Privacy Policy & Terms & Conditions

1. Information We Collect

StepShake collects certain information in order to operate the app, maintain security, process payouts, and provide core features such as walking tracking, groups, rewards, messaging, and event coordination. The information we collect depends on how you use StepShake and the permissions you choose to grant.

1.1 Personal Information

We collect the personal information you voluntarily provide when creating or updating your account, or when interacting with the app.

This may include:

Full name
Email address
Phone number (for verification and security)
Profile photo or avatar
Date of birth (optional, used for age verification where required)
Country or region of residence
Username or display name
Account preferences and settings
Referral IDs and links you share

If you choose to sign up using Apple, Google, or other social login providers, we may receive basic profile information such as name, email, and profile picture from those platforms.

We do not access your device’s contacts, photos, or files unless you explicitly choose to grant permission for a specific feature.

1.2 Activity Data

To provide core StepShake features such as walking analytics, grouping, and community participation, we collect data related to your activities within the app.

This may include:

Steps, walking duration, distance traveled
Participation in groups, challenges, or local meetups
Events you create or join
Invitations you send or receive
Your interactions with friends or nearby users
Messages you send within the app (securely stored and encrypted in transit)
Referral activities, such as completed referrals or bonuses
In-app actions (opening screens, tapping menus, connection history, feature usage)

We do not access your device’s health data, GPS data, or fitness app data unless you grant permission.

1.3 Device & Technical Data

To maintain app performance, security, analytics, and quality control, we automatically collect standard device information.

This may include:

Device type (iPhone, Android model)
Device operating system & version
App version
IP address and general location derived from IP
Device identifiers (IDFA, GAID) where permitted
Crash logs and diagnostics
Error reports, screen load times, performance events
Network type (WiFi, cellular)
Security logs for fraud detection

This data helps us troubleshoot issues, prevent abuse, ensure app stability, and improve the user experience.

1.4 Financial & Identity Verification Data

StepShake does not store or have access to your full financial information.

We use secure third-party providers:

Plaid – Identity Verification

Used for:

Confirming your identity
Confirming your bank account ownership for payout eligibility
Fraud prevention and regulatory compliance

Plaid securely connects to your financial institution.

StepShake never receives or stores your:

Bank username or password
Full account number
Routing number
Bank login credentials

We only receive:

Verification status
User’s legal name confirmation
Tokenized verification data
Payout eligibility confirmation

Stripe – Payments & Subscription Billing

Used for:

Processing in-app credit card transactions (web only)
Managing subscriptions
Billing and invoices
Payment dispute handling (chargebacks)

Stripe securely handles:

Credit/debit card details
Billing ZIP codes
Subscription renewals

StepShake does not see or store full card numbers or CVV codes.

Apple In-App Purchases

Used for:

iOS purchases and subscriptions
All payment processing for Apple devices

StepShake never receives your Apple payment details.

1.5 Tax Information (W-9, International Compliance)

If you participate in referral programs or earn payouts from StepShake, we may be required by law to collect certain tax information depending on your country.

United States (IRS Requirement)

If your earnings meet IRS thresholds:

We may collect W-9 forms
Legal name
Address
Tax classification
TIN/SSN only if legally required by the IRS

We never store raw SSN_numbers directly in the app database.

We store only the minimum required values for reporting.

Canada

We do not collect:

Social Insurance Number (SIN)

We may collect:

Legal name
Address
Residency status

Only if required by Canadian tax rules for payout eligibility.

United Kingdom

We do not collect:

National Insurance Number (NIN)

We may collect:

Full name
Address
Residency confirmation
Proof of taxable status (if required for payouts)

Other International Users

For users outside the U.S., UK, and Canada:

We may collect minimal legal information
Only what is necessary to determine tax residency
Only what is required to process payouts following local regulations

We NEVER collect:

❌ Passport numbers

❌ Driver’s license numbers

❌ Full SIN or NIN numbers (unless local law explicitly requires)

❌ Non-essential sensitive personal data

We ONLY store:

What is legally required
What is needed to verify payment eligibility
What is necessary for anti-fraud compliance

Nothing else.

