Back to StepSense Website
StepSense Privacy Policy

Apple Health / HealthKit Integration

Before we begin, it is important that you know StepSense integrates with AppleHealth. We request access to read your steps walked, calories burned, flights climbed, bmr and heart rate data, where available, in order for you to particiapte in the challenge. We do not write new data to your AppleHealth storage, we do not share any of your AppleHealth data with any third parties and we take your privacy very serious. We simply use your step and flight data to feature you on the challenge leaderboard.

GoogleFit Integration

StepSense integrates with GoogleFit. We request access to read your steps walked, calories burned, bmr and heart rate data, where available, in order for you to particiapte in the challenge. We do not write new data to your GoogleFit storage, we do not share any of your Google Fit data with any third parties and we take your privacy very serious. We simply use your step and flight data to feature you on the challenge leaderboard.

Fitbit Integration

StepSense integrates with Fitbit. We request access to read your steps walked, calories burned, bmr and heart rate data, where available, in order for you to particiapte in the challenge. We do not write new data to your Fitbit storage, we do not share any of your Fitbit data with any third parties and we take your privacy very serious. We simply use your step and flight data to feature you on the challenge leaderboard.

Garmin Integration

StepSense integrates with Garmin. We request access to read your steps walked, calories burned, bmr and heart rate data, where available, in order for you to particiapte in the challenge. We do not write new data to your Garmin storage, we do not share any of your Garmin data with any third parties and we take your privacy very serious. We simply use your step and flight data to feature you on the challenge leaderboard.

StepSense is committed to meeting the provisions of this privacy policy in all aspects of its business operations.

We respect your privacy. StepSense (referred to as “StepSense” or “We” in this Privacy Policy) have developed this Privacy Policy to inform you of how we protect the Personal Information that we Collect, Use, Disclose and keep secure. It also covers how StepSense makes the Personal Information it holds available for access to and correction by you. This Privacy Policy has been drafted having regard to StepSense's obligations under the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012 which includes the South African Privacy Principles (collectively, the Privacy Act), and also under the relevant state legislation governing health records such as the Health Records Act 2001 (Vic), which includes the Health Privacy Principals. This Privacy Policy is a public document and has been prepared in light of South African Privacy Principles - Open and Transparent Management of Personal Information. By using a StepSense Online Platform, or by receiving notification from StepSense of how you may access this Privacy Policy, whether by phone, email or otherwise, you are consenting to the Collection, Use and Disclosure of your Personal Information as set forth in this Privacy Policy. This Privacy Policy applies to the services and products provided by StepSense and binds all our employees and health professionals. StepSense employees are required to sign an agreement that includes a confidentiality clause on commencement of employment. Third Parties such as subcontractors that collect information on behalf of StepSense are bound by this Privacy Policy. StepSense does not provide your Personal Information to your employer unless it has been properly de-identified. This de-identified (anonymous) data will allow for the analysis and identification of overall company health risks and for planning structured wellness initiatives across your organisation. This Privacy Policy is available on any StepSense Online Platform and can also be accessed via links included in newsletter email communications. Please read this Privacy Policy.


1.1 StepSense Collects Personal Information, including Sensitive Information and Health Information about individuals who use its services where this collection is reasonably necessary for, or directly related to, one or more of its functions or activities. The Personal Information may be collected through our Health Assessment (HA), a StepSense Online Platform or otherwise.

1.2 The kinds of Personal Information we collect you depends on who you are and your interaction with us. As a provider of health solutions products and services, StepSense may collect the following types of Personal and/or Sensitive information about you:

  • 1. name and contact details;
  • 2. demographic details;
  • 3. health information including your medical history;
  • 4. habits and lifestyle risk factors;
  • 5. biometric data such as information regarding blood pressure or cholesterol levels.

1.3 When StepSense collects Health Information from you, we will first obtain your consent, unless the collection occurs in the context of a Permitted Health Situation. We may obtain your consent by alerting you to the existence of this Privacy Policy and providing you with a means to access it, and informing you that the collection of your Health Information is to be done in accordance with this Privacy Policy.

1.4 At or before the time, or, if that is not practicable, as soon as practicable after, we Collect your Personal Information, we will notify you of the matters required as per the Collection of Personal Information, by providing you with this Privacy Policy, or by notifying you of how you may access this Privacy Policy. Notification may be effected, in part or in whole, by alerting you to the existence of this Privacy Policy and providing you with a means to access it.

1.5 StepSense will not Collect Personal Information secretly or in an underhanded way and will not sell your Personal Information to any third party.


2.1 StepSense collects and holds Personal Information which it has Collected to Use and/or Disclose for its Primary Purposes of providing you with health services, including but not limited to:

1. providing you with products and services via a StepSense Online Platform – these are usually connected with assisting you in assessing your health risks and goals; 2. sending you newsletters and other personalised email communications regarding your health and related matters; 3. answering your inquiry or responding to complaints, access and correction requests 4. sending you additional materials relating to StepSense and services that may be of interest to you 5. providing you with effective customer service in regard to health services provided to you; and/or 6. providing your organisation with de-identified (anonymous) data in order for them to analyse and identify company health risks and to plan structured wellness initiatives.

