SeeStep
Back to Home

SeeStep Privacy Policy

Last Updated: April 7, 2026

Effective Date: March 5, 2026

1. Introduction

SeeStep (“we,” “us,” “our”) is operated by DOCH Holdings Pty Ltd and provides a mobile application designed to help parents and caregivers of neurodivergent children create visual support materials including plans, storybooks, how to guides, checklists, and choice boards (the “Service”).

We understand that the information you share with us — particularly information about your child — is deeply personal and sensitive. This Privacy Policy explains what data we collect, how we use it, how we protect it, and what rights you have regarding your information.

By using SeeStep, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your email address, used for passwordless authentication. We do not collect or store passwords.

2.2 Child Profile Information

To personalise visual support materials, you provide information about your child, including:

  • Child's first name
  • Age range
  • Visual Support Preferences
  • Sensory preferences (optional)
  • Interests (optional)
  • Profile photo (optional)

Note on sensitive data: Some child profile information — including details about a child's neurodivergent condition and sensory preferences — may constitute health-related or sensitive personal data under applicable law (including “special category” data under UK GDPR Art. 9). We treat all child profile information at the highest level of protection and process it only for the purposes described in this Policy, with your explicit consent.

2.3 Content You Create

When generating visual support materials, we collect your answers to guided questions and any photos you upload or select. We also store the materials generated as a result.

2.4 Child Mode PIN

If you enable child mode protection, a 4-digit PIN is stored securely. We never store or have access to your plain PIN.

2.5 Usage Data

We track your subscription tier and the volume of AI-generated content you produce, to enforce fair-use quotas. This data is never shared externally.

2.6 Diagnostic Data

When the app encounters an error, basic diagnostic information is sent to our error monitoring service to help us identify and fix bugs. This data is used solely for that purpose.

2.7 Information We Do NOT Collect

  • Passwords
  • Precise geolocation
  • Contacts or address book data
  • Browsing history
  • Advertising identifiers
  • Data from other apps on your device
  • Biometric data

3. How We Use Your Information

We use the information we collect solely to provide the Service — including authenticating your account, generating and storing visual support materials, enforcing usage quotas, fixing bugs, and protecting child mode access.

We do not use your information for advertising, selling to third parties, building marketing profiles, or training AI models.

3A. Legal Basis for Processing (UK and applicable jurisdictions)

Where required by law (including UK GDPR), we rely on the following legal bases:

  • Contract performance — processing your account information to provide the Service.
  • Explicit consent — processing child profile information that may constitute special category health data. You may withdraw consent at any time by deleting the profile or your account.
  • Legitimate interests — error monitoring, usage tracking for quota enforcement, and child mode protection, where our interest in operating a reliable service does not override your privacy rights.
  • Legal obligation — retaining records where required by applicable law.

4. Artificial Intelligence and Your Data

SeeStep uses Anthropic's Claude AI to generate visual support materials. When you create a material, relevant child profile information and your answers to guided questions are used to generate a personalised result. Anthropic does not use data submitted through their API to train their models. Your child's information is processed to generate a response only.

Generated materials are stored in your account and are accessible only to you. They are not reviewed or accessed by us except as needed for technical support at your request.

5. Third-Party Services

We use the following third-party services to operate SeeStep:

  • Supabase — cloud infrastructure for authentication, data storage, and file storage. Data shared: email, profile data, generated materials, photos.
  • Anthropic (Claude API) — AI content generation. Data shared: child profile data and conversation inputs.
  • Pixabay — image search. Data shared: search query terms only.
  • Sentry — error monitoring. Data shared: basic diagnostic and device information.
  • Apple App Store / Google Play — app distribution and payment processing. Data shared: managed by the respective platform.

We do not sell, rent, or share your personal information with data brokers, advertisers, or any parties not listed above.

6. Children's Privacy

6.1 Our Commitment

SeeStep is designed for use by parents and caregivers, not directly by children. We take the privacy of children's information extremely seriously.

6.2 COPPA Compliance

  • Parental control: The Service is intended for adults (parents and caregivers) aged 18 or older. Only a parent or guardian may create an account and enter information about a child.
  • No direct collection from children: We do not knowingly collect personal information directly from children under 13 (or under 16 in applicable jurisdictions).
  • Child mode: SeeStep offers a supervised “child mode” allowing children to interact with previously created materials. In this mode, children cannot create accounts, enter personal information, or communicate with external services.
  • Parental rights: Parents may review, update, or delete all information related to their child at any time.