1.6 Information from Third-Party Accounts

If you connect StepShake with external platforms (Apple, Google, social media), we may receive:

Name
Email
Profile picture
Authentication tokens

We do not access your private content on those services.

1.7 Information You Provide Voluntarily

This includes:

Feedback submitted through forms or surveys
Messages sent to customer support
Content posted inside groups or community features
Suggestions or beta testing notes
Photos or media you choose to upload (optional)

We only store what you intentionally submit.

2. How We Use Your Information (Expanded & Professional Version)

StepShake uses your information to operate, maintain, and improve the Service. We only use your information for legitimate business purposes, and we do not sell your personal data.

We use your information for the following purposes:

2.1 To Provide and Maintain Core App Functionality

We use your information to:

Create and manage your StepShake account
Enable walking, activity tracking, and progress reporting
Support group participation, invitations, and messaging
Allow you to join events or meetups
Store your preferences and app settings
Sync your data across sessions and devices

This data is required to operate the core features of the StepShake app.

2.2 To Verify Identity and Prevent Fraud

We use Plaid to verify identity, confirm account ownership, and ensure payout eligibility.

We may use your information to:

Authenticate your identity
Confirm your eligibility for referral bonuses or payouts
Prevent duplicate or fraudulent accounts
Detect suspicious behavior
Protect StepShake and other users from misuse

Identity verification is required for financial compliance and user safety.

2.3 To Process Payments, Subscriptions, and Transactions

We use your information to:

Process payments through Stripe
Manage billing cycles and subscription renewals
Handle Apple In-App Purchase transactions
Generate receipts, invoices, or confirmation emails
Maintain accurate purchase records
Deliver paid features and benefits

We do not store your full credit card or bank details.

2.4 To Calculate, Issue, and Report Referral Earnings & Tax Documents

If you participate in referral or earning programs, we may use your information to:

Track referral activity
Calculate earned rewards
Verify eligibility for payouts
Issue required tax forms (e.g., W-9, 1099-NEC for U.S. users)
Meet international tax compliance obligations
Maintain records required by law

We only collect and store the minimum amount of data legally necessary for tax compliance.

2.5 To Improve App Performance and User Experience

We use analytics, device data, and user behavior information to:

Identify bugs or crashes
Improve app reliability and performance
Optimize features and user flows
Understand how users interact with StepShake
Develop new features and enhancements

This allows us to continuously improve the app.

2.6 To Personalize Content and Recommendations

We may use your activity data, location (if permitted), and interactions to:

Suggest groups, events, or people near you
Tailor activity insights and recommendations
Customize notifications and messages
Provide a more relevant experience

Personalization helps make StepShake more social and useful.

2.7 To Communicate With You

We may contact you to:

Send important account notifications
Confirm payments, renewals, or identity checks
Provide customer support
Share new features or updates
Contact you about promotions or events (optional)
Request feedback or surveys

You may opt out of marketing communications at any time.

2.8 To Maintain Safety, Security, and Legal Compliance

We use your information to:

Detect and prevent security breaches
Enforce community guidelines
Address harmful or abusive behavior
Investigate fraud or policy violations
Comply with applicable laws and regulations
Respond to law enforcement requests (when legally required)

Security and compliance are essential to protect all users.

2.9 To Enable Social, Group, and Community Features

We use your information to support community-driven features:

Messaging
Group participation
Invitations
User profiles
Activity sharing (if enabled)
Meetup coordination

These features rely on user interactions to function.

2.10 For Internal Reporting and Administration

We may use aggregated or anonymized data for:

Analytics and performance metrics
Business reporting
Internal monitoring
Audits and compliance reviews

This data cannot be used to identify individual users.

