Skibi Privacy Policy

Effective date: July 6, 2026

Privacy Policy — Human Readable Version

I respect your privacy on the mountain and don't want to do anything creepy with your data. Skibi is built to enhance your skiing experience, not to harvest your personal information. Here is exactly how your data is handled.

What I Collect and Why

GPS, Run Tracking & Background Location. To track your runs while your phone is safely in your pocket, Skibi collects your precise GPS location — including in the background, while the app is closed or not in use — along with speed and altitude. When you record an activity, the full GPS track of that activity (route points, altitude, timestamps, and the runs and lifts you took) is uploaded to my server and stored with your account so you can see your history and sync across devices. You can delete any recorded activity from within the app at any time.

Routing & Performance Telemetry. When you plan a route, Skibi sends my server a small telemetry packet tied to your account: the route's start and end coordinates, your selected skill level, your device model, how long the route calculation took, and battery/temperature readings. I use this solely to verify routing quality, battery performance, and safety of the routing engine — never for advertising.

Live Location Sharing (optional). You can choose to share your real-time location with a specific friend you have connected with. This is off by default and only starts when you explicitly start a share. While a share is active, that one person can see your identified, precise live position. Every share has a time limit, you can stop it at any time, and your live position is deleted from my server the moment the share ends or expires.

Friends & Invite Links. If you connect with friends via invite links, I store the connection between your accounts so features like location sharing work.

Voice Control (on-device). If you enable voice control, Skibi listens for the "Hey Apex" wake word using your phone's built-in, on-device speech recognition. Audio is processed entirely on your device — no audio recording or transcript is ever sent to my servers. The microphone permission is used only for this feature and you can decline or revoke it without losing any other functionality.

Account Information. If you create an account (email/password or Google Sign-In), I collect your name and email address to operate your account and sync your data across devices.

Imported Files. If you import a GPX file, its track data is treated the same as an activity you recorded in Skibi.

Third-Party Services & Safety

Firebase Authentication (Google). Sign-in is handled by Google's Firebase Authentication. When you sign in, Google receives and stores your email address, password (for email sign-in), and related sign-in data such as IP addresses, as described in Google's privacy documentation (firebase.google.com/support/privacy). If you use Google Sign-In, Google also knows you use Skibi.

Mapbox. Skibi uses the Mapbox Maps SDK to render its 3D winter maps. The Mapbox SDK may collect device and map-usage telemetry (such as approximate location and device data) to improve Mapbox's services, under Mapbox's own privacy policy (mapbox.com/legal/privacy). Mapbox does not receive your Skibi account details or email. You can opt out of Mapbox telemetry via the map's attribution (ⓘ) menu.

Weather. Skibi shows resort weather using the Open-Meteo API. My server requests weather for the resort's coordinates — your personal location is never sent to Open-Meteo.

Hosting. My server runs on Amazon Web Services (AWS) in eu-central-1 (Frankfurt, Germany). Your account data, activities, and telemetry are stored there.

Emergencies. If ski patrol or local search-and-rescue teams reach out regarding a missing skier, and providing your last known location could save your life, I will cooperate with them.

What I Don't Do

No Advertising or Ad Tracking. Skibi contains no advertising SDKs and no third-party analytics or ad-tracking tools. The only usage data I collect is the routing/performance telemetry described above, which exists to keep the routing engine safe and accurate.

No Data Selling. I will never, ever sell your data to advertisers or data brokers.


Privacy Policy — Legalese Version

1. Introduction and Data Controller

Skibi is developed and operated by Michael Zagel, an independent software developer based in Rehovot, Israel ("I", "me", or "my"), reachable at support@skibi.app. This Privacy Policy explains how I, acting as the data controller, collect, use, and disclose your information when you use the Skibi mobile application and its associated services (collectively, the "Services").

2. Information I Collect

3. Legal Bases and How I Use Your Information (GDPR Art. 6)

4. Third-Party Sharing

I do not sell personal data. I share information only as follows:

5. International Transfers

Data may be processed in the United States (Firebase authentication data). Application data is hosted on AWS in eu-central-1 (Frankfurt, Germany). Transfers from the EU/EEA rely on the EU–U.S. Data Privacy Framework and/or Standard Contractual Clauses entered into with the providers listed above.

6. Data Retention

7. Children's Privacy

Skibi is not directed to individuals under the age of 13 (or 16 in certain European jurisdictions). I do not knowingly collect personal information from children. If you become aware that a child has provided me with personal data, please contact me so I can remove the data and terminate the account.

8. Your Rights and Control

9. Policy Changes

I may modify this policy. Material changes will be announced in-app and the current version will always be available at https://legal.skibi.app/privacy, with its effective date shown.

10. Contact

Michael Zagel — support@skibi.app