Privacy Policy

Humble Badge LLC

Effective Date: May 1 2026 Last Updated: May 1 2026

1. Introduction

HumbleBadge helps you track, celebrate, and collect badges for personal achievements—hikes, rides, climbs, and other milestones. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

This policy applies to the HumbleBadge iOS application and the website at humblebadge.com (together, the "Services"), operated by Humble Badge LLC, a Washington limited liability company ("Humble Badge," "we," "us," or "our"). By using HumbleBadge, you agree to the practices described here, which are part of our Terms of Service, Cookies page, and Community Guidelines. If you don't agree, please don't use the Services.

We've tried to write this in plain language. Where we make a specific factual claim about how the Services work, we mean it; if anything in here ever stops being accurate, we'll update the policy.

2. Information We Collect

2.1 Information you provide

When you create an account and use HumbleBadge, you provide:

• Email address. We use email as your primary identifier and to send you one-time login codes. We do not store passwords because HumbleBadge uses passwordless authentication.
• Display name and handle. Your display name is shown on your profile and on any badges or activity you choose to share. A URL-friendly handle ("slug") is automatically generated from your display name.
• Profile photo (optional). If you set a profile picture, we store it as part of your account.
• Age confirmation. At signup we ask you to confirm you are 13 or older. We store the date and threshold of this confirmation, but not your date of birth.
• Achievement details. When you earn a badge, you provide the badge type, the date and time, optional notes (short), and an optional longer description (up to 2,000 characters). Hashtags in your description are extracted for organization.
• Photos (optional). You may attach up to five photos per badge, each up to 10 MB. See "Photo metadata" below for how photo data is handled.
• Custom badges and collections. If you create your own badge definitions or collections, we store the names, descriptions, and configuration you provide.

2.2 Information collected automatically

When you use the Services, we automatically collect:

• Location at the time of earning a badge. We collect GPS coordinates only when you tap to earn a badge. HumbleBadge does not track your location continuously or in the background. For badges tied to a specific point (such as a mountain summit), we collect full-precision coordinates to verify the achievement. For badges tied to a larger area (such as a national park), we round coordinates to roughly 100-meter precision.
• Activity summary data. For badges that recognize cumulative or threshold-based activity (such as a 100-mile cycling milestone), we receive only summary metrics from your device—typically duration and distance. We do not receive raw workout data, heart rate, route samples, cadence, power, or other detailed health data.
• Device information. A device identifier we generate (stored in iOS settings on your device) so we can synchronize your data between your device and our servers, plus your iOS app version for compatibility checks.
• Server request logs. Our servers log the IP address, user account, endpoint, and timestamp for each API request. These logs are retained for up to 60 days and used for security, abuse prevention, and rate limiting.
• Usage limits. We count certain actions per account per day (such as how many badges you create) to enforce reasonable use. Current limits include 50 new badges per day and 100 media uploads per day.

2.3 Photo metadata (EXIF)

Photos taken on smartphones often contain embedded metadata, including GPS coordinates and a timestamp. When you attach a photo to a badge:

• We extract and retain only the GPS coordinates and capture timestamp from the photo's EXIF data.
• All other EXIF data—camera serial number, device model, exposure settings, editing history, etc.—is removed before the photo is stored.
• For badges that require photo-based verification, we use the extracted GPS and timestamp to confirm your achievement matches the badge's requirements.

If you don't want a photo's GPS to be used for verification, you can strip the location from the photo on your device before uploading.

2.4 Apple HealthKit and Garmin integration

HumbleBadge can recognize milestones based on activity tracked by Apple Health or stored in Garmin FIT files. This integration is optional and requires your explicit permission.

• HealthKit data is processed on your device. When the app determines that you've crossed a milestone (for example, a cumulative running distance), it sends only the summary information needed to award the badge—typically duration and distance. Heart rate, route data, active energy, and other health information stay on your device and are not transmitted to our servers.
• Garmin FIT files are also parsed on your device. If you import a FIT file, the file itself is not uploaded; only the derived summary metrics needed for the badge are sent to our servers.
• HealthKit data is never used for advertising or shared with third parties.

You can revoke HealthKit access at any time in iOS Settings → Privacy & Security → Health → HumbleBadge.