3. Plaid, Stripe & Apple Data Usage

This follows best-practice wording used by major apps (Venmo, CashApp, Stripe-based apps, fitness apps, and Apple-approved privacy formats).

You can paste this directly into your Privacy Policy.

3. Plaid, Stripe & Apple Data Usage (Expanded & Professional Version)

StepShake integrates with trusted third-party providers to deliver secure identity verification, payment processing, and subscription management. These providers operate under their own privacy policies and security frameworks. By using StepShake, you agree to their processing of your information as described below.

3.1 Plaid (Identity & Bank Verification)

StepShake uses Plaid to securely verify your identity and confirm account ownership when required for referral payouts, fraud prevention, or regulatory compliance.

✔️ What Plaid Collects

Plaid may collect and access financial account information directly from your bank, such as:

Account ownership details
Account type and status
Account number (tokenized)
Transaction history (when needed for verification)

All data is securely encrypted and transmitted directly between Plaid and your financial institution.

✔️ What StepShake Receives

StepShake does NOT receive:

Your banking username or password
Your full account numbers
Your financial credentials
Sensitive transaction-level data

StepShake receives only the verification results, such as:

Identity match confirmation
Account ownership verification
Fraud risk indicators
A secure Plaid token used for future verification

We use this data exclusively for:

Identity verification
Regulatory compliance
Eligibility determination for referral payouts
Fraud prevention

Plaid handles your data according to its own privacy policy:

https://plaid.com/legal

3.2 Stripe (Payments, Billing & Subscriptions)

StepShake uses Stripe as its primary payment processor for non-Apple transactions (such as web billing and certain subscription types).

✔️ What Stripe Processes

Stripe may process or store:

Payment card information
Billing address and contact details
Subscription history
Invoices and receipts
Refunds and dispute information
Transaction logs (date, amount, method)

Stripe tokenizes and securely stores your payment method for recurring billing where applicable.

✔️ What StepShake Receives

StepShake does NOT receive:

Your full card number
Your card’s security code (CVV)
Bank login credentials

StepShake receives:

A tokenized payment ID
Status of payment or subscription
Billing events (success, failure, chargeback)
Limited customer billing metadata

We use this information to:

Activate or deactivate subscriptions
Process purchases
Generate invoices
Provide customer support
Prevent fraud or misuse

Stripe handles your data under PCI-DSS Level 1 security standards.

3.3 Apple (In-App Purchases & Subscriptions)

For users on iOS, StepShake uses Apple’s In-App Purchase (IAP) system for subscription payments made through the App Store.

✔️ What Apple Handles

Apple manages:

Payment processing
Subscription billing
Automatic renewals
Refunds
Fraud detection
Family Sharing eligibility (if applicable)

Apple collects and processes:

Purchase history
App Store payment information
Subscription status

✔️ What StepShake Receives

StepShake does not receive:

Your Apple billing address
Your credit/debit card numbers
Your Apple ID email or password

StepShake receives:

A transaction receipt
Subscription activation or expiration status
Whether a purchase or refund occurred
Limited metadata (product ID, plan type, renewal status)

We use this data only to:

Activate premium features
Verify subscriptions
Offer customer support

Apple processes payment data according to its own privacy rules:

https://www.apple.com/legal/privacy/

4. International Users & Tax Reporting (Expanded & Professional Version)

StepShake offers referral bonuses and reward programs that may be considered taxable income in certain jurisdictions. Because tax laws vary widely by country and region, users are responsible for understanding and complying with their own legal obligations. By using StepShake’s payout or reward features, you acknowledge and agree to the following:

4.1 United States

For U.S.-based users, referrals and bonuses may be considered miscellaneous income by the Internal Revenue Service (IRS).

StepShake may:

Request a W-9 form
Collect your legal name and taxpayer information
Track your annual reward amounts
Issue a Form 1099-NEC or 1099-MISC if earnings meet IRS thresholds (currently $600+ per calendar year)

You are responsible for reporting your StepShake earnings in your annual federal and state tax filings.