2.2 StepSense also holds Personal Information which it Uses and/or Discloses for purposes other than its Primary Purposes (Secondary Purposes). By providing Personal Information to StepSense, you are consenting to us using your Personal Information for the following Secondary Purposes:

1. business planning and product development; 2. providing you with relevant information about the products and services of StepSense; 3. enabling us to better understand your needs and interests; 4. improving the content, functionality and usability of our programs and services; 5. billing and account management; 6. for any other purpose identified in any other agreement between StepSense and you; 7. issues, news or other information relevant to your dealings with StepSense, or about StepSense generally, or the industries in which you or StepSense operates; and 8. as otherwise described in this Privacy Policy.

2.3 StepSense may also Use and/or Disclose your Personal Information for any Secondary Purposes not included in this Privacy Policy if:

1. the Secondary Purpose is directly related to a Primary Purpose; and 2. you would have a Reasonable Expectation that we would Use the information for that Secondary Purpose.

2.5 From time to time we may Disclose your Personal Information to third party organisations outside of StepSense in order to deliver the services you require, this occurring in the context of a Permitted Health Situation. Your Personal Information is Disclosed to these organisations only in relation to us providing our services to you. These organisations may provide support services to StepSense or provide services on our behalf and carry out, amongst other services:

1. onsite services which include biometric health assessments; 2. influenza vaccinations; 3. seminars and workshops; 4. executive health assessments 5. information technology services; 6. support or facilitation of those activities described in Points 2.1 and 2.2 herein. We will take reasonable practicable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your Personal Information.


We take reasonable precautions to ensure that the Personal Information we Collect, Use and Disclose is complete, relevant and up-to-date. However, the accuracy of that information depends to a large extent on the information you provide. That's why we recommend that you:

  • let us know if there are any errors in your Personal Information; and
  • keep us up-to-date with changes to your Personal Information. You may change your personal details by using the relevant facility on our Website or by contacting StepSense via contact details described in Point 12.


4.1 StepSense manages and secures the Personal Information it collects by using reasonable physical, technical and administrative safeguards and procedures. These safeguards and procedures include but are not limited to:

1. use of appropriate encryption, password, and other protections for information held electronically; 2. only providing necessary personnel access to personal information; 3. regularly providing staff training on privacy issues; 4. implementing various procedures to assist employees in alerting customers to potential privacy issues before personal information is collected; 5. regularly reviewing its privacy compliance; and 6. appointing privacy officers within StepSense organisations to monitor privacy compliance.

4.2 StepSense will take reasonable steps to protect your Personal Information from misuse, interference, loss and unauthorised access or disclosure. This may include taking reasonable steps to destroy or permanently de-identify Personal Information once it is no longer needed for any purpose for which it may be Used or Disclosed in accordance with privacy principle laws, subject to the exceptions contained therein.

4.3 StepSense will not attempt to match de-identified or anonymous data Collected through surveys or such online devices as "cookies", with information identifying an individual, without the consent of the relevant individual.

4.4 StepSense requires employees and contractors to perform their duties in a manner that is consistent with StepSense' legal responsibilities in relation to privacy, including those in this Privacy Policy.

4.5 StepSense will take reasonable steps to ensure that Personal Information is only accessible by people who have a genuine "need to know" as well as "right to know."

4.6 This Privacy Policy only governs the collection and use of any data obtained through the StepSense website or Online Portals. An Online Portal may contain links to external websites. In the event that you provide Personal Information on these external websites, StepSense accepts no responsibility for any misuse of that information by any third party.


5.1 StepSense will permit its records containing your Personal Information to be accessed by you when required by the Privacy Act. We may, however, refuse to provide you with access to your Personal Information if one or more of those matters contained in the Access to Personal Information laws – applies, including but not limited to instances in which:

• giving access to the information would have an unreasonable impact on the privacy of any other individual; • your request for access is frivolous or vexatious or giving such access will be unlawful.

5.2 If StepSense is satisfied that:

1. having regard to the purpose for which the information is held, the information is inaccurate, out of date, incomplete or irrelevant or misleading; or 2. you (as the person to whom the Personal Information relates) request that we correct the information; we will take reasonable steps to correct our records containing your Personal Information as soon as practically possible in accordance with the Privacy Act.

5.3 If we have refused to grant you access to your Personal Information in accordance with Point 6.1 above, we will still take all reasonable steps to provide you with access to your Personal Information in a way that meets both your needs and our needs.

5.4 If you:

1. wish to lodge a request to access and/or correct your Personal Information; or 2. have been refused access to your Personal Information by us for any reason described in this Privacy Policy and you wish to challenge that refusal; you may do so by contacting the office of StepSense’s Privacy Officer as per the details in Point 12.

5.5 StepSense will not charge a fee for processing an access request unless the request is complex or is resource intensive. StepSense does, however, reserve the right to charge an administration fee if an individual requests access to their Personal Information more than once in a three month period.

5.6 Where StepSense offers online account management facilities, customers can use this capability to control aspects of their account, including amending or updating certain Personal Information.


