olostep

Olostep App Privacy Policy

Last updated: July 15, 2025

1. Introduction

This Privacy Policy ("Policy") describes how Olostep ("we", "us", or "our") collects, uses, discloses, and protects personal data of users ("you", "your") who access or use our app and related services (collectively, the "Services"). This Policy is intended to comply with the General Data Protection Regulation ("GDPR") and the California Consumer Privacy Act ("CCPA").

2. Data Collection and Use

End-Users: We do not collect, share, monetize, or sell any personally identifiable data from end-users of our Services. This includes, but is not limited to, names, addresses, browsing history, email addresses, or any other information that could be used to identify you personally. The only exception is the possible storage of IP addresses in an anonymized, non-personally identifiable form strictly for the purpose of preventing abuse of our Services. Such data is never used to identify individuals and is not shared with third parties.

IP Addresses and Anonymization: We may process your IP address in an anonymized form strictly for the purposes of abuse prevention, security, and service integrity (such as rate limiting). Although we take steps to ensure that this data cannot be used to directly identify you, under the GDPR, IP addresses can be considered personal data. We therefore treat this information with the same level of protection and safeguards as other personal data, and do not use it to attempt to identify you or track your activities.

3. Legal Basis for Processing (GDPR)

We process personal data only where we have a legal basis to do so under applicable law, including:

  • With your consent;
  • To fulfill contractual obligations;
  • To comply with legal obligations;
  • To protect the vital interests of you or others;
  • For legitimate interests, provided these do not override your rights and freedoms.

4. App, Plugin, and Third-Party Partners

The Olostep app may request permissions such as "Read and change all your data on the websites you visit" to function as intended. This is necessary for the app to operate across different websites in the background. The app does not collect, share, or sell users' browsing data or any other personally identifiable data from end users. Our Services may contain links to or integrations with third-party websites, partners, or services. We are not responsible for the privacy practices or content of such third parties. We encourage you to review the privacy policies of any third-party services you interact with.

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, resolve disputes, and enforce our agreements. When personal data is no longer required, it will be securely deleted or anonymized.

6. International Data Transfers and Safeguards

Your personal data may be transferred to, and processed in, countries other than your country of residence. Where such transfers occur, we implement appropriate safeguards, such as Standard Contractual Clauses or equivalent mechanisms, to protect your personal data in accordance with applicable data protection laws.

7. Data Security and Breach Notification

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected individuals and relevant authorities as required by law. Your data may be used to determine liability in case of suspected cyber, tax, or other crimes against the service, as permitted by law.

8. Cookies and Tracking Technologies

We do not use cookies or similar tracking technologies to collect personal data from end-users. If this changes, we will update this Policy accordingly and provide appropriate notice and choices as required by law.

9. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data;
  • Rectify inaccurate or incomplete personal data;
  • Erase your personal data (right to be forgotten);
  • Restrict or object to the processing of your personal data;
  • Data portability;
  • Withdraw consent at any time (where processing is based on consent);
  • Lodge a complaint with a supervisory authority.

Under the CCPA, California residents have the right to:

  • Know what personal data is collected, used, disclosed, or sold;
  • Request deletion of personal data;
  • Opt out of the sale of personal data (we do not sell personal data);
  • Non-discrimination for exercising your rights.

To exercise any of these rights, please contact us as described in the "Contact Us" section below. We will respond to your request in accordance with applicable law.

10. Children's Privacy

Our Services are not directed to children under the age of 18. We do not knowingly collect personal data from individuals under 18. If you believe that a person under 18 has provided us with personal data, please contact us and we will take steps to delete such information promptly.

11. Changes to This Privacy Policy

We reserve the right to update or modify this Policy at any time. Any changes will be effective immediately upon posting on this page. We encourage you to review this Policy periodically for any updates.

12. Contact Us

If you have any questions, concerns, or requests regarding this Policy or our privacy practices, please contact us at info@olostep.com.

13. User Responsibility for Policy Updates

By continuing to use our Services, you acknowledge your responsibility to review this Privacy Policy periodically for any updates or changes. Your continued use of the Services after any modifications constitutes your acceptance of the updated Policy.