2.5 What we do not collect

To set expectations clearly:

• We do not use advertising identifiers (IDFA) and do not display the iOS App Tracking Transparency prompt. HumbleBadge does not track you across other apps or websites.
• We do not embed third-party analytics, advertising, or social media SDKs.
• We do not use tracking cookies on humblebadge.com. The website uses one strictly-necessary session cookie for basic functionality and a self-hosted, cookieless analytics tool (Umami). See our Cookies page for details.
• We do not collect contacts, calendar data, microphone audio, or browsing history.
• We do not store passwords, payment card numbers, or banking information.

3. How We Use Your Information

We use the information described above to:

• Provide the core Services—let you log achievements, earn and display badges, and build collections.
• Verify achievements where the badge requires it (for example, comparing your location against a geofence or your photo's metadata against the badge requirements).
• Send transactional emails such as login codes, account notifications, and welcome messages.
• Synchronize your data across your device and our servers.
• Keep the Services secure—detect abuse, enforce rate limits, and investigate violations of our Terms of Service.
• Improve the Services using aggregated and anonymized usage information.
• Comply with legal obligations and respond to lawful requests.
• Feature publicly shared content in marketing materials. When you choose to make a badge or other content public, we may feature it in materials promoting HumbleBadge, such as App Store screenshots, social media posts, blog content, or press materials. We attribute properly when we do this. We do not use private content this way.
• Show you sponsored badges and promoted content. HumbleBadge may feature sponsored badges from partners (for example, parks, brands, or organizations) and may show paid promotional placements within the Services. We may use broad regional context (such as your country or general region, derived from the location data we already collect) to decide which sponsored or promotional content is most relevant. We do not target individual users based on their behavior, achievement history, friends, or activity patterns.
• Share aggregated metrics with sponsors. When a partner sponsors a badge or pays for placement, we may share aggregated, anonymized metrics about how that content performed. Examples include the total number of users who earned a badge, geographic distribution at state-or-coarser precision, time-period patterns (e.g., which season was most active), and badge-pairing patterns (which other badges earners commonly held). We do not share individual user identities, individual activity timelines, individual behavioral patterns, or aggregates that could re-identify individuals.

We do not sell your personal information. We do not share your personal information with third parties for their own marketing.

3.1 No AI training on your content

We do not use your content (photos, descriptions, notes, badge definitions, or other content you create) to train artificial intelligence or machine learning models. Our use of AI in HumbleBadge is limited to generating badge artwork from prompts our team writes—no user content is sent to AI image-generation or language-model services.

If we ever propose to use your content for AI training, we will give you at least 30 days' advance notice and the opportunity to opt out before any such use begins.

4. How We Share Your Information

4.1 Service providers

We use a small number of third-party vendors to operate the Services. These vendors process data only on our behalf and under contractual data-protection obligations:

• Amazon Web Services. Hosts our application, database, file storage, email delivery (Amazon SES), and server logs. All user data is stored in the United States.
• Apple. Distributes the iOS app and provides aggregated install statistics and crash reports through App Store Connect. If you opt into iOS Diagnostics & Usage sharing, Apple may also share anonymous diagnostic data with us via Xcode Organizer.
• Email provider for customer support. Inbound support emails are received and stored through our business email provider.

4.2 Other users

By default, your earned badges, custom badges, and collections are private. Other users see your information only when you take an explicit action to share:

• If you mark an earned badge as public, it appears on the HumbleBadge activity feed visible to other users. Location data on publicly shared badges is reduced to roughly 1-kilometer precision before display.
• If you share a badge using your device's share sheet to an external platform (such as a social network), iOS sends an image and a link to that platform. HumbleBadge does not transmit additional information to those platforms.
• If you connect with another user (for example, as a friend), you and that user can see and react to each other's shared content. Reactions you give and receive are visible to the other party.

4.3 Sponsors and promotion partners

When a partner sponsors a badge or pays for promotional placement, the data flows are limited:

• We do not give sponsors access to our user database, and partners cannot identify which individual users saw, embarked on, or earned their content.
• We may share aggregated, anonymized metrics with sponsors as described in Section 3, such as total earn counts, geographic distribution at state-or-coarser precision, time-period patterns, and badge-pairing patterns. We do not share aggregates that could re-identify individuals.
• Sponsored badges and paid placements are clearly labeled (for example, as "Sponsored" or "Paid") so you know when content is part of a partnership.
• Targeting is limited to broad regional context, not your individual activity, friends, or behavior.

