Privacy Policy – Footsteps Space
Effective Date: 02 August 2025 | Last Updated: 02 August 2025
Footsteps Space (“Footsteps”, “we”, “our”, “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use our mobile application, website, and related services (together, the “Service”). By using the Service, you agree to the practices described here.
- DPDP Act (Digital Personal Data Protection Act, 2023 – India)
- GDPR (General Data Protection Regulation – European Union)
- CCPA/CPRA (California Consumer Privacy Act / California Privacy Rights Act – United States)
1) Who We Are and How to Contact Us
Footsteps Space is owned and operated from Hyderabad, Telangana, India.
- Email (general queries): footsteps.space@gmail.com
- Grievance Officer (required under DPDP Act – Digital Personal Data Protection Act, 2023):
Name: Vivek Mankonda
Email: footsteps.space@gmail.com
Response Time: Within 30 days of receipt of your complaint
2) Data We Collect
2.1 Information You Provide
- Name, email address, and profile details
- Profile photo and bio
- Content you create or upload (stories, images, captions, comments)
- Location information you choose to attach to a story
2.2 Location Data (important for a travel app)
- Precise location: collected only with your explicit permission (for tagging a place in a story or using location features).
- Approximate location: may be derived from your Internet Protocol (IP) address for analytics and safety.
- Your control: you can disable location access any time in device settings and choose per story whether to share location.
2.3 Automatically Collected Data
- Device type, operating system version, app version, IP address, and browser details
- Usage patterns (screens/pages visited, time spent, crash reports, diagnostics)
- Log data and analytics
2.4 Third‑Party Login Data
If you sign up via Google, Facebook, Instagram, Twitter (X), or LinkedIn, we may receive your name, email address, and profile picture from those services. We do not receive your password for those services.
2.5 Cookies & Similar Technologies
Our website uses cookies for essential site functions, analytics, and (where applicable) marketing. You can block non‑essential cookies through your browser settings or any cookie banner preferences presented on our site.
3) How We Use Your Data
- Provide, operate, and maintain the Service
- Display your content to others based on your privacy settings (e.g., public stories)
- Suggest relevant content and connections (recommendation and ranking systems)
- Improve app performance, security, and user experience
- Communicate with you about updates, offers, and changes (you can opt out)
- Prevent, detect, and respond to fraud, abuse, or security risks
- Comply with legal obligations and enforce our terms
4) How We Share Your Data
- With other users: if you set your content or profile to “Public,” it may be visible worldwide and indexed by search engines.
- With service providers: hosting, analytics, customer support, push notifications, email delivery, and similar operational vendors, under contracts that limit their use of your data.
- With business partners: only if you opt in for collaborations, offers, or integrations.
- Corporate transactions: if we are involved in a merger, acquisition, financing, or sale of assets, your data may be transferred as part of that transaction.
- Legal compliance: where required by courts, regulators, or law enforcement.
We do not sell your personal data for money.
5) Public Content & Search
If you post a public story or maintain a public profile, your content and associated location tags may be viewable by anyone and may be indexed by search engines. Even if you later delete content, cached or archived copies may persist for a period outside our direct control.
6) Data Retention
- We retain personal data only as long as necessary for the purposes stated in this policy.
- Backups containing your data are generally retained for up to 90 days before being securely deleted.
- If you delete your account, public content already shared or cached may persist, but it will no longer be linked to your profile.
7) Your Rights (GDPR, CCPA/CPRA, DPDP Act)
Depending on your location, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Request deletion (erasure) of your data
- Restrict or object to certain processing
- Data portability (download a copy of your data)
- Withdraw consent where processing is based on consent
European Union (GDPR – General Data Protection Regulation): We will respond to validated requests within 30 days.
California (CCPA/CPRA – California Consumer Privacy Act / California Privacy Rights Act): You have the right to know what personal data we collect, request deletion, and opt out of “sharing” for cross‑context behavioral advertising (if applicable). We do not sell personal data for money.
India (DPDP Act – Digital Personal Data Protection Act, 2023): Footsteps acts as a Data Fiduciary. You may contact our Grievance Officer for redressal; we aim to resolve within 30 days.
8) Security Measures
We use reasonable technical and organizational safeguards, including encryption in transit, hardened access controls, and monitoring. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
9) Data Breach Notification
If a data breach materially affects your personal data, we will notify you without undue delay—within 72 hours where required by law (for example, under GDPR), or as otherwise required by applicable law.
10) Children’s Privacy
The Service is not intended for children under 13 years of age (or the age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, contact us so we can delete it.
11) International Data Transfers
Your data may be processed and stored outside your state or country (for example, on cloud infrastructure). Where required, we implement appropriate safeguards (such as standard contractual clauses) to protect your data during cross‑border transfers.
12) Automated Processing & Moderation
We may use automated systems to recommend content, rank feeds, detect spam or abuse, and enhance safety. Significant decisions that materially affect your rights will include human review where required by law.
13) Account & Data Deletion
- You can request deletion from in‑app settings or via footsteps.space@gmail.com.
- We generally complete deletion requests within 30 days. Backup retention (up to 90 days) may delay full purge from all systems.
- Some records may be retained where required by law (for example, fraud prevention or compliance).
14) Links to Other Websites
The Service may contain links to third‑party websites. Their privacy practices are governed by their own policies. We are not responsible for those practices.
15) Changes to This Policy
We may update this policy from time to time. Updates will be posted on this page, and significant changes will be communicated via email or in‑app notice. The “Last Updated” date at the top indicates the latest revision.
16) Governing Law
This policy is governed by the laws of India. If you reside outside India, your data may be processed in countries with different data protection laws than those in your jurisdiction.
If you have questions about this Privacy Policy, contact: footsteps.space@gmail.com or the Grievance Officer at footsteps.space@gmail.com.