The STEARsoft App does not access any personal data from your device. No Device location is used. No access to your photos is made. No access to your Contacts, no access to health data or any other form of personal data on your iPhone is made either.
No data is sent to STEARsoft from the App apart from anonymous usage information that is collected and passed on by Apple if you explicitly opt into this.
You should be aware that the data you enter into the STEARsoft App may be 'backed up' automatically as part of your iPhone/iPad automated backup processes that you probably have enabled. This means that such data may end up with an iTunes installation if you connect to iTunes on a computer, or may end up in your iCloud data backups. If this is of concern to you, you may control this behaviour in the 'Advanced Setup' options within the STEARsoft App where you can prevent backups.
No marketing is served through the STEARsoft App. No cookies or other software tracking techniques are used, and no data sharing or other interaction is made with other Apps running on your device, except for the explicit opening of data in another App which must be explicitly actioned by yourself using an Export option.
As mentioned above, there are options within the App to open your data in other Apps on your device or to send data in an email. None of these 'exports' happen automatically, so you are in control of when and where any data is sent, which again, will only be the STEARsoft data you entered directly into the App or synchronised from a STEARsoft Server.
STEARsoft therefore has no access to any of your personal data as a result of you installing and using the STEARsoft App so is neither a data controller or data processor of any of your data.
Synchronising with a STEARsoft Server
If you synchronise the STEARsoft App with a STEARsoft Server you should refer to the STEARsoft Server controller to determine how your data is handled there, but you can be reassured that the only data transferred during a 'Sync' is the STEARsoft data which was originally synchronised from such a server or that you entered directly into the STEARsoft App. When synchronising with such a server an identification number for your device is generated and transferred so that your device is recognised for future 'Synchronisations' to enable 2-way data transfer, increased data security and a faster 'sync' process. Your IP address and device name may also be logged as a security measure to help identify and stop any unauthorised activity. All data synchronised with a STEARsoft Cloud Server is encrypted and sent over a secure HTTPS connection that is authenticated and protected in the same way that HTTPS secure websites are, such as are used for online banking.
You should be aware that when synchronising with a 'Local' Server (that you may have installed yourself on Windows) data is only authenticated (validated as real, allowed and not altered) but is not encrypted. This means that if your communication can be intercepted, your information can be read. You should be reassured however that unencrypted passwords are not sent and that data cannot be changed (the authentication mechanism detects unauthorised changes and prevents them). You are advised to only use such 'Local synchronisation' on a secure private network and to consider using a STEARsoft Cloud Server with full HTTPS encryption instead, which may better serve your needs.