Failure to provide a W-9 may result in:

Withheld payouts
Account suspension for payout-related features
IRS backup withholding

4.2 Canada

Canadian users may earn taxable referral bonuses depending on the total amount received during the year. However:

StepShake does not issue T4A, T5, or other CRA tax slips.
Users are individually responsible for reporting income to the Canada Revenue Agency.
StepShake may ask for basic residency information to comply with international regulations but does not request a Social Insurance Number (SIN).

You must include any StepShake earnings as self-reported income in your personal tax return.

4.3 United Kingdom

UK residents may be required to report certain earnings under HMRC rules.

StepShake:

Does not issue UK tax documents (e.g., SA100, P60, P45, or similar)
Does not collect your National Insurance Number (NI)

Users must:

Track their own earnings
Report income via Self Assessment when applicable
Comply with HMRC thresholds and tax requirements

StepShake may request proof of residency for risk and compliance reasons.

4.4 European Union, EEA & Global Regions

For users outside the U.S., Canada, and UK:

StepShake does not issue localized tax documentation.
Users are responsible for reporting earnings under their own country’s tax regulations.
StepShake may request limited information (such as legal name, address, or nationality) to comply with anti-fraud and anti-money-laundering regulations.
StepShake does not collect government ID numbers unless legally required.

If your region has:

Digital services acts
VAT requirements
Income reporting obligations

…you must ensure your compliance with local authorities.

4.5 Tax Document Storage & Security

StepShake stores only the minimum information legally required for tax compliance.
Sensitive tax documents (e.g., W-9) are encrypted and protected.
We do not share your tax information with others except:
- When required by law
- When required to issue IRS forms
- When necessary to comply with regulatory obligations

4.6 Eligibility & Payout Limits

To maintain compliance:

StepShake may restrict payouts for users who do not provide required tax info
StepShake may limit payout amounts based on region-specific regulations
Fraudulent tax information may result in account suspension or legal reporting

5. Sharing of Information (Expanded & Professional Version)

StepShake does not sell your personal data.

We only share information when necessary to operate the Service, comply with the law, or protect users.

We may share certain categories of information with trusted third parties under strict contractual controls:

5.1 Service Providers

We work with third-party vendors who help us operate and improve the app. These service providers may access your information only to perform work on our behalf and must follow strict confidentiality agreements.

Examples include:

Hosting and cloud storage providers
Analytics platforms
Customer support and communication tools
Identity verification services (Plaid)
Payment processors (Stripe, Apple)

We do not allow service providers to use your data for their own marketing or advertising.

5.2 Payment & Identity Verification Partners

For payments, billing, subscriptions, and KYC verification, we share limited information with:

Plaid – to verify identity and bank account ownership
Stripe – to process payments and manage subscriptions
Apple App Store – for in-app purchases and refunds

These partners receive only the data required to perform their role, and StepShake never has access to:

Bank login credentials
Full card numbers
Sensitive financial data

All financial data is processed using bank-level encryption under each provider’s compliance standards.

5.3 Community & Social Features

When you participate in groups, events, or social features, certain information may be visible to other users, such as:

Your name or display name
Profile photo (if added)
Steps or event participation
Messages you choose to send
Invitations you initiate

You control what you choose to share in public or group contexts.

5.4 Legal, Regulatory, and Safety Requirements

We may disclose information if required to:

Comply with applicable laws, subpoenas, or legal processes
Respond to law enforcement requests
Protect the rights, safety, and property of StepShake, users, or the public
Investigate fraud, security concerns, or policy violations

We will only share the minimum information necessary for compliance.

5.5 Business Transfers

If StepShake is involved in a merger, acquisition, restructuring, financing, asset sale, or similar transaction, your information may be transferred as part of the business assets.

