Privacy Policy
KÅDUKA TRAIL RUNNING
Effective Date
May 1, 2025
Privacy Contact
privacy@kaduka.app
Jurisdiction
Global (GDPR, CCPA & more)
Before you start reading —
We wrote this to be genuinely readable, not just to satisfy a legal checkbox. Kåduka is a GPS trail running app. That means we handle some of the most personal data that exists: where you go, when you go there, how fast, and how hard your heart works. We take that seriously. Our core promise: your location and health data are yours. You decide what is shared, with whom, and you can take it all back at any time, including downloading a full copy or deleting everything.
1. What Data We Collect
Because Kåduka is a GPS-based activity app, we collect more data than a typical service. The tables below show exactly what we collect, why, and whether it is required for core features.
1.1 Information You Give Us Directly
Data | What It Includes | Required? |
|---|---|---|
| Account details | Name, email address, username, hashed password | Yes — to create your account |
| Profile info | Age range, gender (if you choose to share) | No — only if you volunteer it |
| Biometric auth | Fingerprint / Face ID (processed and stored on your device only — never on our servers) | No — optional login method |
| Support messages | Anything you send to our support team | No — only when you contact us |
1.2 Data Collected Automatically During Activity
Data | What It Includes | Required? |
|---|---|---|
| GPS location | Real-time latitude/longitude, elevation, speed, heading | Yes — core tracking function |
| Location history | Full route logs, start/end coordinates, waypoints | Yes — activity records |
| Health metrics | Heart rate, pace, distance, elevation gain (only if a paired device shares this data) | No — device must opt in separately |
| Device sensors | Accelerometer, gyroscope, barometer, Bluetooth | Yes — movement detection |
| Camera / microphone | Only when you actively take a photo or record inside the app | No — only on your explicit request |
1.3 Technical and Device Data
We collect standard technical information to keep the app running: device model, OS version, device ID, push notification token, crash logs, and performance metrics. This data is used only for reliability and is not linked to your personal profile for marketing.
1.4 Payment Information
All payments are processed by Stripe (stripe.com/privacy). We never see or store your full card number. We receive only a transaction confirmation token and payment status.
2. How We Use Your Data
We use your data only for the purposes below. We do not sell your personal information to advertisers, data brokers, or any third party; ever.
Purpose | Description |
|---|---|
| Providing the service | Route tracking, trail maps, activity logging, and community features |
| Account & authentication | Secure login, identity verification, biometric access |
| Your personal analytics | Showing you your own progress, personal records, and training trends |
| Safety features | Emergency contact alerts and inactivity detection (opt-in only; you configure who is alerted) |
| App improvement | Understanding how features are used — aggregated and anonymised data only |
| Communications | Responding to your requests and sending essential service notices |
| Marketing (opt-in only) | Updates about new trails or features — only if you subscribed; unsubscribe anytime |
| Legal compliance | Meeting obligations under applicable law |
3. Location Privacy: Threats, Research & Our Protections
Why location privacy deserves its own section:
Peer-reviewed security research (Mink et al., CHI 2022, cited at the bottom of this document) studied how well 'privacy zones' actually protect fitness app users. Their finding was striking: even with a privacy zone enabled, 68% of guesses by ordinary, non-technical participants fell within 50 meters of a user's hidden home address, after viewing just three activities. In plain terms: the start/end point hiding that most fitness apps offer provides weaker protection than users assume. A motivated burglar, stalker, or other bad actor does not need technical skills to narrow down where you live, they just need to look at a few of your runs. We have built Kåduka with these documented, real-world risks in mind. Our protections are structural, not just toggles you have to remember to turn on.
3.1 Default: All Activities Are Private
When you create an account, every activity — including the full GPS route, start point, and end point — is set to Private. Nothing is visible to other users until you actively choose to share it.
3.2 Protected Zone (Start/End Obfuscation)
You can define a Protected Zone: a radius around any sensitive address (home, workplace, regular trailhead). When a Protected Zone is active:
Your route is automatically trimmed so the segments inside the zone are excluded from any shareable version of the activity.
The full, untrimmed route is retained in your private account only — your distance and elevation data stay accurate.
The Protected Zone boundary itself is never stored on our servers or shared with any third party.
We recommend using the largest zone radius that is practical for you. Research shows that larger zones are significantly harder for observers to defeat than smaller ones.
Important limitation you should know
Privacy zones reduce, but cannot fully eliminate, the risk of location inference. Researchers have demonstrated that an observer who can see multiple activities from the same user can sometimes estimate a sensitive location even with a zone active, by analyzing where routes consistently begin and end near the zone boundary.
To maximize your location privacy: use the largest zone available; vary your route starting points when possible; keep sharing set to 'Friends Only' or 'Private' rather than 'Public'; and consider beginning your GPS tracking a few blocks from home.
This is an industry-wide limitation, not unique to Kåduka. We disclose it clearly because we believe you deserve to understand the actual risk level.
3.3 We Do Not Use Your Routes to Infer Protected Locations
Kåduka will never use your private route data to reconstruct or infer an address you have designated as protected. Analytics partners receive only anonymised, aggregated trail-popularity data — never individual GPS traces or routes.
3.4 Live Location Is Never Broadcast Without Your Consent
Your real-time position during a run is transmitted only to our servers to record your activity. It is never shared with other users in real time unless you explicitly enable a live-tracking feature and personally share the access link.
3.5 You Control Location History Deletion
You can delete any individual activity — including its complete GPS trace — at any time from within the app. Deleted activities are purged from our servers within 30 days. See Section 15 for full data portability and deletion rights.
4. Social Sharing — Opt-In, Always
Kåduka is designed so that sharing is never automatic. Every sharing action requires your active choice. New accounts start fully private.
4.1 Activity Visibility Levels
Level | Who Can See This Activity |
|---|---|
| 🔒 Private (Default) | Only you. No other user, including Kaduka staff, can access this activity through the app interface. |
| 👥 Friends Only | Users you have explicitly accepted as friends can see your activity summary, duration, distance, and optionally your route map. |
| 🌍 Public | Any Kaduka user can see your summary and route. Only use this when you are comfortable with broad visibility and have a Protected Zone configured. |
4.2 Friend Connections Are Always Opt-In
No one is added to your friends list without your explicit acceptance of a request. We do not auto-follow, create social connections on your behalf, or suggest follows based on your physical proximity to another user during a run.
4.3 Profile Visibility Defaults to Friends Only
Your profile page (username, bio, photo) is visible only to accepted friends by default. You can expand this to all Kaduka users, or restrict it further, in Privacy Settings at any time.
4.4 Community Features
If you join group challenges, clubs, or segment leaderboards, your participation and result may be visible to other members of that group. You will always be informed of the visibility scope before joining, and you can withdraw at any time.
4.5 Tagging Requires Your Consent
Other users cannot tag you in activities or photos without your prior approval. Tag notifications require your confirmation before any tag becomes visible on your profile.
5. Legal Bases for Processing (Including GDPR)
European data protection law (GDPR) and many other privacy frameworks require us to identify a specific legal basis for each type of data processing. The table below explains this in plain language.
Withdrawing consent: Where we rely on your consent, you may withdraw it at any time through Privacy Settings or by emailing privacy@kaduka.app. Withdrawal will not affect the lawfulness of any processing that took place before you withdrew.
6. Who We Share Your Data With
We do not sell, rent, or trade your personal information. The only third parties who receive your data are service providers who help us operate Kaduka — and they are contractually prohibited from using it for any other purpose.
6.1 Service Providers
6.2 Legal Requirements
We may disclose your information when required by a valid court order, subpoena, or government investigation. Where permitted by law, we will notify you before complying with any such request.
6.3 Business Transfers
In the event of a merger, acquisition, or sale of substantially all assets, your information may be transferred as part of that transaction. You will be notified in advance and given the opportunity to delete your account before any transfer occurs.
