Last updated:
KnotNow ("we", "our") is committed to protecting your privacy. This policy explains how we collect, use, store, and protect your data when you use our website and services, including KnotNow Sessions (our sailing and watersports analytics feature). We comply with applicable data protection laws including the UK GDPR.
1. Activity and Location Data (Sessions)
When you use KnotNow Sessions, you may upload activity files (GPX or TCX) that contain:
- GPS track data: Latitude, longitude, timestamps, and altitude for each point in your route
- Activity metrics: Speed, distance, duration, and related performance data
- Optional wind data: If you set or we fetch wind direction for your session
Purpose: We process this data solely to provide session analysis, including map display, VMG, tack analysis, personal bests, and performance insights. We do not use your activity or location data for advertising, profiling, or any purpose other than delivering the analytics you request.
Storage: If you use Sessions without signing in, your data stays in your browser (localStorage) and is not sent to our servers. If you sign in, we sync your sessions to our servers so you can access them from any device. Data is stored securely and is associated only with your account.
Data sources: You upload files from your own devices or services (e.g. Garmin Connect, Apple Watch, Strava). We do not receive data directly from Garmin or other providers unless you explicitly connect or export it. If we integrate with Garmin Connect or similar services in the future, we will only receive data you authorise via OAuth and will handle it in accordance with this policy.
2. Forecast Preferences and Favourites
Your customisation preferences (wind speed ranges, tide settings, schedule, favourite spots) are stored locally in your browser. If you sign in, favourites are synced to our servers so you can access them across devices. This data is used only to personalise your forecast experience.
3. Account and Authentication
When you sign in, we use Auth0 for authentication. Auth0 may collect your email, name, and profile information as required for login. We receive a user identifier to associate your data with your account. See Auth0's privacy policy for details.
4. Third-Party Services
We use the following third parties to operate our services:
- Netlify: Hosting and serverless functions. Session data for logged-in users is stored in Netlify Blobs. See Netlify's privacy policy.
- Auth0: Authentication and user management.
- Leaflet / OpenStreetMap: Map display for session routes. Map tiles are loaded from OpenStreetMap; no personal data is sent to them.
- Weather services: We may request historical weather data (e.g. wind) for your session's location and time to improve analysis. Only coordinates and time are sent; no user identity is included.
- Google Analytics / Tag Manager: We use analytics to understand how our site is used. This may include cookies and usage data. See Google's privacy policy.
5. Data Sharing and Sale
We do not sell your personal data. We do not share your activity or location data with third parties for marketing or advertising. Data is only shared with the service providers listed above as necessary to operate KnotNow.
6. Your Rights
Under UK GDPR, you have the right to:
- Access: Request a copy of the personal data we hold about you
- Rectification: Ask us to correct inaccurate data
- Erasure: Request deletion of your data
- Object: Object to processing in certain circumstances
- Data portability: Receive your data in a structured, machine-readable format
To exercise these rights, or to delete your Sessions data, please contact us. For data stored only in your browser, you can clear it by clearing your browser's local storage for this site.
7. Data Retention
We retain your data for as long as your account is active or as needed to provide the service. You can request deletion at any time. We may retain certain data where required by law or for legitimate business purposes (e.g. resolving disputes).
8. Security
We use industry-standard measures to protect your data, including encryption in transit (HTTPS). Session data is stored in secure, access-controlled systems. We do not store your activity files in raw GPX/TCX format on our servers; we process and store the derived data for analysis.
9. Changes to This Policy
We may update this policy from time to time. The "Last updated" date at the top will reflect any changes. Continued use of KnotNow after changes constitutes acceptance of the updated policy.
10. Contact
If you have questions about this privacy policy or your data, please contact us.