Back to StepSense Website
StepSense Privacy Policy

Apple Health / HealthKit Integration

Before we begin, it is important that you know StepSense integrates with AppleHealth. We request access to read your steps walked, calories burned, flights climbed, bmr and heart rate data, where available, in order for you to particiapte in the challenge. We do not write new data to your AppleHealth storage, we do not share any of your AppleHealth data with any third parties and we take your privacy very serious. We simply use your step and flight data to feature you on the challenge leaderboard.

GoogleFit Integration

StepSense integrates with GoogleFit. We request access to read your steps walked, calories burned, bmr and heart rate data, where available, in order for you to particiapte in the challenge. We do not write new data to your GoogleFit storage, we do not share any of your Google Fit data with any third parties and we take your privacy very serious. We simply use your step and flight data to feature you on the challenge leaderboard.

Fitbit Integration

StepSense integrates with Fitbit. We request access to read your steps walked, calories burned, bmr and heart rate data, where available, in order for you to particiapte in the challenge. We do not write new data to your Fitbit storage, we do not share any of your Fitbit data with any third parties and we take your privacy very serious. We simply use your step and flight data to feature you on the challenge leaderboard.

Garmin Integration

StepSense integrates with Garmin. We request access to read your steps walked, calories burned, bmr and heart rate data, where available, in order for you to particiapte in the challenge. We do not write new data to your Garmin storage, we do not share any of your Garmin data with any third parties and we take your privacy very serious. We simply use your step and flight data to feature you on the challenge leaderboard.

StepSense is committed to meeting the provisions of this privacy policy in all aspects of its business operations.

We respect your privacy. StepSense (referred to as "StepSense" or "We" in this Privacy Policy) have developed this Privacy Policy to inform you of how we protect the Personal Information that we Collect, Use, Disclose and keep secure. It also covers how StepSense makes the Personal Information it holds available for access to and correction by you. This Privacy Policy has been drafted having regard to StepSense's obligations under the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012 which includes the South African Privacy Principles (collectively, the Privacy Act), and also under the relevant state legislation governing health records such as the Health Records Act 2001 (Victoria, Australia), which includes the Health Privacy Principals of APAC region. This Privacy Policy is a public document and has been prepared in light of South African Privacy Principles - Open and Transparent Management of Personal Information as set out in the latest editions of the major international laws, including GDPR, CCPA, LGPD, and POPI. By using a StepSense Online Platform, or by receiving notification from StepSense of how you may access this Privacy Policy, whether by phone, email or otherwise, you are consenting to the Collection, Use and Disclosure of your Personal Information as set forth in this Privacy Policy. This Privacy Policy applies to the services and products provided by StepSense and binds all our employees and health professionals. StepSense employees are required to sign an agreement that includes a confidentiality clause on commencement of employment. Third Parties such as subcontractors that collect information on behalf of StepSense are bound by this Privacy Policy. As it stands as of 2021-09-01, StepSense is not using any 3rd party information collection sub-systems. StepSense does not provide your Personal Information to your employer unless it has been properly de-identified. This de-identified (anonymous) data will allow for the analysis and identification of overall company health risks and for planning structured wellness initiatives across your organisation. This Privacy Policy is available on any StepSense Online Platform and can also be accessed via links included in newsletter, email, launch emails, and other communications; as well as on the StepSense.io website.

Please read this Privacy Policy carefully and contact us on support@mystepandgo.com if you have any questions.

1. COLLECTION OF YOUR INFORMATION

1.1 StepSense Collects minimalPersonal Information, which includes:

  • First Name (optional - can be disabled)
  • Last Name (optional - can be disabled)
  • Nickname if First and Last names have been disabled
  • Gender (optional and user has option to select "unspecified")
  • Generic year of birth; We do not collect DATE OF BIRTH
  • Height (optional / does not have to be completed and can also be switched off) - Height information is not shared anywhere in the app and is masked even from the user. No one else can see your height in the app. And when switched off, everyone in the challenge will be assigned a generic height of 1.75m
  • Weight (optional / does not have to be completed and can also be switched off) - Weight information is not shared anywhere in the app and is masked even from the user. No one else can see your weight in the app. And when switched off, everyone in the challenge will be assigned a generic weight of 65kg
  • Height and weight is only used to calculate your number of calories burned
  • Total number of steps walked in a day
  • Total number of flights climbed in a day
  • Email address or username - the company can decide how registration should take place. The company can also specify if users should use their company email address or their own personal email address. When email registration is switched off, users will be registering with a username. This may complicate things like password reset; forgot password; or identifying someone in the challenge.

1.2 StepSense DOES NOT COLLECT the following information:

  • We do not collect your GPS co-ordinates
  • We do not track your location
  • We do not track what time of the day you step
  • We do not track what time of the day you climb flights of stairs
  • We do not track what time of day you do any activity in the app - we only record the date (01-09-2021) without any time stamp

1.3 StepSense will not Collect Personal Information secretly or in an underhanded way and will not sell your Personal Information to any third party.

2. HOW WE USE YOUR INFORMATION AND WHEN WE MAY DISCLOSE IT

2.1 StepSense collects and holds limited Personal Information which it has Collected to Use and/or Disclose for its Primary Purposes of providing you with a gamification corporate health and wellness services, including but not limited to:

1. providing you with podcasts, articles and journeys in line with your activity goals; 2. answering your inquiry or responding to complaints, access and correction requests 3. providing you with effective customer service in regard to the StepSense services provided to you; and/or 4. providing your organisation with de-identified (anonymous) data in order for them to analyse and identify company health risks and to plan structured wellness initiatives. De-identified data will always be based on averages and big data - for example, the most granular level of reporting will always be de-identified - an example would be "20% of participants in the StepSense Company ABC Challenge interact regularly with content in the anxiety section of LifeArmor".

2.2 StepSense also holds Personal Information which it Uses and/or Discloses for purposes other than its Primary Purposes (Secondary Purposes). By providing Personal Information to StepSense, you are consenting to us using your Personal Information for the following Secondary Purposes:

1. business planning and product development; 2. providing you with relevant information about the products and services of StepSense; 3. enabling us to better understand your needs and interests; 4. improving the content, functionality and usability of our programs and services; 5. billing and account management; 6. for any other purpose identified in any other agreement between StepSense and you; 7. issues, news or other information relevant to your dealings with StepSense, or about StepSense generally, or the industries in which you or StepSense operates; and 8. as otherwise described in this Privacy Policy.

2.3 StepSense may also Use and/or Disclose your Personal Information for any Secondary Purposes not included in this Privacy Policy if:

1. the Secondary Purpose is directly related to a Primary Purpose; and
2. you would have a Reasonable Expectation that we would Use the information for that Secondary Purpose.

3. ENSURING INFORMATION IS ACCURATE AND UP-TO-DATE

We take reasonable precautions to ensure that the Personal Information we Collect, Use and Disclose is complete, relevant and up-to-date. However, the accuracy of that information depends to a large extent on the information you provide. That's why we recommend that you:

  • let us know if there are any errors in your Personal Information; and
  • keep us up-to-date with changes to your Personal Information. You may change your personal details by using the relevant facility on our StepSense app under "My Profile" or by contacting StepSense via contact details described in Point 12.

4. HOW WE PROTECT YOUR INFORMATION

4.1 StepSense manages and secures the Personal Information it collects by using reasonable physical, technical and administrative safeguards and procedures. These safeguards and procedures include but are not limited to:

1. use of appropriate encryption, password, and other protections for information held electronically; 2. only providing necessary personnel access to personal information; 3. regularly providing staff training on privacy issues; 4. implementing various procedures to assist employees in alerting customers to potential privacy issues before personal information is collected; 5. regularly reviewing its privacy compliance; and 6. appointing privacy officers within StepSense organisations to monitor privacy compliance.

