Privacy Policy

👋 Overview

Wicihitok Challenge ("we", "our", "us") is a fitness app that turns daily workout reps into real charitable donations. We take your privacy seriously. This policy explains what data we collect, why we collect it, and how you can control it.

We do not sell your personal data. We never will.

📋 Information We Collect

Account information — your name, email address, and optional profile details (city, country, date of birth) you provide when signing up.

Fitness activity — rep counts, streaks, challenge progress, and daily workout logs you record in the app.

Donation data — donation totals, fundraising page interactions, and Stripe payment references. We do not store full payment card details; those are handled entirely by Stripe.

Device & usage data — device type, operating system, app version, and basic usage analytics to help us improve the experience.

Communications — if you contact us via the web form or support email, we retain those messages to respond and improve our service.

🎯 How We Use Your Data

• Operate your account and sync your fitness progress across devices
• Calculate rep totals and determine charitable donation amounts each month
• Generate your personal fundraising page and QR code
• Send optional push notifications (daily reminders, achievements, charity news)
• Respond to support requests and improve the app based on usage patterns
• Comply with legal obligations and prevent fraud or abuse

🔗 Third-Party Services

We use a small number of trusted third-party services to operate the app:

• Firebase (Google) — authentication, database, and push notifications
• Stripe — payment processing and fundraising links (Stripe's privacy policy governs all payment data)
• Google AdMob — personalised ads for free-tier users; you can remove ads by donating $100+ or subscribing
• Cloudflare — web hosting, performance, and bot protection on the website

These providers only receive the data necessary to perform their service and are contractually required to protect it.

🔒 Data Storage & Security

Your data is stored in Google Cloud Firestore, which is encrypted at rest and in transit. We use Firebase Authentication for secure, passwordless sign-in — we never store passwords.

Access to production data is restricted to authorised team members. We review access controls regularly.

🌍 Data Transfers

We operate globally. Your data may be processed in countries outside your own (including the United States and EU) as part of Firebase and Stripe's infrastructure. These transfers are covered by appropriate safeguards such as Standard Contractual Clauses.

⚙️ Your Rights & Choices

• Access — request a copy of the personal data we hold about you
• Correction — update inaccurate or incomplete information via the app Profile screen
• Deletion — request deletion of your account and personal data
• Notifications — opt out of push notifications at any time in device settings or the app
• Ads — remove personalised ads by reaching the $100 donation threshold or subscribing

To exercise any right, contact us at privacy@wicihitok.com. We will respond within 30 days.

👶 Children's Privacy

Wicihitok Challenge is not directed at children under 13 (or under 16 in the EU/UK). We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately and we will delete it.

🔄 Changes to This Policy

We may update this policy from time to time. When we make material changes we will update the "Last updated" date above and, where appropriate, notify you via the app or email. Continued use of the app after changes take effect constitutes acceptance.