6.4 Other Users (Only What You Choose to Share)
If you set an activity to Friends Only or Public, certain information becomes visible to the audience you selected. Choose your sharing level carefully, as we cannot control what users do with content they can legitimately view.
7. Cookies and Tracking Technologies
We use cookies and similar technologies on our website and app. Here is what we use and why:
Disabling essential cookies will prevent the app from functioning correctly. You can manage all other preferences through your browser, device, or the Privacy Settings page.
8. AI-Powered Features
Kaduka uses machine learning to enhance your experience. Here is what our AI does — and what it does not do.
8.1 What Our AI Does
Analyses your activity history to surface personalised insights: pace trends, effort distribution, personal records.
Recommends trails based on your performance and preferences.
Predicts trail conditions and difficulty from aggregated community data and weather feeds.
Processes trail photos and user-generated text to improve search quality.
8.2 What Our AI Does Not Do
Make decisions with legal or significant personal consequences without a human review step.
Share your individual data with third-party AI model providers — all AI processing uses anonymised or aggregated data where possible.
Infer sensitive characteristics (religion, ethnicity, health conditions beyond fitness metrics) from your data.
EU/EEA users: you have the right under GDPR Article 22 not to be subject to solely automated decision-making that produces significant effects. Contact us if you have questions about a specific AI feature.
9. How Long We Keep Your Data
You can request deletion of any or all of your data at any time — see Section 15.
10. How We Keep Your Data Secure
We use industry-standard technical and organizational measures to protect your data:
End-to-end encryption for all sensitive data in transit (TLS 1.2 or higher at all times).
Encryption of sensitive data at rest, including GPS history and health metrics.
Biometric data never leaves your device — we receive only a cryptographic confirmation token.
Strict access controls: employees access personal data only as required for their specific role.
Regular third-party security audits and penetration testing.
Firewall and intrusion-detection systems protecting our infrastructure.
Mandatory data protection training for all staff who handle personal data.
No system is completely secure
Despite our best efforts, no method of internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security, but we will notify you without undue delay (and within 72 hours for EU users as required by GDPR Article 33) if a data breach occurs that is likely to affect your rights or freedoms.
11. Children's Privacy
Kåduka is intended for users aged 16 and older. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently done so, contact privacy@kaduka.app immediately and we will delete that information promptly.
Users between 16 and 17: we recommend a parent or guardian review this policy. Features including social sharing, GPS history, and community leaderboards should be configured carefully for younger users. All sharing remains opt-in and can be set to Private.
12. Your Rights at a Glance: All Regions
Regardless of where you live, the following rights apply to your data. How to exercise them is covered in Sections 13–15.
13. European Residents: Full GDPR Rights
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent national laws apply to your data. This section supplements Sections 5 and 12.
13.1 Data Controller
Kaduka, LLC is the data controller for your personal data. Contact: privacy@kaduka.app | 8833A Midvale Ave N, Seattle, WA 98103, United States.
13.2 Special Categories of Data (GDPR Article 9)
Health data and biometric data are 'special categories' under GDPR and require explicit consent. We collect these only where you have given explicit, informed consent, which you may withdraw at any time without penalty.
13.3 International Data Transfers
Kåduka is based in the United States. When we transfer your data outside the EEA or UK, we rely on one or more of the following approved safeguards:
Standard Contractual Clauses (SCCs) approved by the European Commission.
Adequacy decisions where the destination country provides adequate protection.
Binding Corporate Rules or other legally approved transfer mechanisms.
You may request a copy of the applicable safeguards by contacting privacy@kaduka.app.
13.4 Additional GDPR-Specific Rights
Right to object to processing for direct marketing (Art. 21) — we will honour this immediately, without exception.
Right not to be subject to solely automated decision-making with significant effects (Art. 22).
Right to lodge a complaint with your EU supervisory authority — a full list is available at edpb.europa.eu.
