Privacy Policy
StepBack is developed by Davey Smit ("we", "our", "us"). This Privacy Policy explains how StepBack handles your data and applies to all users of the app.
Summary
StepBack does not collect, transmit, or store any personal data on external servers. There is no account system, no cloud sync, and no third-party analytics. All data stays on your device at all times.
1. Who this policy applies to
This policy applies to all users of StepBack on iOS. If you are located in the European Economic Area (EEA) or United Kingdom, we act as the data controller for the purposes of the GDPR.
2. Data we process and where it stays
All data StepBack creates or uses is stored exclusively on your device in iOS App Group storage (group.com.stepback.shared) and never leaves your device.
| Data | Purpose | Where stored |
|---|---|---|
| Focus profile names, icons, colors, schedules | Display and manage your profiles | On-device (App Group UserDefaults) |
| App and website category selections (FamilyActivitySelection) | Configure what gets blocked | On-device (App Group UserDefaults) |
| Screen Time / Family Controls permission | Required by Apple to enforce blocking | On-device only; managed entirely by iOS |
| App preferences (theme, layout, override settings) | Personalize your experience | On-device (App Group UserDefaults) |
3. How blocking works
Blocking is enforced by Apple's Family Controls and ManagedSettings frameworks at the operating-system level. StepBack passes your chosen app and website category selections to iOS; iOS handles enforcement. StepBack itself never observes which specific apps you open, which websites you visit, or how long you spend in any app.
The StepbackMonitor extension runs on-device to start and stop blocking at scheduled times. It reads your profile settings from the same on-device storage described above and does not transmit any data.
4. What we do NOT do
- No account creation or login required
- No cloud backup or cross-device sync
- No analytics, telemetry, or crash-reporting sent to any server
- No third-party SDKs or libraries that process personal data
- No access to your app usage history or browsing activity
- No in-app purchases or payment data processing
- No advertising of any kind
5. Third-party services
StepBack uses no third-party services. The only frameworks used are Apple's own (SwiftUI, FamilyControls, ManagedSettings, DeviceActivity, Foundation). Apple's own privacy practices are governed by Apple's Privacy Policy.
6. Data retention and deletion
All data StepBack stores lives on your device. You can delete it at any time by:
- Deleting individual profiles within the app, or
- Uninstalling StepBack, which removes all associated App Group data from your device.
There is no server-side data to request deletion of.
7. Children's privacy
StepBack is a personal focus tool intended for users aged 13 and older. The app is not directed at children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child under 13 has used this app and personal data has been processed, please contact us at the address below.
8. Your rights (EEA / UK users)
Because StepBack processes no personal data on any server, there is no data held by us to access, correct, export, or erase. If you have questions about data processed entirely on your device, you may contact us. EEA/UK users may also lodge a complaint with their local supervisory authority.
9. California residents (CCPA)
StepBack does not sell, share, or disclose personal information to third parties. No opt-out is required because no personal data is collected or shared.
10. Changes to this policy
We will update the "Last updated" date at the top of this page when this policy changes. Continued use of the app after a policy update constitutes acceptance of the revised policy. Significant changes will be communicated via an in-app notice where feasible.
11. Governing law
This policy is governed by the laws of the Netherlands, without regard to conflict-of-law principles.
12. Contact
Questions about this privacy policy? Email hello@stepback.app.