data ("right to be forgotten")
- Object to or restrict processing
- Data portability
- Lodge a complaint with a supervisory authority (in Germany: the Berliner Beauftragte für Datenschutz und Informationsfreiheit)
To exercise any of these rights, reach me at dymkehenrik@gmail.com.
7. Children's Privacy
StoicWalk is not directed at children under 13. I do not knowingly collect personal data from children. If you believe a child has provided me with personal information, please reach out immediately.
8. Data Security
All data in transit is encrypted using TLS. Authentication tokens are stored securely in the device keychain. I follow industry-standard practices to protect your data, though no method of transmission or storage is 100% secure.
9. Changes to This Policy
I may update this Privacy Policy from time to time. I will notify you of significant changes via the app or by updating the date at the top of this page. Continued use of the app after changes constitutes acceptance.
10. Contact
If you have any questions about this Privacy Policy, feel free to reach me at:
Henrik Dymke
Schneeglöckchenstrasse 13
10407 Berlin, Germany
dymkehenrik@gmail.com