Stiff
Privacy Policy
This Privacy Policy explains how Stiff handles information when you use our website and mobile app.
Introduction
This Privacy Policy applies to the Stiff website and mobile application (the "Service"). Stiff is operated by Armands Klavins in Latvia. Stiff is a stretch-reminder app for office workers that tracks your stretch sessions, streaks, XP, and badges, and optionally lets you join groups with coworkers or friends to compare progress.
Information we collect
Account information. If you create an account, we use Clerk to handle sign-in. Depending on the method you choose, this may include your email address, name, and profile image associated with your account.
Stretch and progress data. To power streaks, XP, levels, badges, and your daily stretch schedule, the app stores information such as completed stretch sessions, timestamps, your configured work hours and work days, and reminder preferences. This data is stored locally on your device and, if you are signed in, synced to our backend (Convex) so it is available across your devices.
Group and leaderboard data. If you create or join a group, your display name, avatar, current streak, and weekly activity may be visible to other members of that group for the purposes of the leaderboard.
We may also receive limited usage and technical information through PostHog, such as app events, feature interactions, device type, operating system, app version, and similar analytics data used to understand product usage and improve reliability.
If you make a purchase, RevenueCat and the Apple App Store or Google Play may provide subscription and transaction status information needed to confirm premium ("Stiff Pro") access. We do not receive or store your full payment card details ourselves.
We may also receive information you choose to send us directly, for example when you contact support@getstiff.app.
How we use information
We use this information to operate the Service: to sync your progress across devices, calculate streaks, XP, and badges, schedule and deliver stretch reminders, power group leaderboards, manage subscriptions, understand which features are being used, fix bugs, monitor performance, and respond to support requests. We do not sell your personal information.
Third-party services
We use Clerk for authentication and account management. Clerk processes account identifiers such as your email address according to its own privacy practices.
We use Convex to store and sync your stretch sessions, progress, settings, and group data so it is available across your devices.
We rely on PostHog for product analytics and usage measurement. PostHog may process technical and event data according to its own privacy practices.
We rely on RevenueCat for subscription management and purchase validation. RevenueCat may process identifiers and subscription status needed to confirm premium access.
Apple and Google process payments through their respective app store platforms when you purchase a subscription.
These providers process data under their own terms and privacy policies. We share only what is reasonably needed for authentication, sync, analytics, and subscription functionality.
Data retention
We retain account and progress data for as long as your account is active, so your streaks, XP, badges, and history remain available. If you delete your account, we will delete or anonymize your stored progress and group data within a reasonable time, except where we need to retain limited records for legal, security, or accounting purposes. Support emails are retained only for as long as needed to respond, keep appropriate business records, and comply with legal obligations. Analytics and subscription data are retained according to the retention settings and policies of PostHog, RevenueCat, Apple, and Google.
International processing
Stiff is operated from Latvia. Some of our service providers may process data in countries outside Latvia or the European Economic Area. Where this happens, processing is handled under the safeguards offered by those providers and applicable law.
Your privacy rights
If you are in the European Union, including Latvia, you may have rights under the GDPR, including the right to request access, correction, deletion, restriction, objection, and data portability, where applicable. You may also have the right to withdraw consent where processing is based on consent.
You can request access to, correction of, or deletion of your account and progress data at any time by contacting support@getstiff.app. Where a request needs to be handled by a third-party provider (such as Apple or Google for subscription records), we will do our best to point you to the correct path.
Children's privacy
The Service is not intended for children under 13, or a higher minimum age where required by local law. We do not knowingly collect personal information from children.
Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will publish the updated version on this page and revise the "Last updated" date above. Your continued use of the Service after changes take effect means the updated policy applies.
Contact
For privacy questions or requests, contact support@getstiff.app.
Developer: Armands Klavins
Location: Latvia