// LEGAL · PRIVACYPrivacy Policy
01Who we are
SafeRoute is a crime-aware walking navigation app for the United Kingdom and major US cities (New York, Chicago, San Francisco, Boston, Seattle, Philadelphia, and Washington, D.C.). The data controller is Minhaj Khan (an individual based in the State of New York, United States), referred to throughout this policy as "we," "us," or "SafeRoute."
Contact: minhaj@safe-route.app
This policy explains what personal information SafeRoute collects, why we collect it, how we use it, and the rights you have under the UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018, as amended by the Data (Use and Access) Act 2025.
02Scope
This policy applies to the SafeRoute iOS app, the optional SafeRoute Apple Watch companion, and the SafeRoute backend service that supports them. It does not cover third-party services that the app links out to (for example, the OpenStreetMap or Open Government Licence pages), which have their own privacy policies.
03Information we collect
SafeRoute is designed to collect as little personal information as possible. We do not require accounts, sign-in, or registration. We do not collect names, addresses, phone numbers, or payment information.
We process the following limited categories of data while you use the app:
Location data (GPS coordinates)
When you actively use SafeRoute to plan or follow a route, the app reads your device's GPS location. Coordinates are sent to our backend solely to compute walking routes and to retrieve crime context for your area. Coordinates are not stored against any persistent identifier on our servers.
Search queries
Text you type into the place-search box (for example, a destination name) is sent to our backend, which forwards it to Mapbox's geocoding service to turn it into a map location. We do not store your searches or link them to you.
Motion sensor data
If you use the SafeRoute Apple Watch companion, the watch reads device motion data on-device only, to detect off-route deviations. Motion data is not transmitted to our servers.
Technical request data
Our backend logs basic request metadata for security and abuse-prevention (request timestamps, IP addresses, response codes). Logs are retained for no more than 30 days and are not used to build a user profile.
Anonymous usage analytics
To understand which features are used and to catch performance problems, SafeRoute records a small number of anonymous, aggregate usage signals through TelemetryDeck, a privacy-focused, GDPR-compliant analytics provider. These signals are limited to event names (for example, that a screen was opened or a route was found), coarse load-time bands, and a coarse region label (US or UK). They never include your search text, coordinates, addresses, routes, contacts, or any identifier that could single you out. TelemetryDeck does not use advertising identifiers and does not track you across other apps or websites. You can turn this off at any time in the app under About → Anonymous analytics.
Beyond the anonymous analytics described above, SafeRoute uses no advertising identifiers, attribution frameworks, or cross-app trackers, and is configured with NSPrivacyTracking = false in its Privacy Manifest.
04What we do not collect
To remove ambiguity, SafeRoute does not collect:
- Your name, email address, phone number, or postal address
- Your contacts, photos, calendar, or other on-device content
- Your device's advertising identifier (IDFA)
- Browsing history outside of SafeRoute
- Health data, biometrics, or financial information
- Persistent identifiers tying your activity across sessions
05Why we use this information
Under Article 13 UK GDPR, we are required to tell you why we process your data and the lawful basis we rely on. Our processing is grounded in the following bases under Article 6(1) UK GDPR:
| Purpose | Data used | Lawful basis |
|---|---|---|
| Computing walking routes between origin and destination | GPS coordinates | Performance of a contract Art. 6(1)(b) — you cannot use a navigation app without sending coordinates to a routing service. |
| Showing crime context along candidate routes | Approximate area coordinates | Legitimate interests Art. 6(1)(f) — providing the core safety feature you opened the app for. |
| Geocoding place searches | Search query text | Performance of a contract Art. 6(1)(b) |
| Off-route detection on the watch | Motion sensor (on-device only) | Performance of a contract Art. 6(1)(b) |
| Backend security, abuse prevention, rate limiting | Request metadata, IP address | Legitimate interests Art. 6(1)(f) — protecting the service from abuse. |
We have considered the balancing test for each "legitimate interests" use and concluded that the limited processing involved is proportionate to a clear user-facing benefit. You can object to legitimate-interests processing at any time (see Section 9).
06Who we share your information with
To deliver the app, your data is processed by a small number of named third parties. We do not sell, rent, or monetise your data, and we share only what is necessary for each subprocessor's specific function.
| Subprocessor | What they receive | Purpose | Where |
|---|---|---|---|
| Mapbox, Inc. | Origin and destination coordinates, search queries | Walking-route directions; map tiles; geocoding | United States |
| OpenStreetMap Foundation (Overpass) | Approximate area coordinates only | Nearby safe-place lookups (Find Help) and street-lighting for well-lit routes | Germany (Europe) |
| data.police.uk (UK Home Office) | Bounding-box coordinates only | Public crime statistics retrieval (United Kingdom) | United Kingdom |
| NYC Open Data (City of New York / NYPD) | Bounding-box coordinates only | Public crime statistics retrieval (New York) | United States |
| US city open-data portals — Chicago Data Portal, DataSF, Analyze Boston, Seattle Open Data, OpenDataPhilly, Open Data DC (the respective city police departments) | Bounding-box coordinates only | Public crime statistics retrieval (Chicago, San Francisco, Boston, Seattle, Philadelphia, Washington D.C.) | United States |
| TelemetryDeck | Anonymous event & performance signals (no personal data, no identifiers) | Anonymous usage analytics (opt-out in app) | Germany (EU) |
| Render Services, Inc. | All backend traffic (transit only) | Hosting our backend | Germany (Frankfurt) |
| Apple Inc. | App distribution; crash reports if you opted in | iOS / watchOS platform services | Various |
Each subprocessor handles your data under their own privacy policy. Mapbox and Render are subject to their own contractual data-protection terms with us. Apple's privacy practices are governed by their public privacy policy.
07International transfers
Because the data controller (Minhaj Khan) is based in the United States, your personal data is processed in the U.S. by us and by Mapbox. Our backend infrastructure runs in Germany.
The European Commission's adequacy decision recognises the UK as providing adequate data protection. There is no current adequacy decision for the United States, so transfers from the UK to U.S. subprocessors rely on the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, as applicable. We have conducted a Transfer Risk Assessment for transfers to U.S. subprocessors.
You can request a copy of the safeguards in place by emailing minhaj@safe-route.app.
08How long we keep your information
We keep your information only as long as necessary to provide the service:
- Live route requests: Coordinates are processed in memory only and are not persisted to disk on our servers.
- Backend cache: Public crime data and place-of-interest data fetched from upstream sources is cached on our servers for up to 24 hours to reduce upstream load. Cached data is keyed by area, not by user.
- Request logs: Retained for up to 30 days for security and rate-limiting purposes, then automatically deleted.
- On-device data: Your iPhone and Apple Watch retain locally cached map tiles and route history under your device's normal control. You can clear this at any time by deleting the app.
We do not retain any personally-identifying information about you on our servers, because we do not collect any.
09Your rights under UK GDPR
You have the following rights regarding your personal data. Because we hold no persistent identifiers tying you to specific records, some rights may be inapplicable in practice — but you can always invoke them and we will respond.
- Right of access (Art. 15): you can request a copy of any personal data we hold about you.
- Right to rectification (Art. 16): you can request correction of inaccurate data.
- Right to erasure (Art. 17): you can request deletion. (In practice, simply uninstalling the app removes any locally cached data.)
- Right to restrict processing (Art. 18).
- Right to data portability (Art. 20): receive your data in a structured, machine-readable format.
- Right to object (Art. 21): you can object to processing based on legitimate interests at any time.
- Rights relating to automated decision-making and profiling (Art. 22A, as introduced by the Data (Use and Access) Act 2025): SafeRoute uses an algorithmic crime-exposure score to rank candidate walking routes. This is route ranking based on public data, not a decision made about you, and does not produce legal or similarly significant effects on you. Article 22A safeguards therefore do not apply, but you can disable the safety overlay in-app at any time.
To exercise any of these rights, email minhaj@safe-route.app with the words "Privacy request" in the subject line. We will respond within one calendar month.
10Children
SafeRoute is a general-audience navigation app. It is not directed at children under 13 and we do not knowingly collect any personal information from children under 13. SafeRoute may be downloaded and used by older minors (13–17) on their own devices; in that case, the same minimal data practices described in this policy apply.
In line with the "children's higher protection matters" duty added to the UK GDPR by the Data (Use and Access) Act 2025, we have considered the needs of minors who may use the app. SafeRoute does not contain advertising, in-app purchases, social features, profiling, or content unsuitable for minors. We do not target children with marketing.
11Security
We protect your data using:
- Transport security: All traffic between the app and our backend uses TLS 1.2 or higher. App Transport Security (ATS) is enforced.
- Authentication on backend endpoints: Our backend rejects unauthenticated requests; the auth key is shipped with the app, not entered by users.
- Rate limiting: All endpoints rate-limited per IP to prevent abuse.
- Minimal data collection: The strongest protection is data we never collect.
- No password storage: SafeRoute has no accounts, so we never store passwords.
- Server hardening: Our backend runs on Render's managed platform with automatic OS patching.
No system is 100% secure. If we ever became aware of a personal data breach affecting users, we would notify the ICO within 72 hours under Article 33 UK GDPR, and notify affected users without undue delay if the breach posed a high risk to their rights.
12Right to complain
If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: ico.org.uk/concerns
- Phone: 0303 123 1113
- Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
We would prefer the chance to address your concern first — please email minhaj@safe-route.app.
13Changes to this policy
We may update this policy from time to time, for example to reflect changes to our app, our subprocessors, or applicable law. Material changes will be reflected by an updated "Effective date" at the top of this document. Significant changes that introduce new processing purposes will be communicated through an in-app notice before the new processing begins.
The current version of this policy is always available at this URL.
14Contact
For privacy questions, data subject rights requests, or anything else covered by this policy:
Minhaj Khan
Email: minhaj@safe-route.app