Effective date: April 24, 2026
Carbon Steps Challenge ("the App") is a small, private web application used by a group of coworkers to run friendly step-count competitions. This policy explains what data we collect, why, and how we protect it.
Your data is used solely to operate the Steps Challenge — displaying leaderboards, calculating miles-club tiers, and plotting progress on the virtual trail map. We do not sell, share, or monetize your data in any way.
If you connect Google Health, we request read-only access to your activity data (step counts). We only retrieve daily step totals; we do not access heart-rate, location, or any other health data. You can disconnect Google Health at any time from your profile page, which revokes our access.
Data is stored in a database accessible only to the app administrator. Passwords are hashed with bcrypt. Communication between your browser and the server is encrypted via HTTPS.
You can disconnect Google Health at any time to stop syncing and remove stored tokens. If you would like your account and all associated data deleted, contact the app administrator.
The App uses a JSON Web Token (JWT) stored in your browser's local storage for authentication. We do not use tracking cookies or third-party analytics.
The App is not intended for anyone under the age of 13, and we do not knowingly collect data from children.
We may update this policy from time to time. Changes will be posted on this page with an updated effective date.
If you have questions about this policy or your data, reach out to the app administrator directly.
← Back to Carbon Steps Challenge