Last updated: 26 May 2026
MoveFirst ("we", "us", "our") is operated by an individual sole trader based in Australia. We operate the MoveFirst mobile application (the "App"), which helps users build healthier habits by gating access to distracting apps behind real physical activity.
This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information. By using MoveFirst, you agree to the collection and use of information as described in this policy.
When you sign in with Apple, we receive your Apple-provided user identifier, and optionally your name and email address if you choose to share them. We use Supabase Auth to manage your session securely.
Your email address, if provided, is used only for account recovery and important service communications. We will never sell your email or use it for marketing without your consent.
With your explicit permission, we read workout data from Apple HealthKit. The specific data types we access include:
We do NOT access:
Only workout summary data (type, duration, calories, timestamps) is transmitted to our servers for reward calculation. Raw health samples never leave your device.
We use Apple's Screen Time APIs (FamilyControls, ManagedSettings, DeviceActivity) to enable app blocking functionality that you configure.
Your app selection (which apps you choose to block) is stored as an opaque, randomised token generated by iOS. We cannot see which specific apps you selected, how often you use them, or your app usage duration. We only know that a selection exists.
All app blocking decisions are processed entirely on your device. We do not collect, transmit, or store any data about your specific app usage patterns.
We read the source metadata of workouts stored in Apple HealthKit to identify which fitness apps and devices contributed your workout data (e.g. Strava, Garmin Connect, Nike Run Club, Apple Watch). This allows us to show you which apps are contributing workouts and to provide quick-start links to your favourite fitness apps.
We do not have direct integrations with Strava, Garmin, or any other third-party fitness platform. We do not connect to their APIs, store their credentials, or access your accounts on those services. All workout data is read exclusively through Apple HealthKit.
We store workout event records (activity type, duration, timestamps, source) to calculate and award screen time rewards. We maintain a reward ledger tracking screen time earned and screen time spent. We also store daily streak and goal completion data.
We collect limited technical information including:
We do not sell technical data to third parties.
We collect privacy-conscious product analytics to understand whether MoveFirst is working well and where users drop off. This may include app opens, screen views, onboarding progress, permission status results, paywall views, free-trial starts, subscription status changes, app version, device platform, and similar product usage events.
We also use App Store Connect campaign links and custom product pages to understand which marketing channels and messages lead to App Store visits, downloads, trials, subscriptions, and sales. This reporting is provided by Apple in aggregate and is subject to Apple's privacy thresholds.
We do not send Apple HealthKit workout details, calories, workout timestamps, workout source apps, Screen Time app selections, or app usage duration to analytics or advertising providers.
If you visit movefirst.co, we may collect basic website analytics such as page views and referral information to understand website performance. We do not use session replay or advertising pixels on the website in the current version.
We use the information we collect to:
We comply with Apple's App Store Review Guidelines (Section 27) and HealthKit documentation requirements:
MoveFirst uses the following third-party services to operate the App:
Each of these services has their own privacy policy governing their handling of data.
Your workout and reward data is retained for as long as your account is active. You can delete your account at any time from the App's settings.
When you request deletion, your account enters a 7-day soft-delete grace period. During this window your account is signed out and inaccessible, but your data is still recoverable. If you sign in again with the same Apple ID within 7 days, the deletion is cancelled and your account is restored.
After the 7-day grace period, your account and all associated data is permanently and irreversibly deleted from our servers, including: account information, workout records, reward ledger entries, preferences, and streak history. A daily background job finalises deletions for accounts that are not restored.
To complete the deletion process at the Apple level, we recommend you also revoke MoveFirst's access to your Apple ID at appleid.apple.com under "Sign in with Apple" → MoveFirst → "Stop using Apple ID".
MoveFirst is intended for users aged 18 and older. We do not knowingly collect personal information from children under 18. If we learn that we have collected data from a child under 18, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at contact@movefirst.co.
You have the right to:
If you are located in the European Economic Area (EEA), you may also have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability and the right to lodge a complaint with a supervisory authority. If you are located in Australia, the Australian Privacy Principles (APPs) under the Privacy Act 1988 may also apply. Please contact us if you wish to exercise any of these rights.
We may update this Privacy Policy from time to time. We will notify you of material changes through the App or via email if you have provided one. Continued use of MoveFirst after changes constitutes acceptance of the updated policy.
For privacy-related questions or requests, contact us at: contact@movefirst.co