4.2 StepSense will take reasonable steps to protect your Personal Information from misuse, interference, loss and unauthorised access or disclosure. This may include taking reasonable steps to destroy or permanently de-identify Personal Information once it is no longer needed for any purpose for which it may be Used or Disclosed in accordance with privacy principle laws, subject to the exceptions contained therein.

4.3 StepSense will not attempt to match de-identified or anonymous data Collected through surveys or such online devices as "cookies", with information identifying an individual, without the consent of the relevant individual.

4.4 StepSense requires employees and contractors to perform their duties in a manner that is consistent with StepSense's legal responsibilities in relation to privacy, including those in this Privacy Policy.

4.5 StepSense will take reasonable steps to ensure that Personal Information is only accessible by people who have a genuine "need to know" as well as "right to know."

4.6 This Privacy Policy only governs the collection and use of any data obtained through the StepSense website or app. An Online Portal and App may from time to time contain links to external websites or embedded content from 3rd party video or audio providers. In the event that you provide Personal Information on these external websites, StepSense accepts no responsibility for any misuse of that information by any third party.

5. HOW YOU CAN ACCESS OR CORRECT YOUR INFORMATION

5.1 StepSense will permit its records containing your Personal Information to be accessed by you when required by the Privacy Act. We may, however, refuse to provide you with access to your Personal Information if one or more of those matters contained in the Access to Personal Information laws applies, including but not limited to instances in which:

1. giving access to the information would have an unreasonable impact on the privacy of any other individual;
2. your request for access is frivolous or vexatious or giving such access will be unlawful.

5.2 If StepSense is satisfied that:

1. having regard to the purpose for which the information is held, the information is inaccurate, out of date, incomplete or irrelevant or misleading; or 2. you (as the person to whom the Personal Information relates) request that we correct the information; we will take reasonable steps to correct our records containing your Personal Information as soon as practically possible in accordance with the Privacy Act.

5.3 If we have refused to grant you access to your Personal Information in accordance with the points above, we will still take all reasonable steps to provide you with access to your Personal Information in a way that meets both your needs and our needs.

5.4 If you:

1. wish to lodge a request to access and/or correct your Personal Information; or
2. have been refused access to your Personal Information by us for any reason described in this Privacy Policy and you wish to challenge that refusal; you may do so by contacting the office of StepSense Privacy Officer as per the details in Point 12.

5.5 StepSense will not charge a fee for processing an access request unless the request is complex or is resource intensive. StepSense does, however, reserve the right to charge an administration fee if an individual requests access to their Personal Information more than once in a three month period.

5.6 Where StepSense offers online account management facilities, customers can use this capability to control aspects of their account, including amending or updating certain Personal Information.

6. OPENNESS

6.1 The office of StepSense's Privacy Officer will be the first point of contact for inquiries about privacy issues. If you wish to make an inquiry or complaint regarding privacy you should do so by contacting this office as per the details in Point 12.

6.2 You will find that all StepSense Online Platforms contains a copy of this Privacy Policy

7. STAYING ANONYMOUS

7.1 StepSense will not make it mandatory for visitors to its Website or Portals to provide Personal Information unless such Personal Information is required to answer an inquiry or provide a service. StepSense may however request visitors to provide Personal Information voluntarily to StepSense (for example, as part of a competition or questionnaire).

7.2 StepSense will allow its customers to transact with it anonymously or by using a pseudonym wherever that is lawful, reasonable and practicable.

8. TRANSFERRING INFORMATION OVERSEAS

8.1 If we send Personal Information overseas, StepSense will take steps which are both reasonable and practicable to ensure that the overseas recipient handles such information in accordance with the Privacy Act and in line with the assigned domicile.

8.2 StepSense may disclose Personal Information to an overseas recipient without complying with 9.1 if:

1. you are Expressly Informed of the intended disclosure of your Personal Information to the overseas recipient, and you provide consent accordingly; or
2. we reasonably believe that the overseas recipient is subject to a law or a binding scheme that has the effect of protecting the information in a way that, overall, is at least substantially similar to the way in which the Privacy Act seeks to protect same and you can access mechanisms to enforce the protection of your Personal Information under that law or that scheme; or 3. the Disclosure is required or authorised by an South African court or tribunal or under South African law.

