Privacy Policy
Last updated: July 15, 2026
This Privacy Policy describes how Kickstep Inc. (“Kickstep,” “we,” “us,” or “our”) collects, uses, and protects your information when you use the OnDeck mobile application for iPhone and Apple Watch (the “App”) and the website ondeck.kickstepinc.com (together, the “Services”).
Information we collect
Account information. When you create an account we collect your email address and authentication credentials. If you sign in with Apple or Google, we receive the identifier and email address those services share with us.
Profile information. To scale workouts to you, we ask for basic physical stats: height, weight, age, and gender, plus the exercise equipment you own.
Workout data. We collect the workouts you complete in the App, including task results, times, reps, loads, your scaling feedback, and Mercy Rule adjustments.
Health data (HealthKit). With your explicit permission, the App reads and writes data through Apple HealthKit, such as workouts, heart rate, and active energy. You can grant or revoke this permission at any time in the iOS Health app or Settings.
How we use HealthKit data
- HealthKit data is used only to provide App features: recording your workouts, estimating effort and recovery, and tuning the next task to your physiology.
- We never use HealthKit data for advertising, marketing, or similar purposes.
- We never sell HealthKit data or share it with third parties, including data brokers or information resellers.
- HealthKit data is not used in machine-learning model training beyond personalizing your own experience.
How we use your information
- To operate the Services and personalize your workout programming.
- To track muscle-group fatigue and recovery so tasks are safe and productive.
- To maintain your account, sync your data across devices, and provide support.
- To improve the reliability and quality of the Services.
We do not sell your personal information, and we do not use third-party advertising or cross-app tracking.
Where your data lives
Your data is stored on servers operated by Amazon Web Services (AWS) in the United States. Authentication is handled by AWS Cognito. Data is encrypted in transit and at rest. A local copy of your data is kept on your device for responsiveness; the server copy is authoritative.
Sharing
We share personal information only with:
- Service providers (e.g., AWS) that process data on our behalf under contractual confidentiality obligations.
- Legal authorities when required by law or to protect rights, safety, or the integrity of the Services.
Data retention and deletion
We retain your data while your account is active. You can delete your account from within the App or by contacting us; deletion removes your personal information from our production systems within 30 days, except where retention is required by law. Data you wrote to Apple Health remains under your control in the Health app.
Your rights
Depending on where you live, you may have rights to access, correct, export, or delete your personal information. Contact us at the address below and we will honor applicable requests.
Children
The Services are not directed to children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect their data.
Changes
We may update this policy from time to time. Material changes will be announced in the App or on this page, with the “Last updated” date revised accordingly.
Contact
Kickstep Inc.
Email: support@kickstepinc.com