Privacy Policy

Introduction

Data privacy is a subject that the TrackSpy team takes very seriously. The use of vehicle and location data creates benefits and extra value for the user, but also exposes information that user may also want to keep private. We have a privacy policy for TrackSpy that we believe creates great value from the use of such data whilst at the same time maintaining user privacy through anonymity.

In order to provide full transparency about what information TrackSpy is gathering, not just from the vehicle, but from other phone-based sensors, we have provided the following list of the permissions and privileges TrackSpy requests from the smartphone operating system and why. In each case, we do not provide an explicit privacy statement for each case - the Privacy Policies included in Apple's and Google's End User Licenses apply here.

Please note that, in providing this list (section 4.6), we have assumed your mobile device is in its standard off-the-shelf configuration as supplied by the manufacturer. If you are using TrackSpy on a rooted Android device or an iPhone/iPad that has been subject to jailbreaking, we can provide no guarantees on privacy.

TrackSpy does not sell, or otherwise pass on, any data gathered from its user base from the data that is gathered by use of the app, nor any data that is uploaded to the TrackSpy Data Server that can identify any individual user, or user’s mobile device, or vehicle ID from which an engine data was sourced. If there is any change to this policy, TrackSpy undertakes to inform all of its users of this policy by use of user messages that are served at the time that an upload is attempted from the TrackSpy app.

All messages that are served to TrackSpy in this way are stored on a “TrackSpyUserMsg.txt” file that is located in the main TrackSpy data folder on the mobile device.

Data Transfer

This section of the manual provides an overview of the instances that TrackSpy will communicate with outside world. In the context of an application such as TrackSpy, “outside world” could also mean access to external memory, which includes a removable SD-Card. Internal data is sandboxed for TrackSpy by Android (which is effectively a Linux distribution) and iOS, which means that this data (preferences, access keys, etc) is protected from external access. No other app can ever access this data, unless the user explicitly roots or jailbreaks their device. The following sections assume that this has not been done:

TrackSpy Video Server Data

No mission-critical data is transmitted to the TrackSpy Data Server, although some data is a requirement to allow the TrackSpy Data Server to properly render the incoming video and sensor data and assign it to a specific user. Aside from the video file that was recorded in that session, the data that is sent is made up of:

OBD data (only logged if the OBD Bluetooth connection was up before recording started, and if that data item is supported by the vehicle):

Lap data (only logged if GPS is enabled and a Lap Marker GPS co-ordinate was set before recording):

GPS location data (only logged if GPS was enabled and a satellite fix was established during recording):

Phone sensor data (if sensor is present on the device):

Static data: Camera Orientation (to ensure video orientation set correctly when rendered in the TrackSpy Data Server)

UTC time – the timestamp of each sample – used to allow synchronisation of the recorded data with the video stream.

The User ID and Device ID (IMEI) are needed to match incoming uploaded data with existing data, for grouping the data from a particular user. Both the account ID and phone ID are used, for cases where the user swaps to a different device, but has the same account, and therefore needs to see all uploaded data as a single user. This information is NEVER shared with anyone outside of TrackSpy, nor will it be divulged to a third party without the owners’ (your) consent.

If you want a detailed look at the data that is gathered and transmitted to the TrackSpy Data Server, you can access it using a normal file browser in your device (and a SQLite reader), or you can access it by connecting your smartphone to a PC via USB and browsing to the TrackSpy data location and opening the SQLite file in the recordings folders. You will need to use a SQLite reader to read this file, but there are a number of free ones available – our favourite so far is at http://sqlitebrowser.org/ . That’s it! What you see in that file is what we send – nothing more, nothing hidden.

Internal and External Sensors

TrackSpy is a sensor-intensive mobile application. It records GPS, OBD, acceleration, and records video and audio. Although internal sensors (GPS, acceleration, video, audio) can be accessed through OS interfaces, these channels are not "open" by default. Depending on the OS, you will be asked to approve access to some sensors when these services are accessed for the first time (iOS) or when installing the app (Android). TrackSpy will record 4.3 and store this data into its external storage media.

To access the external OBD sensor data, TrackSpy needs to be paired to an appropriate OBD Bluetooth dongle, fitted to the vehicle’s OBD port.

Access to the video and audio sources is treated as simply another sensor source in TrackSpy. For iOS7 and later, you need to explicitly allow TrackSpy to access the microphone for video capturing. Turning this privilege off will break video capture. In Android you need to agree to this access during installation (see section 4.6).

Twitter ‘Lap’ Updates

The data uploaded to the “TrackSpyLap” Twitter account on each Lap (when enabled) is comprised of

the following data:-

For the Twitter status update, the User ID is not the same as the User Account, to maintain privacy. See section 2.6.9 for details of the User ID used in Twitter Status updates.

Privileges Requested

TrackSpy needs to be granted permissions to access resources outside its so-called sandbox. While iOS will ask for the user’s permission when an external resource is accessed the first time, Android requires the user to agree on the full set of permissions during installation. It is not possible to select individual permissions in Android; it is all or nothing.

Android

In Android, you need to grant permissions during the install process. In case you do not agree to grant any of the permissions below, you cannot install and use TrackSpy at all, not even in a reduced

form:-

iOS

In-App Advertising

Android (Google AdMob)

For the ‘Preview’ version of TrackSpy and the full version that is in its initial “free-upload” mode, advertising is applied in a number of select screens and in response to some user actions.

These advertisements are served by Google, from its network of Ad suppliers via “AdMob”; TrackSpy does not provide these Ads itself. TrackSpy does, however, earn revenue from Ad links that are clicked on by the user (this does not cost the user anything – payments are paid direct to TrackSpy from Google).

When an Ad is selected by the user, Google may use the device ID from where the ad is serving to generate interest and demographic categories (for example, 'sports enthusiasts' or 'inferred age: 18- 34'). These interest and demographic categories will be used to serve ads better targeted to the user. For further information on AdMob, please refer to the Google AdMob website:

https://www.google.co.uk/ads/admob/

iOS (TBD)