4.4 Legal and safety

We may disclose information when we believe in good faith that disclosure is necessary to comply with a legal obligation, enforce our Terms of Service, protect the rights, property, or safety of HumbleBadge users or others, or respond to a verified emergency.

4.5 Business transfers

If Humble Badge is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such transfer and any material changes to how your information is handled.

5. Data Security

We use industry-standard practices to protect your information:

• Encryption in transit. All connections to our servers use TLS 1.2 or higher.
• Encryption at rest. Our database and backups are encrypted at rest using AES-256 (AWS RDS-managed encryption).
• Authentication. HumbleBadge uses passwordless authentication. Login codes expire within 15 minutes. Refresh tokens are stored as cryptographic hashes (SHA-256); the original tokens are never logged or stored in plaintext.
• Access controls. Only authorized personnel can access production systems, and access is logged.

No system is perfectly secure. We can't guarantee that information transmitted to or stored by us is immune to unauthorized access, but we work to minimize that risk and to respond quickly if it occurs.

6. Data Retention

We keep your information only as long as we need it to provide the Services or to meet legal obligations:

• Active accounts. Account information, badges, collections, and media remain in our systems while your account is active.
• Deleted badges. When you delete an earned badge, we mark it as deleted and remove it from your view immediately. The underlying data is permanently deleted within 30 days, including any associated photos in object storage.
• Deleted accounts. When you delete your account, your personal information is removed within 30 days, except for limited records we are required to retain for legal, accounting, or fraud-prevention purposes.
• Accounts terminated by us. If we terminate your account for a non-severe Terms violation, we will give you at least 30 days to export your content before we delete it. For severe violations (such as child safety violations, fraud, or court orders), we may delete content immediately if it is evidence of the violation or further harm.
• Server request logs. Logs containing IP addresses, user IDs, and request metadata are retained for up to 60 days and then automatically purged.
• Login codes. One-time login codes are deleted as soon as they are used or after 15 minutes, whichever comes first.
• Customer support communications. Support emails are retained for as long as necessary to resolve your inquiry and for a reasonable period afterward for reference and quality improvement.

6.1 If we shut down the Services

If we ever discontinue HumbleBadge entirely, we will give you at least 30 days' advance notice and provide a way to export your content before it is deleted, where practicable.

7. Your Rights and Choices

7.1 Access, correction, and deletion

You can update most of your information directly in the app—your display name, profile photo, badge details, notes, and descriptions. To request a copy of your data, correction of inaccurate information, or deletion of your account, contact us at the email in Section 12. We will respond within 30 days.

7.2 Location

You can grant or revoke location permission at any time in iOS Settings → Privacy & Security → Location Services → HumbleBadge. We use the "While Using" permission level only; we do not request "Always" location access. Without location permission, badges that require location verification cannot be earned.

7.3 HealthKit

You can grant or revoke HealthKit access at any time in iOS Settings → Privacy & Security → Health → HumbleBadge. Without HealthKit access, milestone badges based on Apple Health activity cannot be awarded.

7.4 Photos

You can grant or revoke photo and camera access in iOS Settings. You can also strip GPS metadata from photos on your device before uploading them to HumbleBadge.

7.5 Email

Transactional emails (login codes, account notifications) are required for the Services to function and cannot be turned off without closing your account. We do not currently send marketing emails. If we add them in the future, they will be opt-in and will include a one-click unsubscribe link.

8. iOS App-Specific Information

8.1 Permissions we request

HumbleBadge requests the following iOS permissions only when needed:

• Location (While Using the App). To verify achievements when you earn a badge.
• Photos / Camera. To attach photos to your badges.
• Apple Health (HealthKit). Optional. To recognize milestones based on activity. Only summary data leaves your device.

8.2 On-device data

Some HumbleBadge data lives on your device and is not transmitted to our servers, including raw HealthKit workout details, GPS accuracy metadata, and queued offline actions. iOS encrypts this data at rest using the device's standard encryption.

8.3 Tracking

HumbleBadge does not track you across apps or websites owned by other companies. Our App Store privacy disclosure declares "Data Not Used to Track You."

