← Hiykr

Privacy Policy

Last updated · May 21, 2026

1. Who we are

Hiykr ("we", "us", "our") operates the Hiykr web application at hiykr.com. This policy explains what data we collect, why, and your rights over it. Contact us at hello@hiykr.com.

2. Data we collect

  • Account data: email, display name, avatar, and authentication identifiers (when you sign up via email or Google).
  • Walking activity: distance, elevation, duration, GPS path, trail name, recap notes, photos, and derived stats (XP, level, streak).
  • Social activity: friends, squad and league memberships, messages, comments, kudos, reviews.
  • Technical data: IP address, browser, device, and usage logs needed to operate the service and prevent abuse.

3. How we use it

  • Provide the app: record walks, sync stats, show maps and recaps.
  • Power social features: feed, squads, leaderboards, kudos.
  • Send service emails (verification, password reset, notifications you opt into).
  • Keep the service secure: detect abuse, prevent fraud, enforce our terms.

We do not sell your data. We do not run third-party advertising trackers.

4. Public vs private data

Walks, recaps, GPS paths, kudos, comments, community trails and profile information are publicly visible by design — Hiykr is a social walking platform. Friend requests, direct messages, private squads and notifications are visible only to the people involved. Do not share information you don't want public on your walk recaps or photos.

5. Location data

GPS is captured only while you are actively recording a walk and is stored with that walk record. You can delete a walk at any time, which removes the GPS path with it.

6. Service providers

We use trusted infrastructure providers to run Hiykr: Lovable Cloud (database, authentication, storage), Google Maps (map tiles and route snapping), and email delivery providers. They process data on our behalf under their own security and privacy terms.

7. Security

Data is encrypted in transit (HTTPS) and at rest. Access is gated by row-level security policies and authentication tokens. We restrict internal access on a need-to-know basis.

8. Your rights

You can access, correct or delete your data at any time from your profile. You can request a full export or full deletion by emailing hello@hiykr.com. Under GDPR / UK GDPR you also have the right to object, restrict processing, and complain to your data protection authority.

9. Cookies

We use strictly necessary cookies / local storage to keep you signed in. We do not use advertising or cross-site tracking cookies.

10. Children

Hiykr is not directed at children under 13. If you believe a child has provided us with personal data, contact us and we will remove it.

11. Changes

We may update this policy. The "Last updated" date at the top reflects the current version. Material changes will be announced in-app or by email.