Privacy Policy
AppyPilgrim ("we", "us", "our") operates the AppyPilgrim mobile application (the "App"). This Privacy Policy explains how we collect, use, store, and protect your information when you use the App.
1. Information we collect
Information you provide
- Account information: Name and email address when you sign in with Apple, Google, or email.
- Profile photo: If you choose to upload a profile picture.
- Preferences: Your walking persona, language, and notification preferences.
Information collected automatically
- Device identifier: An anonymous device ID generated on first launch, used to associate your data across sessions.
- Location data: Your precise GPS location when you use navigation features or enable the SOS safety feature. Location data is only collected when you actively use these features or explicitly grant permission.
- Health and fitness data: Steps, distance walked, heart rate, and active energy burned — only when you start a walking stage and only with your explicit HealthKit permission. This data is used solely to display real-time stats and log workout summaries to Apple Health.
- Usage data: Routes viewed, routes saved, and general product interaction data to improve the App experience.
Information we do NOT collect
- We do not collect advertising identifiers (IDFA).
- We do not track you across other apps or websites.
- We do not sell your personal data to third parties.
- We do not use your data for advertising purposes.
2. How we use your information
- App functionality: To provide route discovery, GPS navigation, AI chat assistance, and your walking profile.
- Personalisation: To tailor route recommendations and AI responses to your walking persona.
- Safety: To enable the SOS emergency feature, which sends your location to your designated emergency contact.
- Analytics: To understand how the App is used and improve the experience. Analytics data is not linked to your identity.
3. On-device AI
The Appy AI feature processes all conversations entirely on your device using a locally installed AI model. No conversation data is sent to our servers or any third party. The AI model runs without network access after installation.
4. Health data
We access HealthKit data solely to display walking metrics and log workout summaries. Health data is:
- Never sent to our servers
- Never used for advertising or marketing
- Never stored in iCloud
- Never shared with third parties
- Only accessed with your explicit permission, which you can revoke at any time in iOS Settings
5. Data storage and security
- Local storage: Preferences, cached routes, and AI conversations are stored on your device.
- Cloud storage: Account information, saved routes, and interaction data are stored in our Supabase database, protected by row-level security policies scoped to your user account.
- Authentication: Tokens are stored securely in the iOS Keychain. All network communication uses HTTPS/TLS encryption.
6. Third-party services
We use the following services to operate the App:
| Service | Purpose | Data shared |
|---|---|---|
| Supabase | Backend database and authentication | Account info, saved routes |
| Apple Sign In | Authentication | Name, email (as provided by Apple) |
| Google OAuth | Authentication | Name, email |
| Apple WeatherKit | Weather forecasts for routes | Route coordinates (no user data) |
| Stripe | Payment processing for bookings | Payment token only (no card details) |
| Resend | Transactional emails | Email address |
We do not share your data with data brokers, advertising networks, or social media platforms.
7. Data retention and deletion
- Your data is retained as long as your account is active.
- You can delete your account and all associated data at any time from Profile → Settings → Privacy & Data → Delete Everything.
- Account deletion permanently removes all your data from our servers, including saved routes, preferences, chat history, and identity verification records.
- If you signed in with Apple, we also revoke your Apple credentials upon account deletion.
8. Children's privacy
The App is not directed at children under 13. We do not knowingly collect personal information from children under 13.
9. Your rights
You have the right to:
- Access your personal data (Profile → Settings → Privacy & Data → Export Data)
- Delete your personal data (Profile → Settings → Privacy & Data → Delete Everything)
- Withdraw consent for optional data processing at any time
- Contact us with questions about your data
10. Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of material changes through the App or by email. The "Last updated" date at the top indicates when the policy was last revised.
11. Contact us
If you have questions about this Privacy Policy or your personal data:
Email: support@appypilgrim.it
Website: https://appypilgrim.it