13.5 Response Timelines Under GDPR
We will respond to all GDPR rights requests within 30 days of receipt. For complex or numerous requests, we may extend this by up to two additional months, but we will inform you within the first 30 days if an extension is needed.
13.6 Record of Processing Activities
We maintain a full record of processing activities as required by GDPR Article 30. All processing relies on one of: Art. 6(1)(a) consent; Art. 6(1)(b) contract; Art. 6(1)(c) legal obligation; Art. 6(1)(d) vital interests; Art. 6(1)(f) legitimate interests. For special category data, we rely exclusively on Art. 9(2)(a) explicit consent.
14. United States Residents: State Privacy Rights
Depending on your state of residence, you may have additional rights under state privacy laws including the California Consumer Privacy Act (CCPA/CPRA), Virginia CDPA, Colorado Privacy Act, Connecticut Data Privacy Act, and equivalent laws enacted in other states.
14.1 Categories of Personal Information Collected (CCPA Reference)
14.2 Your California and State-Specific Rights
Right to Know: what categories of personal information we collect, use, and disclose (we do not sell).
Right to Delete: request deletion of your personal information (subject to limited legal exceptions).
Right to Correct: request correction of inaccurate personal information we hold.
Right to Opt Out: opt out of any 'sale' or 'sharing' of personal information — we do not sell data, but you may contact us to confirm your status.
Right to Limit Use of Sensitive Information: restrict our use of sensitive personal information to only what is necessary to provide the service.
Right to Non-Discrimination: we will never deny service, charge you more, or provide lower quality service because you exercised a privacy right.
To exercise these rights, email privacy@kaduka.app from the address associated with your account. We will verify your identity and respond within 45 days, or the period required by your state's law.
15. Downloading and Deleting Your Data
Your data belongs to you
You have the right to take your data with you and the right to have it erased. Both are available to you at any time, with no questions asked and no penalty.
15.1 Downloading Your Data
You can request a complete export of your personal data at any time. Your export will include:
Your full GPS route history in standard GPX and JSON formats.
Your account profile, preferences, and privacy settings.
Your health and activity metrics.
Your in-app interactions and social data.
How to request: go to Settings > Privacy > Download My Data in the app, or email privacy@kaduka.app with 'Data Export Request' as the subject. We will deliver your export within 30 days in a machine-readable format you can import into other services.
15.2 Deleting Individual Activities
You can delete any individual activity — including its full GPS trace — directly from within the app at any time. The activity is permanently removed from our servers within 30 days.
15.3 Deleting Your Entire Account
You can permanently delete your Kaduka account and all associated personal data at any time:
In the app: Settings > Account > Delete Account.
By email: privacy@kaduka.app with the subject 'Account Deletion Request' and your account email address.
Account deletion is permanent and cannot be undone. Upon deletion:
Your profile, activities, GPS history, health data, and social connections will be permanently removed within 30 days.
Anonymised, aggregated data derived from your activities (such as trail popularity heatmaps) may be retained, as it cannot be linked back to you.
Payment records are retained for 7 years as required by tax law but will not be accessible through the app.
Backup systems are fully purged within 90 days of account deletion.
15.4 Verification
For security, we will verify your identity before processing any export or deletion request. This typically means confirming access to the email address associated with your account. We will respond within 45 days, or the period required by applicable law.
16. Do-Not-Track
Some browsers and devices send a Do-Not-Track (DNT) signal. Where we detect a DNT signal, we will limit collection of non-essential tracking data and will not use your information for targeted marketing. Essential functionality and security measures may still require certain data collection regardless of DNT status.
17. Policy Updates
We may update this Privacy Policy as our practices, technology, or legal obligations evolve. When we do:
The 'Last Updated' date at the top of this document will change.
For significant changes, we will provide at least 30 days' advance notice via the app and by email.
Your continued use of Kaduka after the effective date constitutes acceptance of the updated policy.
If you do not agree with a change, you may delete your account before the effective date at no penalty.
We will never reduce your privacy rights through a policy update without giving you the opportunity to opt out or delete your account first.