8.4 In-app purchases

HumbleBadge does not currently offer in-app purchases. If we add them in the future, they will be processed entirely by Apple. We will receive a purchase confirmation and a pseudonymous transaction identifier; we will not receive your payment card details. We will update this policy before any in-app purchases become available.

9. Content and Community

9.1 User-generated content

HumbleBadge lets you create content: badge definitions, collections, descriptions, notes, photos, and a display name. You're responsible for the content you create. Don't upload content that is illegal, infringes someone else's rights, or violates our Terms of Service or Community Guidelines.

9.2 Moderation

To keep HumbleBadge safe and welcoming, we use a combination of automated scanning and reactive moderation:

• Automated scanning. Photos and certain text fields may be automatically scanned for unlawful content, abuse, or policy violations before or shortly after upload.
• User reporting. You can report content that violates our policies. Reports are reviewed by our team.
• Staff review. When automated systems flag content, or when content is reported, our team may review the flagged content, including any associated user information needed to investigate and respond.
• Action. We may remove content, restrict features, or terminate accounts that violate our policies. Where required by law, we report unlawful content to the appropriate authorities.

9.3 Public sharing

If you choose to share an earned badge publicly, it becomes visible on the HumbleBadge activity feed to other users. Public badges show your display name, the badge, the activity, and a reduced-precision location (approximately 1-kilometer accuracy). You can make a publicly shared badge private again at any time, but other users may have already seen it.

If you share content publicly that includes children, please be thoughtful about names, faces, and identifying details. Once content is public, you can't fully control where it goes. We strongly recommend not including children's names or recognizable photos in public posts. See our Terms of Service for the full discussion.

10. Children's Privacy

HumbleBadge is intended for users aged 13 and older. HumbleBadge is not designed for, directed at, or marketed to children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us at the email in Section 12 and we will delete the information and terminate the account.

We do not target sponsored or promotional content to children, and we do not share data about children with sponsors or promotion partners.

11. International Users and Privacy Laws

11.1 Where data is stored

HumbleBadge data is stored and processed in the United States. If you access the Services from outside the United States, your information will be transferred to and processed in the United States, where data-protection laws may differ from those in your country.

11.2 European Economic Area, United Kingdom, and Switzerland

If you are in the EEA, UK, or Switzerland, you have rights under the EU General Data Protection Regulation (GDPR), the UK GDPR, or the Swiss Federal Act on Data Protection, including the right to access, correct, delete, restrict, port, or object to processing of your personal data, and the right to lodge a complaint with your local data protection authority.

Our legal bases for processing are: performance of the contract you enter into when you use the Services; our legitimate interests in operating, securing, and improving the Services; your consent (for example, when you grant location or HealthKit permission); and compliance with legal obligations.

Transfers of personal data from the EEA, UK, or Switzerland to the United States are made under Standard Contractual Clauses adopted by the European Commission, including the data processing agreement with Amazon Web Services.

11.3 California residents

If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you the right to know what personal information we collect, to access and delete that information, to correct inaccurate information, and to opt out of the "sale" or "sharing" of your personal information. We do not sell or share personal information as those terms are defined in the CCPA. We will not discriminate against you for exercising your rights.

11.4 Other US states

Residents of other US states with comprehensive privacy laws (including Virginia, Colorado, Connecticut, Utah, and Texas) have similar rights. Contact us at the email in Section 12 to exercise any of them.

12. Contact Us

If you have questions about this Privacy Policy, want to exercise any of your rights, or need to report a privacy concern, contact us at:

• Email: privacy@humblebadge.com
• Mailing Address: Humble Badge LLC, Seattle WA USA
• Website: https://humblebadge.com

We will acknowledge requests promptly and respond within 30 days. If we need more time, we will let you know.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top of the policy reflects the most recent revision.

If we make a material change—for example, if we begin collecting a new category of personal information, share data with a new category of third party, or introduce a feature with significant privacy implications such as on-chain or NFT functionality—we will give you at least 30 days' advance notice by email and through an in-app notification, along with a summary of what is changing. Your continued use of the Services after the effective date of the change constitutes acceptance of the updated policy.

Appendix A: Data at a Glance

This summary is provided for convenience. Where it conflicts with the body of the policy, the body controls.