9. CHANGES TO THE PRIVACY POLICY

StepSense may, in its sole discretion, update this Privacy Policy at any time and from time to time. Any changes will be effective when posted on the Website. Your continued use of the Website will indicate your acceptance of any changes to the Privacy Policy. All Personal Information, Collected both before and after any changes take effect, will be subject to the terms of the then current policy, for which you will be taken to have provided consent, unless you indicate otherwise by contacting the office of StepSense's Privacy Officer as per the details in in Point 12. We encourage you to refer back to this page and especially prior to providing us with any Personal Information.

10. COMPLIANCE WITH THE HEALTH PRIVACY PRINCIPALS

Where applicable, the collection and use of any Health Information obtained by StepSense will be in compliance with the Health Privacy Principals found in the Health Records Act or in any other relevant state legislation governing health records.

11. GLOSSARY

Collect means gather, acquire or obtain by a lawful and fair means, information in circumstances where the individual is identifiable or identified.
Disclosure generally means the release of information outside StepSense, including under a contract to carry out an "outsourced function."
Express Consent Consequences includes the fact that that we will not be accountable under the Privacy Act and you will not be able to seek redress under the Privacy Act in the event that you provide consent to the disclosure of your Personal Information by us to an overseas recipient and the overseas recipient handles your Personal information in breach of the Privacy Act.
Expressly Informed means the circumstance where we have provided you with a clear statement (either verbal or in writing) of the Express Consent Consequences. Health Information means personal information regarding the physical, metal or psychological health of an individual or other information as defined pursuant to the Health Records Act.
StepSense means StepSense Pty Ltd and all companies in the StepSense group, including its Related Bodies Corporate, and also any related overseas bodies corporate.
Online Platform means a branded portal through which StepSense provides services to users.
Opt Out means an individual's expressed request not to receive Direct Marketing communications or any other communication from StepSense.
Permitted Health Situation means those situations described in section 16B of the Privacy Act 1988, including situations in which the collection of an individual's Personal Information is necessary to provide a health service to that individual and is done in either as authorised by South African law or in accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind StepSense. Personal Information means information or an opinion (whether information or an opinion forming part of a database), whether true or not and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained from the information or opinion. This includes, but is not limited to, an individual's name, and email address.
Primary Purpose is the main reason for the Collection of any Personal Information.
Reasonable Expectation means an individual's reasonable expectation that their personal information might be Used or Disclosed for the relevant purpose. Related Body Corporate is given its meaning in the Corporations Act 2001 (Cth). Secondary Purpose means a purpose of Use or Disclosure other than a Primary Purpose. Sensitive Information is given its meaning in section 6(1) of the Privacy Act 1988 (Cth) and includes Health Information. Services means those services provided through a StepSense Online Platform Use means the handling of Personal Information within StepSense.

12. CONTACTING StepSense

If you have questions concerning this Privacy Policy, please contact us on:

  • via email at sales@mystepandgo.com; or
  • by writing to the StepSense Head Office, 155 West St., Sandton, 2031
You can obtain further information about your privacy rights and the Privacy Act from the Office of the South African Information Commissioner by visiting their web site at https://www.gov.za/documents/protection-personal-information-act. This Privacy Policy was last updated on 1 September 2021.

13. Right to be forgotten

Should you wish to have all your personal information as well as all your activity information deleted from all StepSense systems, you can send an email to support@mystepandgo.com and request to be forgotten and specify the date from which you wish your account to be de-identified and deleted.

Your information will be stored in the appropriate domicile datacenter depending on the sensitivity of the PII (Personally Identifiable Information).

Once your contract with StepSense expires, the employer can request all employee data to be de-identified and deleted from all StepSense platforms.