18. Contact Us
If you have any questions, concerns, or requests about this policy or your personal data, please reach out:
Kaduka, LLC
Privacy: privacy@kaduka.app
Website: kaduka.app
Address: 8833A Midvale Ave N, Seattle, WA 98103, United States
We aim to respond to all enquiries within 30 days, or as required by applicable law.
© 2025 Kaduka, LLC. All rights reserved. This Privacy Policy is effective as of May 1, 2025 and supersedes all previous versions.
Location privacy protections informed by peer-reviewed research: Mink et al., CHI 2022. DOI: 10.1145/3491102.3502136
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 20 17" xmlns="http://www.w3.org/2000/svg"><g d="M 9.952 2.85 C 9.606 2.377 9.136 1.903 8.542 1.43 C 7.362 0.477 6.162 0 4.942 0 C 3.816 0 2.729 0.41 1.682 1.23 C -1.111 3.53 -0.571 6.913 3.302 11.38 C 5.242 13.607 7.459 15.607 9.952 17.38 C 12.452 15.607 14.672 13.607 16.612 11.38 C 20.486 6.913 21.022 3.53 18.222 1.23 C 17.176 0.41 16.092 0 14.972 0 C 13.752 0 12.549 0.477 11.362 1.43 C 10.996 1.723 10.649 2.047 10.322 2.4 L 9.952 2.85 M 2.442 2.17 C 3.269 1.523 4.102 1.2 4.942 1.2 C 5.882 1.2 6.836 1.59 7.802 2.37 C 8.289 2.763 8.682 3.16 8.982 3.56 L 9.952 4.87 L 10.922 3.56 L 12.102 2.37 C 13.069 1.59 14.026 1.2 14.972 1.2 C 15.799 1.2 16.632 1.523 17.472 2.17 C 18.366 2.903 18.792 3.783 18.752 4.81 C 18.692 6.47 17.576 8.51 15.402 10.93 C 13.836 12.67 12.019 14.323 9.952 15.89 C 7.886 14.323 6.069 12.67 4.502 10.93 C 2.329 8.51 1.212 6.47 1.152 4.81 C 1.126 3.777 1.556 2.897 2.442 2.17" fill="transparent" height="17.379999952316282px" id="AxX6s3ET9" width="19.984374960920544px"><path d="M 9.952 2.85 C 9.606 2.377 9.136 1.903 8.542 1.43 C 7.362 0.477 6.162 0 4.942 0 C 3.816 0 2.729 0.41 1.682 1.23 C -1.111 3.53 -0.571 6.913 3.302 11.38 C 5.242 13.607 7.459 15.607 9.952 17.38 C 12.452 15.607 14.672 13.607 16.612 11.38 C 20.486 6.913 21.022 3.53 18.222 1.23 C 17.176 0.41 16.092 0 14.972 0 C 13.752 0 12.549 0.477 11.362 1.43 C 10.996 1.723 10.649 2.047 10.322 2.4 L 9.952 2.85 M 2.442 2.17 C 3.269 1.523 4.102 1.2 4.942 1.2 C 5.882 1.2 6.836 1.59 7.802 2.37 C 8.289 2.763 8.682 3.16 8.982 3.56 L 9.952 4.87 L 10.922 3.56 L 12.102 2.37 C 13.069 1.59 14.026 1.2 14.972 1.2 C 15.799 1.2 16.632 1.523 17.472 2.17 C 18.366 2.903 18.792 3.783 18.752 4.81 C 18.692 6.47 17.576 8.51 15.402 10.93 C 13.836 12.67 12.019 14.323 9.952 15.89 C 7.886 14.323 6.069 12.67 4.502 10.93 C 2.329 8.51 1.212 6.47 1.152 4.81 C 1.126 3.777 1.556 2.897 2.442 2.17" fill="rgb(255, 0, 0)" height="17.379999952316282px" id="ql_EbdlRv" transform="translate(0 0)" width="19.984374960920544px"/></g></svg>)
