1. Who We Are
StreetSole ("we", "us", "our") is a mobile application that allows users to track, visualise, and share the streets they walk. The app is operated as an independent product.
For the purposes of UK GDPR and EU GDPR, StreetSole is the data controller for personal data processed through the app.
Contact us: privacy@streetsole.app | streetsole.app
2. What Data We Collect
2.1 Account data
When you sign in with Apple or Google, we receive and store:
- Display name
- Username (chosen by you in the app)
- Profile photo URL (from your sign-in provider, if available)
- A unique user identifier (UID) assigned by Firebase Authentication
We do not receive or store your Apple ID or Google account password. We do not store your email address unless Apple provides it as part of Sign in with Apple.
2.2 Location data
StreetSole requires access to your device's location to function. We collect:
- GPS coordinates during an active walk session, processed on-device to determine which named streets you have walked
- Your approximate city location, used to select the correct street map
Important: Raw GPS coordinates are processed locally on your device. We do not transmit or store individual GPS coordinate sequences to our servers. What we store is a record of which street segments you have walked (identified by OpenStreetMap street IDs) β not your precise GPS path.
We request "Always Allow" location permission to enable background tracking when your phone is in your pocket during a walk. You can change this at any time in iOS Settings > Privacy > Location Services > StreetSole.
2.3 Walk activity data
For each completed walk session, we store:
- City name and city identifier
- Walk start time and end time
- Total distance walked (in kilometres)
- Number of new streets discovered
- List of street IDs newly walked
2.4 Progress and statistics
- Total streets walked across all sessions
- Total distance walked
- Current daily streak and last walk date
- City completion percentages
- Badge and achievement unlock status
2.5 Social data
If you use optional social features, we store:
- Your username and display name (visible to friends you add)
- A summary of recent walks in your friends' activity feed (city name, streets walked, distance β no location path)
- Friend connection records
2.6 Notification preferences
We store your notification preference (on/off). Notifications are delivered locally from your device β we do not use third-party push notification services or store device tokens on our servers.
2.7 Data we do NOT collect
- Your email address (unless provided by Apple Sign-In)
- Payment or financial information
- Precise GPS routes or coordinate sequences stored on our servers
- Advertising identifiers or cross-app tracking data
- Device contacts or calendar data
- Health or medical data
3. How We Use Your Data
| Purpose | Data used |
|---|---|
| Providing the core street-tracking service | Location data, walk activity data, street IDs |
| Displaying your progress and statistics | Walk history, city completion, streaks, badges |
| Syncing your data across devices | All account and progress data stored in Firebase |
| Social features (friend activity feed) | Username, display name, walk summaries |
| Sending local notifications | Streak count, suburb completion (processed on-device) |
| Responding to support requests | Contact details you provide when reaching out |
4. Legal Basis for Processing
We rely on the following legal bases under UK GDPR and EU GDPR:
- Contract performance (Article 6(1)(b)): Processing your account data, location data, and walk history is necessary to deliver the app's core service.
- Legitimate interests (Article 6(1)(f)): Processing anonymised usage patterns to improve the app, where this does not override your rights.
- Consent (Article 6(1)(a)): Sending local notifications β you are asked for permission in the app and can withdraw at any time.
5. Where Your Data Is Stored
Your data is stored using Google Firebase (Cloud Firestore and Firebase Authentication), with servers located in the EU and/or United States. Firebase participates in the EUβU.S. Data Privacy Framework. Data transfers from the UK and EU to the US are covered by Standard Contractual Clauses (SCCs).
Walk session data is also stored locally on your device using SQLite and is not shared with any third party beyond Firebase.
6. How Long We Keep Your Data
- Account and profile data: retained while your account is active
- Walk history and statistics: retained while your account is active
- Local device data: retained on your device until you delete the app
- Deleted accounts: all associated Firebase data deleted within 30 days; backups purged within 90 days
7. Who We Share Your Data With
We do not sell, rent, or trade your personal data. We share data only with:
- Google Firebase / Google LLC β authentication and cloud storage infrastructure
- Apple Inc. β authentication via Sign in with Apple
- OpenStreetMap β public street map data (no personal data sent)
- Map tile providers (e.g. Carto) β background map rendering using only your approximate city location
No advertising networks, data brokers, or analytics companies receive your personal data.
8. Your Rights
Under UK GDPR and EU GDPR you have the right to:
- Access β request a copy of the personal data we hold about you
- Rectification β ask us to correct inaccurate data
- Erasure β ask us to delete your account and all associated data
- Restriction β ask us to restrict processing in certain circumstances
- Portability β receive your data in a machine-readable format
- Object β object to processing based on legitimate interests
- Withdraw consent β turn off notifications at any time via iOS Settings
To exercise any of these rights: privacy@streetsole.app
UK users can lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk | 0303 123 1113.
EU users can lodge a complaint with their local supervisory authority.
9. Children's Privacy
StreetSole is not directed at children under 13 (or 16 in EU member states where applicable). We do not knowingly collect personal data from children. Contact us immediately at privacy@streetsole.app if you believe a child has provided us with personal data.
10. Security
- Firebase Authentication with cryptographic nonces for Apple Sign-In
- Data in transit encrypted via HTTPS/TLS
- Data at rest encrypted by Google Cloud infrastructure
- Firebase data access restricted to authenticated users via Firestore security rules
11. Changes to This Policy
When we make material changes, we will notify you within the app. The "Last updated" date above will always reflect the most recent revision.
12. Contact Us
- Email: privacy@streetsole.app
- Website: streetsole.app
We aim to respond to all data subject requests within 30 days.