6.1 The office of StepSense's Privacy Officer will be the first point of contact for inquiries about privacy issues. If you wish to make an inquiry or complaint regarding privacy you should do so by contacting this office as per the details in Point 12.

6.2 You will find that all StepSense Online Platforms contains a copy of this Privacy Policy


7.1 StepSense will not make it mandatory for visitors to its Website or Portals to provide Personal Information unless such Personal Information is required to answer an inquiry or provide a service. StepSense may however request visitors to provide Personal Information voluntarily to StepSense (for example, as part of a competition or questionnaire).

7.2 StepSense will allow its customers to transact with it anonymously or by using a pseudonym wherever that is lawful, reasonable and practicable.


8.1 If we send Personal Information overseas, StepSense will take steps which are both reasonable and practicable to ensure that the overseas recipient handles such information in accordance with the Privacy Act.

8.2 StepSense may disclose Personal Information to an overseas recipient without complying with 9.1 if:

1. you are Expressly Informed of the intended disclosure of your Personal Information to the overseas recipient, and you provide consent accordingly; or 2. we reasonably believe that the overseas recipient is subject to a law or a binding scheme that has the effect of protecting the information in a way that, overall, is at least substantially similar to the way in which the Privacy Act seeks to protect same and you can access mechanisms to enforce the protection of your Personal Information under that law or that scheme; or 3. the Disclosure is required or authorised by an South African court or tribunal or under South African law. 9. CHANGES TO THE PRIVACY POLICY StepSense may, in its sole discretion, update this Privacy Policy at any time and from time to time. Any changes will be effective when posted on the Website. Your continued use of the Website will indicate your acceptance of any changes to the Privacy Policy. All Personal Information, Collected both before and after any changes take effect, will be subject to the terms of the then current policy, for which you will be taken to have provided consent, unless you indicate otherwise by contacting the office of StepSense’s Privacy Officer as per the details in in Point 12. We encourage you to refer back to this page and especially prior to providing us with any Personal Information.


Where applicable, the collection and use of any Health Information obtained by StepSense will be in compliance with the Health Privacy Principals found in the Health Records Act or in any other relevant state legislation governing health records.


Collect means gather, acquire or obtain by a lawful and fair means, information in circumstances where the individual is identifiable or identified. Disclosure generally means the release of information outside StepSense, including under a contract to carry out an "outsourced function." Express Consent Consequences includes the fact that that we will not be accountable under the Privacy Act and you will not be able to seek redress under the Privacy Act in the event that you provide consent to the disclosure of your Personal Information by us to an overseas recipient and the overseas recipient handles your Personal information in breach of the Privacy Act. Expressly Informed means the circumstance where we have provided you with a clear statement (either verbal or in writing) of the Express Consent Consequences. Health Information means personal information regarding the physical, metal or psychological health of an individual or other information as defined pursuant to the Health Records Act. Newsletters means regular email communications sent by StepSense which deliver personalised, high-impact health and wellbeing information via HTML email. These regular (usually fortnightly) newsletters cover key lifestyle topics as well as many important medical conditions StepSense means StepSense Pty Ltd and all companies in the StepSense group, including its Related Bodies Corporate, and also any related overseas bodies corporate. Health Assessment (HA) means a Health Assessment (also referred to as ‘Wellness Assessment’): a scored questionnaire that measures employees’ risk of illness. Based on accepted medical science, the HRA is a powerful awareness-raising tool. Upon completion of the assessment, employees receive personalised reports about their health status and their risk factors. Where lifestyle changes are identified as being important, specific recommendations are then made. It is quick and easy to use, employee anonymity is guaranteed and data is stored securely. Online Platform means a branded portal through which StepSense provides services to users. Opt Out means an individual's expressed request not to receive Direct Marketing communications. Permitted Health Situation means those situations described in section 16B of the Privacy Act 1988, including situations in which the collection of an individual’s Personal Information is necessary to provide a health service to that individual and is done in either as authorised by South African law or in accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind StepSense. Personal Information means information or an opinion (whether information or an opinion forming part of a database), whether true or not and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained from the information or opinion. This includes, but is not limited to, an individual’s name, address, telephone number and email address. It may also include, depending on the circumstances, Sensitive Information and/or Health Information. Primary Purpose is the main reason for the Collection of any Personal Information. Reasonable Expectation means an individual's reasonable expectation that their personal information might be Used or Disclosed for the relevant purpose. Related Body Corporate is given its meaning in the Corporations Act 2001 (Cth). Secondary Purpose means a purpose of Use or Disclosure other than a Primary Purpose. Sensitive Information is given its meaning in section 6(1) of the Privacy Act 1988 (Cth) and includes Health Information. Services means those services provided through a StepSense Online Platform Use means the handling of Personal Information within StepSense.

12. CONTACTING StepSense

If you have questions concerning this Privacy Policy, please contact us on:

  • via email at; or
  • by writing to the StepSense Head Office, 155 West St., Sandton, 2031
You can obtain further information about your privacy rights and the Privacy Act from the Office of the South African Information Commissioner by visiting their web site at This Privacy Policy was last updated on 17 September 2014.