Slopes and Your Data
I don't want to do anything creepy with your data. I charge users directly for Slopes Passes so I can avoid having to sell your data or do anything else questionable to make money and stay in business. I may use some of your data responsibly to improve Slopes, but that's it.
Let's unpack how I use and store your data:
A) Identifiable Data: If You Don't Have a Slopes Account
- All your recorded GPS data stays local to your phone and never hits the Slopes servers.
- You don't have an account or any purchase history, so there's nothing there to send to my servers, either.
B) Identifiable Data: With a Slopes Account
What specifically do I store about your recordings, and how?
At this point I'm giving you free online backup / sync, which does mean your recorded data is now on my servers.
- Data transmitted via the app to and from Slopes servers is encrypted following industry best practices.
- To provide sync the GPS data tracking your movements throughout the day is stored on my servers. This data is encrypted and stored in such a way to prevent public access.
- Personality identifiable account information, such as name and email, are stored separate from your private GPS data (so it is hard to match all that GPS data to your specific account unless all my servers are compromised).
- More generic data about your recordings (metadata) such as the resort it was at, time spent on lifts vs runs, speeds & verticals, notes, etc are also stored on my servers along side your account information to provide sync.
- Your purchase history within Slopes is stored on my servers along side your account information, too, to make all Slopes Pass purchases work on any device you log in from.
- I do not upload any of your Apple Health data to my servers. Calories burned, weight, and heart rate all stay local to your phone inside of HealthKit.
What data is shared with people you friend in Slopes?
- Your first + last name & avatar.
- Agregated stats for the month / season. Every friend will be able to see key stats (vertical, distance, top speed, time on runs) based on your recordings, but they won't see the recordings themselves.
- When you tag someone that you rode with, they'll get to see your daily stats for that day. In addition to stats, if they are a Slopes Premium user, your avatar will appear on their map of the day reflecting your location.
What about the group location sharing feature?
- Once turned on (off by default), your location will be sent to Slopes's server periodically as you record. If you leave it off, your live location never touches the Slopes servers.
- You can turn location sharing off at any time while you record, which will erase your location from the Slopes servers and hide your location from your friends instantly.
- Who can see your location? People you've friended on Slopes that are recording at the same resort on the same day. Or, if your're in the backcountry, friends recording within 2 miles.
- You can also share your location via a web link. Anyone with the link can view your location, but the link expires shortly after you finish recording.
- After 48 hours your location is completely erased from the Slopes servers.
I don't do anything with this location data, and access to it is limited. It does not leave the Slopes servers except to your friends in-app or via that link. My one exception to this rule is if ski patrol or a similar group reaches out to Slopes to help find a missing skier; if I can help save a life I will look up your last known location.
OK dude, you have my data, what do you do with it?
I act responsibly with it. Beyond what is needed to run Slopes I will not share your data with third parties, unless you enable a third-party integration such as connecting your Slopes account to Strava. But at that point sharing your data with a third party was kinda the point, right?
I will never, ever, sell your data.
How is your data shared with third parties so I can run Slopes?
- Your GPS data, account information, purchase history, and other data outlined above are stored on the third-party servers I pay for to run Slopes (Digital Ocean, Amazon AWS, etc).
- If you email in and ask for assistance your email address and our conversations are also then stored within my customer service helpdesk provider.
- Your email address + events you trigger (ex: "started 2019/20 season", "recorded first activity", "purchased a day pass") are sent to Vero if you opted into emails from Slopes. I use Vero to send automated emails based on key events, season recaps, and more personalized messages.
How is your data used inside Slopes?
- If you email in with a problem I will access your data, as needed, to assist with the problem.
- I may privately use your GPS data or generic activity data (anonymously, without knowing who it belongs to) to improve Slopes. For example, I may use some of your GPS data to help test improvements to my tracking algorithms, I may query for random users' days recorded at a specific resort to help track down new lifts or runs to identify, or I may aggregate a bunch of recorded data to help get the average wait times at lifts at a given resort. When I'm doing this I take care to not look up account information about who the data belongs to; I just grab the anonymous raw GPS data or activity metadata.
- If I do access your GPS data anonymously I will never publish it, even combined with a lot of other users' GPS data at that same location to make it anonymous, publically. I may publish resort-level information like "the average wait time for the Mountain Tripple is 3min" based on it, but not the GPS data itself.
If at any point you'd like to remove all of your data from the Slopes servers you can do so in-app under Account -> Edit Account & Profile -> Delete.
C) Anonymous Data Captured in-app to Improve Slopes
Beyond your account, purchase, and activity data outlined above, there is some anonymous/pseudonymous usage data Slopes tracks in-app:
- I do track pseudonymous usage data through Firebase: for example "someone recorded a day at Whistler for 7hrs" or "someone just started recording via Watch". Firebase doesn't get access to your account data, email, or any of the GPS data you recorded; just high level events about what is happening in the app. I do this so I can track popularity of resorts to prioritize improvements, gauge what kind of battery usage targets I should aim for, if people are even using certain features, etc.
- My premium map provider, MapBox, reports some annonymous non-identifiable data when using their maps to help them improve their mapping data and service (more here).
- You can turn off both of these anonymous trackings in-app under More -> Settings.
- Slopes also uses a crash reporter (Crashlytics) to aggregate and track crashes. These reports include non-identificable information such as what iPhone you have, where the crash occurred, my own logs I create to help me track down what happened, and an installation unique identifier to help correlate how many users experienced the crash vs repeat crashes for the same user.
I do occasionally advertise Slopes on Instagram, so I have the Facebook advertising SDK (code library) in Slopes which is pseudonymous. I do not share any data you enter into or capture with Slopes with Facebook; it is only used to track how many installs come from Instagram ads so they can accurately charge me. Removed in 2019.12, because Facebook is creepy and can't be trusted.