In such events:

You will be notified where required by law
Any new entity will be bound by this Privacy Policy or an equal level of protection

5.6 With Your Consent

We may share information for purposes not covered above only when you explicitly authorize it.

Examples:

Connecting StepShake to another service
Sharing activity with social media
Participating in optional promotions or surveys

You may withdraw your consent at any time.

5.7 Aggregated or De-Identified Information

We may use and share aggregated, anonymized, or de-identified data that cannot be used to identify you.

Examples:

App usage trends
Step activity statistics
General community metrics

This information is used for analytics, product improvement, and system optimization.

6. Security (Expanded & Professional Version)

StepShake takes the privacy and security of your information seriously. We implement a combination of administrative, technical, and physical safeguards designed to protect your data from unauthorized access, misuse, loss, or disclosure. While no system can guarantee complete security, we continuously work to improve our practices.

6.1 Technical Safeguards

We use industry-standard security measures to protect your information, including:

Encryption in transit (HTTPS/TLS 1.2+) for all app traffic
Encryption at rest for stored data, where supported by our hosting platforms
Firewall-protected servers and secure network configurations
Tokenized authentication for user sessions
Secure password hashing (bcrypt or equivalent industry standards)
Secure API communication with Stripe, Plaid, Apple, and internal services
Regular vulnerability scanning and monitoring

6.2 Access Controls

StepShake restricts access to personal information to authorized employees or contractors who need such information to operate or improve the service.

We maintain:

Role-based access controls
Least-privilege access rules
Internal audit logs for sensitive operations
Termination protocols to revoke access promptly

6.3 Account Security

To help protect your account:

You are responsible for safeguarding your login credentials.
You should never share passwords or verification codes with anyone.
We recommend enabling device-level security (PIN, FaceID, fingerprint, etc.).

If we detect unusual account activity, we may:

Temporarily suspend access
Request additional identity verification
Notify you about suspicious behavior

6.4 Payment & Identity Security

We do not store full payment card numbers or bank credentials.

Stripe securely manages all payment details under PCI-DSS Level 1 compliance.
Plaid handles all identity verification and bank connectivity through encrypted, secure channels.
Apple In-App Purchases manage billing and payment data independently of StepShake.

StepShake only receives limited, non-sensitive information to confirm successful transactions or detections of fraud.

6.5 Data Storage & Hosting Protections

Your information may be stored on secure cloud servers operated by trusted third-party providers that comply with:

SOC 1 / SOC 2
ISO 27001
GDPR data processing standards (where applicable)

We use:

Automated backups
Redundant storage systems
Protection against accidental data loss

6.6 Breach Response

In the unlikely event of a data breach, StepShake will:

Investigate the incident promptly
Take immediate action to secure systems
Notify affected users when required by law
Provide guidance on steps you can take to protect yourself

6.7 User Responsibilities

To help maintain security, users agree to:

Keep account information up to date
Protect their device from unauthorized access
Use official StepShake app downloads only
Report suspicious activity immediately to:
support@stepshake.com

6.8 No Guarantee

No method of electronic storage or transmission is 100% secure.

We cannot guarantee absolute security, but we commit to employing industry best practices to safeguard your data.

7. Data Retention

This section follows best practices from GDPR, CCPA, and major app privacy standards (Apple, Google, Meta, Strava, Plaid).

You can paste this directly into your Privacy Policy.

7. Data Retention (Expanded & Professional Version)

StepShake retains your information only for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, maintain security, and enforce our Terms & Conditions.

The retention periods vary depending on the type of data and your account activity.

7.1 Personal Information

We retain personal information—including your name, email, phone number, profile photo, and account details—for as long as your StepShake account remains active.

If you delete your account:

Personal data is scheduled for deletion within 30–90 days
Backups may take up to 180 days to fully cycle out
Some metadata may remain longer where required by law

7.2 Activity & Usage Data

Data such as:

Steps
Distances
Group interactions
Messages
Invitations

is retained while your account is active so the app can function properly.