6.3 If We Discover Unauthorised Child Data

If we become aware that a child under 13 has provided personal information without parental consent, we will promptly delete that information. If you believe this has occurred, please contact us at info@seestep.app.

7. Data Storage and Security

Your data is stored on secure cloud infrastructure. We use industry-standard security measures to protect your information, including encrypted data transmission, access controls that ensure you can only access your own data, and secure handling of all sensitive information. Uploaded photos are processed to remove embedded metadata before storage.

While we take reasonable measures to protect your information, no method of electronic storage or transmission is 100% secure.

8. Data Retention

We retain your information only for as long as necessary for the purposes described in this Policy:

  • Account and profile data — retained until you request account deletion.
  • Generated materials and uploaded photos — retained until you delete them or request account deletion.
  • Diagnostic logs — retained for 90 days, then automatically purged.

When you request account deletion, all data is permanently deleted within 30 days.

8A. Data Breach Notification

In the event of a data breach that poses a risk to your rights or freedoms, we will notify the relevant regulatory authority and, where required, affected users, within the timeframes mandated by applicable law:

  • Australia: Eligible breaches reported to the Office of the Australian Information Commissioner (OAIC).
  • New Zealand: Notifiable breaches reported to the New Zealand Privacy Commissioner.
  • United Kingdom: Serious breaches reported to the Information Commissioner's Office (ICO) within 72 hours.
  • Canada: Breaches posing a real risk of significant harm reported to the Privacy Commissioner of Canada and affected individuals.
  • United States: We will comply with applicable state breach notification laws.

If you believe your data may have been compromised, contact us immediately at info@seestep.app.

9. Your Rights

Your rights depend on your location. In all cases you can access, correct, and delete your data directly within the app or by contacting us at info@seestep.app. Specific rights by jurisdiction are set out below.

9.1 Australia — Australian Privacy Act 1988

  • Access: Request access to personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Complaints: If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us first, and then (if unresolved) with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

9.2 New Zealand — Privacy Act 2020

  • Access: Request access to personal information we hold about you.
  • Correction: Request correction of inaccurate information.
  • Complaints: You may complain to the New Zealand Privacy Commissioner at privacy.org.nz.

9.3 United Kingdom — UK GDPR

  • Access: Obtain a copy of the personal data we hold about you.
  • Rectification: Have inaccurate data corrected.
  • Erasure: Request deletion of your data in certain circumstances.
  • Restriction: Ask us to restrict processing while a dispute is resolved.
  • Portability: Receive your data in a structured, machine-readable format.
  • Object: Object to processing based on legitimate interests.
  • Withdraw consent: Withdraw consent at any time without affecting prior lawful processing.
  • Complaints: Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

9.4 United States — California (CCPA/CPRA)

  • Know: Request disclosure of the categories and specific pieces of personal information we have collected.
  • Delete: Request deletion of your personal information, subject to certain exceptions.
  • Correct: Request correction of inaccurate personal information.
  • Opt-out of sale: We do not sell personal information. No opt-out is required.
  • Non-discrimination: You will not be discriminated against for exercising your CCPA rights.

To exercise California rights, contact us at info@seestep.app. We will respond within 45 days.

9.5 Canada — PIPEDA and Quebec Law 25

  • Access: Request access to personal information we hold about you.
  • Correction: Challenge the accuracy of your information and have it amended.
  • Withdraw consent: Withdraw consent to collection or use at any time, subject to legal or contractual restrictions.
  • Portability (Quebec): Request that personal information be provided in a structured, commonly used format.
  • Complaints: Lodge a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca, or (for Quebec residents) with the Commission d'accès à l'information at cai.gouv.qc.ca.

10. International Data Transfers

Your data may be processed in countries other than your own, including the United States, where some of our third-party service providers operate. We take reasonable steps to ensure that overseas recipients handle your data with protections equivalent to those described in this Policy, including through contractual obligations with those providers.

11. Cookies and Tracking

SeeStep is a mobile application and does not use cookies. We do not use web-based tracking technologies, advertising pixels, or analytics beyond essential error monitoring.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the app or via email before the changes take effect.

13. Contact Us

If you have questions or wish to exercise your rights, please contact us: