This Privacy Policy explains how Sidestep ("we", "our", or "the app") collects, uses, and protects your personal data when you use the mobile application Sidestep.
01General Information
- App name: Sidestep
- Provider: Michael Zauner
- Contact email: sidestep@mzappworks.dev
We take the protection of your personal data seriously and process it in accordance with applicable data protection laws, in particular the General Data Protection Regulation (GDPR).
02Data We Collect
We collect and process the following data depending on how you use the app:
2.1 Authentication Data
When you sign in with Google or Apple, we receive and store:
- Your name (as provided by your Google or Apple account)
- Your email address
- A unique user ID issued by Firebase Authentication
This data is used solely to identify your account and enable access to the app.
2.2 User-Generated Content
The app allows you to store the following data locally on your device:
- Quest progress and completion history
- Journal entries and mood ratings
- Photos you choose to attach to completed quests
- Personal preferences (language, theme, interests, personal place)
This data is stored locally on your device using shared preferences and is not transmitted to our servers unless explicitly described otherwise.
2.3 Location Data
The app may request access to your device's location to personalize certain quest suggestions (e.g. your "personal place"). Location data is processed on-device and is not stored on external servers.
2.4 Technical Data
To ensure stable and secure operation, the following technical data may be processed:
- Device information (operating system, device model)
- App version
- Crash and error details (if crash reporting is enabled)
03How We Use Your Data
We use collected data to:
- Provide and operate the app
- Authenticate and manage user accounts
- Improve app functionality and user experience
- Detect, analyze, and fix technical issues
- Ensure app security and stability
04Third-Party Services
The app uses the following third-party services, which may process data in accordance with their own privacy policies:
- Firebase Authentication (Google LLC) – user sign-in and account management
- Google Sign-In (Google LLC) – OAuth authentication via Google
- Sign in with Apple (Apple Inc.) – OAuth authentication via Apple
Firebase services may process data outside the European Union. Google LLC participates in the EU-U.S. Data Privacy Framework and provides appropriate safeguards in accordance with GDPR (Art. 46).
For more information, see:
05Data Storage and Security
We apply appropriate technical and organizational measures to protect your data against unauthorized access, loss, or misuse.
- Authentication data is stored securely via Firebase Authentication.
- Quest progress, journal entries, and preferences are stored locally on your device.
- Data is retained only as long as necessary for the purposes described in this policy or until you delete your account.
06Your Rights (GDPR)
You have the right to:
- Access your personal data
- Rectify inaccurate data
- Request deletion of your data
- Restrict or object to data processing
- Request data portability
- Lodge a complaint with a supervisory authority (in Austria: Datenschutzbehörde)
To exercise your rights, please contact us at sidestep@mzappworks.dev.
07Account and Data Deletion
You may request the deletion of your account and associated personal data at any time by contacting us at sidestep@mzappworks.dev. We will process your request within 30 days.
Locally stored data (quest progress, journal entries, photos) can be removed by uninstalling the app from your device.
08Age Restriction
Sidestep is intended for users aged 16 and older. We do not knowingly collect personal data from individuals under the age of 16. If you believe a person under 16 has provided us with personal data, please contact us and we will delete it promptly.
09Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be published on this page with an updated "Last updated" date and are effective immediately upon publication. We recommend checking this page periodically.
10Contact
If you have any questions about this Privacy Policy or data protection, please contact: