Cookie Policy

Cookies are small text files placed on your device by a website when you visit it. They help websites remember information about your visit — for example, that you are logged in — so you do not have to re-enter it every time.

We also use similar storage technologies, specifically browser localStorage, which functions like a cookie but is stored differently and is never automatically sent to our servers.

Connected Steps uses storage technologies for the following purposes only:

• Session management: When you sign in, we store your account details (name, email, goal, location, and profile photo) in localStorage so the app can personalise your dashboard without requiring a server round-trip on every page.
• Strava tokens (optional): If you choose to connect your Strava account, the access token and refresh token are stored in localStorage. These are never sent to or stored on our servers — all Strava API calls are made directly from your browser.
• Preference persistence: Minor UI preferences (such as open/closed state of menus) may be stored temporarily in localStorage.

We do not use:

• Third-party advertising or tracking cookies
• Analytics cookies (e.g. Google Analytics) that track your behaviour across websites
• Social media tracking pixels
• Fingerprinting or cross-site tracking technologies

Our hosting and infrastructure providers may set their own cookies as part of delivering the service (for example, to manage network load balancing). These are strictly functional and do not track personal behaviour. Relevant providers include:

• Vercel — web hosting (may set a session cookie for routing purposes)
• Supabase — database infrastructure (server-side only, no client cookies)
• Razorpay — payment processing (sets functional cookies during checkout only)

Because we rely on localStorage rather than traditional cookies, standard browser cookie controls (such as "Clear cookies") may not remove all stored data. To clear data stored by Connected Steps:

• Sign out from your dashboard — this clears your session data from localStorage.
• Open your browser's developer tools (F12 → Application → Local Storage → connectedsteps.in) and delete the entries manually.
• Use your browser's "Clear site data" option, which removes both cookies and localStorage for a specific site.

Clearing your session data will sign you out and disconnect any linked Strava account from your browser session. Your account data on our servers is not affected.

We may update this policy as our platform evolves. The "Last updated" date at the top will reflect any changes. Continued use of Connected Steps after changes constitutes acceptance of the updated policy.

Questions about cookies or data storage? Email us at connected.steps2106@gmail.com.