Privacy Policy

Your data, plainly explained.

BoldStep ("we", "us") is a dating confidence training app. This policy explains what data we collect, why we collect it, and what rights you have over it. We are subject to UK GDPR.

Last updated: May 2026

What we collect

Account data

When you create an account: email address, username, and display name. Your avatar if you choose to upload one.

Usage data

Challenge completions, XP earned, streak counts, and level progress. Reflection entries (your written responses after challenges) — these are strictly private and are never visible to other users or used for any purpose other than your own journal and weekly coaching summaries.

Community content

Posts you choose to share to the community feed, including any challenge context you include. Anonymous posts are stored without your name or avatar but are still linked to your account internally.

Payment data

Bold features are currently included free during early access. If you have or later buy an iOS subscription, it is processed by Apple In-App Purchase and managed through RevenueCat. We store your subscription status, product identifier, billing store, and expiry or renewal date. We never see or store your card number or full payment details.

Device data

If you enable push notifications, we store a device push token via Expo to deliver reminders. You can disable notifications at any time in Settings.

Diagnostics

We collect crash reports and basic diagnostic data such as device type, app version, operating system, and error details through Sentry to help us find and fix bugs. We do not use diagnostics for advertising.

How we use your data

  • To provide and personalise the app — challenges, XP, streaks, and your stall-point focus
  • To generate your weekly AI coaching recap using anonymised performance stats (not reflection text) via Google Gemini
  • To process payments and manage subscription access through Apple In-App Purchase and RevenueCat where applicable
  • To send daily challenge reminders if you opt in
  • To investigate reports of community guideline violations
  • To improve the app — aggregated, anonymised usage patterns only

We do not sell your data to third parties. We do not use your data for advertising.

Third-party services

Supabase

Database and authentication. Data is stored on servers in the EU. Supabase Privacy Policy: supabase.com/privacy

Apple App Store

iOS in-app purchase processing and subscription management. Apple Privacy Policy: apple.com/legal/privacy

RevenueCat

Subscription entitlement management and webhook events. RevenueCat helps us confirm whether your Bold access is active. RevenueCat Privacy Policy: revenuecat.com/privacy

Google Gemini

AI coaching summaries. We send anonymised weekly performance statistics (category scores, anxiety trends, outcome labels). No personally identifiable information or reflection text is sent. Google Privacy Policy: policies.google.com/privacy

Expo

Push notification delivery. Device tokens are stored to send challenge reminders. Expo Privacy Policy: expo.dev/privacy

Sentry

Crash reporting and diagnostics. Sentry helps us identify app errors and stability issues. Sentry Privacy Policy: sentry.io/privacy

Data retention

We keep your data for as long as your account is active. If you delete your account, all personal data is deleted within 30 days. Aggregated, anonymised analytics may be retained indefinitely as they cannot be traced back to you. Payment, entitlement, and transaction records may be retained for up to 7 years for legal, tax, fraud-prevention, and account-support purposes.

Your rights (UK GDPR)

As a UK resident, you have the right to:

  • ·Access — request a copy of the data we hold on you
  • ·Rectification — correct inaccurate data
  • ·Erasure — request deletion of your account and all associated data
  • ·Portability — receive your data in a machine-readable format
  • ·Restriction — ask us to limit how we process your data
  • ·Objection — object to processing based on legitimate interests

To exercise any of these rights, email contact@boldstep.uk. We will respond within 30 days.

Cookies

The mobile app does not use cookies. This website uses no tracking or advertising cookies.

Changes to this policy

If we make material changes, we will notify you via the app or email before the changes take effect. Continued use of BoldStep after that date constitutes acceptance of the updated policy.

Contact

Questions about this policy or your data: contact@boldstep.uk