OutPack logo showing a feather with mountains
Sign In

Privacy Policy for outpack.app

Last Updated: July 31, 2025

1. Introduction

Welcome to outpack.app (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and any associated mobile applications. We are committed to protecting your personal data and your right to privacy. By using the Service, you agree to the collection and use of information in accordance with this policy.

This Privacy Policy is an integral part of our Terms of Service. Please read it carefully to understand our views and practices regarding your personal data and how we will treat it.

Data Controller: Andrew Carmichael, trading as outpack.app, a sole trader based in Scotland, is the data controller responsible for your personal data under UK GDPR.

Definitions

Personal Data: Any information that relates to an identified or identifiable individual. This includes, but is not limited to, your name, email address, IP address, device identifiers, and Geolocation Data.

Usage Data: Information collected automatically through your interaction with the Service. This includes technical details such as your browser type, operating system, the pages you visit, and the time you spend on them.

User Content (or Contributions): All materials and information that you create, submit, post, or transmit on the Service, including trip logs, gear reviews, location pins, photographs, videos, and comments.

Service: The outpack.app website, any associated mobile applications, and all related functionalities and offerings.

2. Data We Collect

We collect information to provide and improve our Service to you. The types of personal information we may collect are:

A. Information You Provide Directly

Account Information: When you register for an account, we collect your name, email address, and password.

Profile Information: You may choose to provide a username, profile picture, and other details.

User Content: We collect the content you create and share, such as trip reviews, gear lists, photos, videos, and comments. This may include embedded metadata, such as the time and location a photo was taken.

B. Information Automatically Collected

Usage Data: We automatically collect information about your device and how you interact with our Service. This includes your IP address, browser type, device type, operating system, referring URLs, pages viewed, and timestamps of your visits.

Geolocation Data: We collect information about your location to provide location-based features. This may be derived from your device's GPS, IP address, or from coordinates you manually enter. We will specify when we are collecting this data and request your consent where required.

C. Information from Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Service and hold certain information. For more details, please see Section 8, "Cookies and Tracking Technologies."

3. How We Use Your Data (Purpose of Processing)

We use the information we collect for various purposes, including:

  • To Provide and Maintain the Service: To operate the platform, display content, and monitor for issues.
  • To Manage Your Account: To handle your registration, authenticate you, and provide access to your user profile and settings.
  • To Personalize Your Experience: To recommend content, such as nearby trails or similar trips, based on your activity and location.
  • To Enable Community Features: To facilitate interactions between users, such as comments, direct messaging, and sharing trip information.
  • For Service Improvement and Analysis: To understand how our users interact with the Service so we can improve its features, performance, and usability. We typically use aggregated and anonymized data for this purpose.
  • For Security and Fraud Prevention: To protect our platform, our users, and the public from malicious, fraudulent, or illegal activity.
  • To Communicate with You: To send you essential service-related notifications (e.g., account verification, changes to our policies). With your explicit consent, we may also send you marketing communications, such as newsletters, which you can opt-out of at any time.

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following situations:

With Service Providers: We share data with third-party vendors who perform services for us, such as cloud hosting (e.g., Amazon Web Services), data analytics (e.g., Google Analytics), and email delivery. These providers are contractually obligated to protect your data and are restricted from using it for any other purpose.

With Other Users: When you submit User Content, it is public by default. Your username, profile picture, and the content you share (including any location data within it) will be visible to other users of the Service and potentially the general public.

For Business Transfers: In the event of a merger, acquisition, bankruptcy, or other sale of all or a portion of our assets, your information may be transferred to the acquiring entity. We will notify you before your personal information is transferred and becomes subject to a different privacy policy.

For Legal Compliance and Safety: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency). We may also disclose your information if we believe it is necessary to protect the rights, property, or personal safety of our company, our users, or the public.

5. Your Data Rights and Controls

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure ("Right to be Forgotten"): You have the right to request the deletion of your personal data, subject to certain exceptions (e.g., for compliance with a legal obligation).
  • Right to Restrict Processing: You have the right to request that we temporarily halt the processing of your data under certain conditions.
  • Right to Data Portability: You have the right to receive your data in a structured, machine-readable format and to transmit it to another service.
  • Right to Object: You have the right to object to our processing of your data where we are relying on a legitimate interest as the legal basis.
  • Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at privacy@outpack.app. We will respond to your request within one month of receipt.

6. Data Security, Retention, and International Transfers

Security

We use administrative, technical, and physical security measures to help protect your personal information. This includes encryption of data in transit (SSL/TLS) and at rest, access controls, and regular security reviews. However, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure.

Retention

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy, to comply with our legal obligations (e.g., tax and accounting requirements), resolve disputes, and enforce our legal agreements.

International Transfers

Your information, including personal data, may be transferred to—and maintained on—computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, using legal mechanisms such as Standard Contractual Clauses (SCCs) where required.

7. Children's Privacy

Our Service is not directed to anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. We recommend that individuals be at least 18 years old to create an account. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to remove that information from our servers.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to provide and improve our Service.

What are Cookies? Cookies are small text files placed on your device to store data.

How We Use Them: We use cookies for essential functions (like keeping you logged in), for remembering your preferences, and for analyzing site performance.

Third-Party Cookies: We may use third-party services like Google Analytics that use cookies to help us analyze how users interact with the Service.

Your Choices: You have control over cookies. Our cookie consent banner allows you to manage your preferences for non-essential cookies. You can also configure your browser to refuse cookies, but some parts of the Service may not function properly as a result.

9. Lawful Basis for Processing (UK GDPR)

Under UK GDPR, we must have a lawful basis for processing your personal data. Our lawful bases include:

  • Contract: Processing necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Consent: Where you have given clear consent for us to process your personal data for specific purposes.
  • Legitimate Interests: Where processing is necessary for our legitimate interests (such as improving our services) and your interests and rights do not override those interests.
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation.

10. Complaints

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details set out below. You also have the right to make a complaint to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and, where appropriate, by notifying you via email or a prominent notice on our Service. We will update the "Last Updated" date at the top of this Privacy Policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: