Privacy
Privacy Policy
thetrail.guide — last updated: 14 July 2026
The short version: we don't track you. There are no analytics, no advertising identifiers, no accounts and no tracking cookies. The only personal data we deliberately keep is the feedback you choose to send us.
Who we are
The Trail Guide is an independent, non-commercial trail-conditions service run by a single operator based in Zürich, Switzerland. Contact: [email protected]
What data we collect and why
1. Visitor IP address
What: Your IP address is processed on every page load.
Why: Cloudflare (proxy, WAF, Bot Fight Mode) uses it to route traffic, block malicious requests, and enforce rate limits. Our own rate limiter on the backend also processes it temporarily to prevent API abuse.
Storage: Our web server writes a standard access-log entry for every request. Each entry contains your IP address, the time, and the URL requested — including its query parameters, which for map requests describe the area of the map you were viewing. These logs are held on our own server in Switzerland, kept for a maximum of 30 days, and then automatically discarded. They are used only for debugging and investigating abuse; they are never used to build a profile of you and are never shared. Cloudflare separately retains its own logs under its policy (see the processor table below).
Legal basis: Legitimate interest — protecting service availability and security (Swiss FADP Art. 31; GDPR Art. 6(1)(f)).
2. Feedback (rating + free text)
What: If you submit feedback, we store your star rating, your free-text message, the page you were on, and your browser user-agent string. We do not ask for your name or email — but if you type them into the text box we will hold them until the record is deleted.
Why: To understand trail-report quality and improve the service.
Storage: Stored in our database on a self-hosted mini-PC in Switzerland. The same message is also emailed to [email protected] via PrivateEmail's SMTP servers.
Retention: Records are reviewed periodically and deleted when no longer needed. If you want a specific record deleted, email us with the approximate date and content and we will remove it within 30 days.
Legal basis: Legitimate interest (Swiss FADP Art. 31; GDPR Art. 6(1)(f)).
3. Map tiles and imagery
What: When the map loads in your browser, your browser makes direct requests to CARTO (basemap) and Esri (imagery). Those providers receive your IP address and the tile coordinates you are viewing (which reveals the approximate area of interest).
Why: We use their tile infrastructure to render the map — your browser fetches tiles directly; they do not pass through our server.
Storage: Not stored by us. See CARTO's and Esri's own privacy policies for their data handling.
Legal basis: Necessary for the service to function (Swiss FADP Art. 31; GDPR Art. 6(1)(b)).
4. GPX / TCX / FIT file uploads
What: If you use the "match my route" feature, your file is sent to our matching endpoint, parsed in memory, and matched against trail segments.
Why: To return a trail-matched version of your route.
Storage: Not stored. The file and its contents are discarded after the response is returned. No GPS traces, timestamps, or device identifiers are written to our database.
Legal basis: Necessary to perform the requested action (Swiss FADP Art. 31; GDPR Art. 6(1)(b)).
5. "Locate me" and nearby discovery (browser geolocation)
What: If you click the locate-me button, your browser requests your GPS position using the standard Web Geolocation API.
Why: To centre the map on your position, and — if you use the "what's good near me" discovery feature — to find trail areas around you.
Storage: Centring the map happens entirely inside your browser; your position is not sent anywhere. If you use near-me discovery, your position is rounded to roughly one kilometre before it leaves your device, so we never receive your precise location. We deliberately do not need it: the areas we rank are about 2.5 km across, so a finer position would tell us nothing useful. The rounded position is used to answer that single request and is never written to our database, though — like any request — it does appear in our access logs for their 30-day life (see §1). The Switzerland-wide discovery view sends no position at all.
Legal basis: Consent — you explicitly grant permission in your browser.
6. Donations (Ko-fi)
What: If you donate, you are redirected to Ko-fi. Payment and personal data are handled entirely by Ko-fi.
Why: To support running costs.
Storage: We receive a notification email from Ko-fi confirming a donation was made. We do not receive or store your payment details.
Legal basis: Contractual necessity for the Ko-fi transaction (GDPR Art. 6(1)(b)); Ko-fi's own privacy policy governs their processing.
7. Local browser storage
What: We set two items in your browser's localStorage: a flag
recording that you acknowledged the site disclaimer, and a testing-environment access token
if you are using it.
Why: To avoid showing the disclaimer on every visit and to gate test features.
Storage: Stored only in your own browser. We never read these values server-side.
What we do not collect
- No analytics cookies or third-party tracking scripts (no Google Analytics, Plausible, Matomo, or similar)
- No advertising identifiers
- No account registration or passwords
- No persistent session cookies beyond the localStorage items above
Third-party data processors
| Processor | What they receive | Their privacy policy |
|---|---|---|
| Cloudflare | Your IP, request metadata | cloudflare.com/privacypolicy |
| CARTO | Your IP, map tile coordinates | carto.com/privacy |
| Esri | Your IP, imagery tile coordinates | esri.com privacy statement |
| PrivateEmail (Namecheap) | Feedback message content, your browser user-agent | namecheap.com privacy policy |
| Ko-fi | Donation payment details (we see only a confirmation) | more.ko-fi.com/privacy-policy |
Your rights
Under the Swiss FADP and, where applicable, the GDPR, you have the right to:
- Access — request a copy of any personal data we hold about you
- Correction — ask us to fix inaccurate data
- Deletion — ask us to erase your data
- Objection — object to processing based on legitimate interest
- Portability — receive your data in a machine-readable format (GDPR only)
- Lodge a complaint — with the Swiss Federal Data Protection and Information Commissioner (FDPIC) at edoeb.admin.ch, or with your EU supervisory authority if you are in the EU
To exercise any right, email [email protected]. We will respond within 30 days.
Future features
GPS observations. A planned feature will allow users to submit trail observations that include a GPS position (device location at a specific trail, at a specific time). This is significantly more sensitive data. Before this feature ships, a separate consent notice will be added to the submission flow and this policy will be updated. It will not be activated silently.
Strava integration. A planned OAuth integration with Strava will require users to explicitly authorise access to their Strava data.
Changes to this policy
We will update the "last updated" date at the top when changes are made. For significant changes affecting how we process personal data, we will note the change in the site's changelog or release notes.
Contact
[email protected] — Zürich, Switzerland