After account deletion:

Activity data is anonymized or deleted within 30–180 days
Aggregated analytics remain but are no longer associated with your identity

7.3 Device & Technical Logs

Logs such as device information, crash reports, and performance analytics are stored for:

90–365 days, depending on the system
Longer if needed for security, troubleshooting, or fraud prevention

These logs are typically stored in anonymized or pseudonymized form.

7.4 Financial & Verification Data

Because StepShake integrates with Plaid, Stripe, and Apple, we follow their retention standards:

Plaid

We do not retain financial credentials
Verification tokens are retained only as long as legally required for payout eligibility and fraud protection
Sensitive identity verification data is retained according to compliance rules (e.g., KYC requirements)

Stripe

Stripe may retain billing history and transaction metadata for 7–10 years, per financial regulations
StepShake only stores payment references—not full card or bank details

Apple IAP

StepShake does not control Apple retention
Apple may retain purchase history for audit and billing integrity

7.5 Tax & Compliance Records

For users who participate in payouts or referral programs:

U.S. W-9 and 1099-related information may be retained for 7 years (IRS regulations)
International tax data is retained only for the minimal duration required by applicable law

7.6 Suspended or Fraudulent Accounts

If StepShake detects fraud, abuse, or safety violations:

We may retain certain information indefinitely for security purposes
This may include device identifiers, behavior patterns, or transaction metadata
This helps prevent reactivation attempts or ban evasion

7.7 Backups

Data stored in secure backups may persist for up to 6 months after deletion but is:

Encrypted
Restricted
Not used for app functionality

Backup systems are automatically purged on rolling schedules.

7.8 Anonymized & Aggregated Data

We may retain anonymized data indefinitely for:

analytics
performance improvements
feature development
statistical reporting

This data cannot identify you personally.

8. Children’s Privacy

(COPPA-compliant, GDPR-UK compliant, App Store/Google Play ready)

You can paste this directly into your Privacy Policy.

8. Children’s Privacy (Expanded & Professional Version)

StepShake is not intended for individuals under the age of 18, and we do not knowingly collect, store, or process personal information from anyone under this age. By using the Service, you confirm that you meet the minimum age requirement in your region.

8.1 No Use by Minors

Users must be:

At least 18 years old, or
The age of majority in their province, state, or country if higher.

We do not allow minors to:

Create an account
Participate in referral or payout programs
Access features involving identity verification or financial activity
Join in-person meetups organized through the app

8.2 No Knowing Collection of Children’s Information

We do not knowingly collect personal data from children under 18.

This includes:

Names
Contact information
Device data
Location data
Activity, health, or step information

If we discover that a user under 18 has created an account, we will:

Immediately suspend the account,
Delete any collected information, and
Block further access to the Service.

8.3 Parental Notification and Removal Requests

If you believe that StepShake may have collected information from a minor, please contact us immediately at:

📧 privacy@stepshake.com

We will take prompt action to:

Remove the account
Delete associated data
Prevent further processing

8.4 Compliance With Global Children’s Privacy Laws

StepShake complies with all applicable children’s privacy laws, including:

COPPA (U.S.)
UK GDPR (United Kingdom)
GDPR Article 8 (European Union)
Similar laws in other regions

Where regulations differ, StepShake applies the strictest applicable standard.

8.5 No Marketing to Children

We do not:

Target minors with advertising
Allow child-directed ads
Profile or track children
Send promotional messages to minors

9. Your Rights (Expanded & Professional Version)

Depending on where you live, you may have certain rights regarding your personal information. StepShake respects all applicable privacy laws, including GDPR (EU/UK), CCPA/CPRA (California), PIPEDA (Canada), and other regional regulations.

We outline your rights clearly below.

9.1 Right to Access

You have the right to request:

A copy of the personal information we hold about you
Details about how your information is used
Information about third-party services that process your data

We will provide this information in a commonly used electronic format.

