1. Core Philosophy: Zero-Telemetry & Pure Local Processing

StepAway is designed as a secure, sandboxed utility app for macOS. Our fundamental privacy principle is simple: your data belongs on your machine. We do not run remote tracking servers, we do not monitor your habits, and we do not collect personal analytics. Everything stays local.

2. Local System Permissions

StepAway requests specific access permissions to automate and customize your break routines. Here is how each is used locally on your system:

  • Meeting Awareness (Camera & Microphone Status): StepAway checks macOS CoreAudio and CoreMedia session lists to detect if a recording or input session is active (e.g., during Zoom, Teams, or Slack calls). This is checked locally at interval ticks; no audio or video signals are recorded, analyzed, or transmitted.
  • Screen Inactivity (Idle Tracking): Utilizes low-level macOS system timers and CGEvent monitoring to identify when you step away from your computer. No keystrokes or mouse coordinates are logged or stored.

3. Firebase Integration and Optional Push Notifications

To support remote push notifications, StepAway includes the Firebase SDK. If you grant permissions for notifications:

  • The app registers with Apple's Push Notification service (APNs) and retrieves an anonymous Firebase Registration Token.
  • This token is utilized exclusively to send notification payloads. No personally identifiable information (PII) is linked to this token.

4. Compliance with App Store Guidelines

StepAway is fully sandboxed on macOS and adheres to all Apple Developer Program policies, ensuring maximum security and isolation from other user applications.

5. Contact for Privacy Questions

If you have any questions regarding privacy or the inner workings of our local APIs, please visit our Contact Page or submit an issue on our open-source repository.