Privacy Policy

This Privacy Policy describes how Upster ("we," "us," or "our") handles information when you use the Upster mobile app, the Apple Watch companion app, and the home-screen widget (collectively, "Upster" or the "App").

Plain-English summary: Upster is built to be data-light. Your active hours, sit limit, chair progress, and streak data live in iCloud-backed local storage on your device. Your Apple Health step counts, motion data, and (if you opt in) calendar event metadata are read on-device only and never leave your device. We do not sell your data. We do not run our own analytics server. We do not have advertising. The only third parties that see anything about you are Apple (App Store + StoreKit), RevenueCat (subscription state), and — only if you tap the support email link — your email provider.

1. Who we are

Upster is operated by Oliver Welman. Contact: team@getupsters.com.

For users in the European Economic Area, the United Kingdom, and Switzerland, Oliver Welman is the data controller for personal data processed by Upster.

2. Data we collect, why, and where it lives

We organize this section by data type rather than by feature, so you can see at a glance what touches your information.

2.1 Health and motion data — read-only, on-device

• Step count (last several hours) — read from Apple Health (HealthKit) to detect prolonged stillness, verify break completion, and suppress nudges while you are already moving. Read into memory, used for the current decision, then discarded. Never transmitted off-device.
• Motion activity (Core Motion) — read from iOS sensors as a fallback when Apple Health is unavailable, and to confirm standing/walking during a break. Read into memory, used for the current decision, then discarded. Never transmitted off-device.

We do not read or store: heart rate, sleep stages, workout history, body measurements, mindful minutes, blood oxygen, ECG, or any other Health data type. We do not write to Apple Health.

2.2 Calendar data — read-only, on-device, optional

If you grant Calendar access, Upster reads event titles, start times, and end times only from the device's own calendar databases to determine whether a meeting is currently in progress (so we can suppress a nudge). This read happens locally inside the App. Calendar event content is never transmitted, logged, or stored beyond the immediate suppression decision. If you decline Calendar access, the App still functions; nudges simply do not consider your calendar.

2.3 Settings, progress, and on-device state

The following are stored in your device's local app sandbox (and synced via iCloud Key-Value Storage if you have iCloud enabled for Upster):

• Your configured active hours (start/end).
• Your chosen sit-tolerance level.
• Speech-bubble personality preference.
• App-icon variant selection.
• Onboarding progress flags.
• Streak counters, total chairs defeated, total breaks completed, daily step totals you have viewed in-app.
• The local timestamp of your most recent detected movement (used to compute "time since last move").
• Notification-permission decisions and silencing toggles you have made.

This data is not transmitted to us. iCloud Key-Value Storage, when used, is encrypted in transit and at rest by Apple, and we have no access to it.

2.4 Subscription data — RevenueCat

We use RevenueCat to manage subscription entitlements. When you start a free trial, purchase a subscription, or restore a purchase, RevenueCat receives:

• An anonymous, randomly generated user identifier (no email, no name, no Apple ID).
• The subscription product identifier and entitlement state.
• Metadata Apple's StoreKit returns about the purchase (transaction ID, country, currency, price). Apple does not give us your name, email, or Apple ID.
• Device characteristics provided by Apple's StoreKit framework (e.g., device model, OS version) for fraud prevention.

RevenueCat acts as our processor for subscription state. Their privacy practices are described at revenuecat.com/privacy. We do not use RevenueCat for analytics, marketing, or audience-building.

2.5 App Store and StoreKit — Apple

When you purchase or restore a subscription, Apple processes the transaction. Apple's privacy practices govern that data. Apple shares anonymized purchase metadata with us via App Store Connect; this data does not include your name, email, or Apple ID.

2.6 Diagnostic logs

If you opt in to share App Store crash and usage diagnostics with developers (an OS-level setting, not an in-app one), Apple may share crash reports with us. These reports include device model, OS version, and a stack trace. They never include personal information you entered.

We do not run our own crash-reporting or analytics SDK. There is no Mixpanel, Amplitude, Firebase, Sentry, Crashlytics, or similar telemetry service inside Upster.

2.7 Email support

If you tap the in-app support button, your email client opens with a pre-filled subject line. The email is sent through your own email provider directly to team@getupsters.com. We see whatever you choose to send.

3. What we do not do

To remove ambiguity:

• We do not sell, rent, or share your personal information with third-party advertisers, data brokers, or analytics providers.
• We do not display advertising in the App.
• We do not track you across other apps or websites for advertising or any other purpose. (Required disclosure under Apple's App Tracking Transparency framework.)
• We do not read or transmit your Apple Health data, motion data, or calendar data to any server.
• We do not collect your name, email address, phone number, or any other directly identifying contact information through the App. (We only see your email if you choose to send us one.)
• We do not maintain user accounts. There is no Upster login, no password.

4. Children's Privacy

Upster is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided information to us, please contact team@getupsters.com and we will take appropriate steps.

5. Your Rights and Choices

Because Upster does not maintain server-side accounts and the data on your device is yours to control, your most powerful privacy levers are inside iOS itself:

• Revoke Health, Motion, Calendar, or Notifications permissions: iOS Settings → Privacy & Security, or Settings → Upster.
• Delete all local Upster data: uninstalling Upster removes its on-device sandbox. To also remove iCloud-synced settings, go to Settings → Apple ID → iCloud → Manage Account Storage → Upster.
• Cancel your subscription: Settings → Apple ID → Subscriptions.

If you reside in the European Economic Area, the United Kingdom, or Switzerland, you have the rights of access, rectification, erasure, restriction, portability, and objection under applicable data-protection laws. Because we do not store identifying personal data on our own servers (subscription state at RevenueCat is keyed only to an anonymous identifier), most of these rights are exercised by acting on your device or against Apple/RevenueCat directly. To exercise a right against us, email team@getupsters.com.

If you reside in California, you have the rights described under the California Consumer Privacy Act, including the right to know, delete, correct, and limit. We do not sell or share personal information as those terms are defined under the CCPA. To exercise a right, email team@getupsters.com.

6. Security

The data Upster handles lives on your device, secured by iOS sandboxing, the device passcode/Face ID/Touch ID, and (when applicable) iCloud's encryption. Subscription state at RevenueCat is transmitted over TLS. We follow reasonable industry practices but cannot guarantee absolute security.

7. International Transfers

Subscription state processed by RevenueCat may be transferred to and stored in the United States. By using the App, you understand that your subscription metadata may be processed in a country whose data-protection laws may differ from those of your country.

8. Changes to this Policy

We may update this Privacy Policy. Material changes will be communicated in-app or by updating the "Last updated" date above. Continued use of the App after changes take effect constitutes acceptance.

9. Contact

Questions, requests, or complaints:

Email: team@getupsters.com

If you are in the EEA, UK, or Switzerland and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data-protection authority.