9.2 Right to Correction (Rectification)

You may request correction of:

Incorrect account details
Outdated profile information
Mistakes in identity verification data
Errors in tax, payout, or referral-related information

In most cases, you can update your information directly within the app.

9.3 Right to Deletion (“Right to Be Forgotten”)

You may request deletion of your personal data.

This includes:

Account information
Activity history
Messages
Stored preferences
Tax or payout data (unless legally required to retain)

Exceptions:

We may retain certain information where required by law, such as:

Fraud prevention
Financial reporting obligations
Tax compliance
Payment dispute records

When deletion is complete, your account becomes permanently inaccessible.

9.4 Right to Withdraw Consent

Where StepShake relies on your consent (e.g., location access, marketing emails), you can withdraw consent at any time by:

Adjusting in-app settings
Updating device permissions
Contacting support

Withdrawal does not affect the legality of processing already performed.

9.5 Right to Restrict Processing

You may request that we limit the use of your data if:

You dispute its accuracy
You believe it is being processed unlawfully
You require the data for legal claims

During restriction, certain app features may not function.

9.6 Right to Data Portability

You may request an electronic export of:

Your profile information
Your steps/activity data
Referral earnings or payout records
Other structured data you provided

We will deliver it in a widely-used file format (e.g., JSON or CSV).

9.7 Right to Object

You may object to:

Marketing communications
Certain profiling or analytics
Data processing based on legitimate interest

If you object, StepShake will stop processing your data unless we have a compelling legal basis.

9.8 California Privacy Rights (CCPA/CPRA)

California residents may also request:

A list of categories of data we have collected
A list of categories sold or shared (StepShake does not sell personal data)
Opt-out of certain data sharing
Correction or deletion of data
Limit the use of sensitive information

We will respond in compliance with California law.

9.9 GDPR Rights (EU & UK)

If you reside in the EU or UK, you have:

Full GDPR rights (Articles 12–23)
A right to lodge complaints with your Data Protection Authority
A right to request the name of our EU/UK data representative (if applicable)

We handle GDPR requests within the legally mandated time frames.

9.10 How to Exercise Your Rights

To submit a privacy request, contact:

📧 privacy@stepshake.com

Subject Line: “Data Request – StepShake”

Include:

Full name
Email associated with your account
Description of your request

For security, we may need to verify your identity before processing your request.

Most requests are processed within:

30 days for GDPR regions
45 days for CCPA/CPRA
Or sooner where possible

9.11 No Discrimination

StepShake will never deny service, charge different prices, or offer different functionality because you exercised your privacy rights.

10. Updates to This Policy (Expanded & Professional Version)

We may update or revise this Privacy Policy from time to time to reflect:

Changes in our services or features
New legal or regulatory requirements
Updates to our data practices
Improvements in security or functionality

When an update is made, we may notify you through one or more of the following methods:

Posting the updated policy within the StepShake app
Updating the “Last Updated” date at the top of this page
Sending an in-app notification or email (when required by law)

Unless otherwise stated, updated Privacy Policies take effect immediately upon posting.

By continuing to use StepShake after updates take effect, you acknowledge and agree to the revised Privacy Policy.

If you do not agree to the updates, you must discontinue use of the app and delete your account.

11. Contact Information (Expanded & Professional Version)

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, you may contact us using the channels below:

11.1 Privacy & Data Requests

For questions related to:

Data access
Data deletion
Corrections or updates
GDPR / UK-GDPR rights
CCPA inquiries
Data portability

📧 privacy@stepshake.com

We may request additional information to verify your identity before fulfilling your request.

11.2 General Support

For help with:

Account issues
App functionality
Technical problems
Billing or subscriptions

📧 support@stepshake.com

🌐 www.stepshake.com/support (if available)

11.3 Legal Notices

For legal inquiries, compliance matters, or policy enforcement:

📧 legal@stepshake.com

(Or your preferred single legal email)