Privacy Policy

Who I Am

My website address is: https://sotamat.com, owned by Brian Mathews, AB6D.

SOTAMAT Mobile Apps

The SOTAmāt mobile apps (Apple App Store, Google Play Store, Amazon Appstore apps on iOS and Android) require the following permissions for the following reasons:

  • Write / Read from device storage
    • When you request that the app generate and play FT8 audio signals, the app computes up to 4 WAV audio files at different audio frequencies and stores these WAV files in your device’s file storage in a app-specific hidden temporary directory. The app then reads these audio files when playing audio. These files and hidden directory are removed when you uninstall the app.
    • When you load a “configuration blob” by pasting it into the Setup screen, the compressed configuration data is decoded and stored in an app-specific database in the device’s file system. The app loads this configuration from the database file when launched. This data is removed when you uninstall the app.
    • Other user settings (like the FT8 audio setting on the Setup tab, and the time-offset slider state) are persisted to an app-specific file. It is loaded on app launch to restore your settings. This data is removed when you uninstall the app.
    • Databases such as SOTA Summits, POTA Parks, and callsign data for participants are optionally downloaded, at your request, from the cloud and stored on your device for offline use.
  • Identifiers
    • The app stores your personally identifying Callsign and account information in the configuration, and when you use the app you transmit your callsign over the radio with a coded suffix. Your callsign is in the public domain at that point. Public skimmers, PSK Reporter, and SOTAmat will all record your transmission details including your identifying callsign in order to perform the requested functionality. In addition, SOTAmat (and other systems) will record and make publicly visible your transmission, in a decoded state on the https://SOTAmat.com/activity screen. This is to comply with USA FCC rules that amateur radio not be used for the purpose of obfuscating the meaning of a message. To comply, the decoded message information is published publicly. If your message includes sending SMS or eMail or other messages, the text of those messages including the recipients phone or email may be made public. Currently the last 4-digits of telephone numbers are hidden on the public site but the full data is retained on the SOTAmat servers in case it is needed to comply with the FCC in the future. The same is true for email addresses when you send email messages through the public system. The email addresses are obfuscated on the web site but stored in the database for compliance.
    • When you interact with this server from the mobile app, the mobile app may send identification and authentication information to the server where it is used to validate you as a registered user in good standing. The information about your callsign/username, the version of the mobile app used to connect to the server, and the success or failure to login is logged on the server. The server also logs which commands the mobile app requests on your behalf, such as downloading summit data, or posting a spot.
  • GPS Location Data
    • Use of GPS is optional.
    • GPS location data never leaves your device and is not transmitted to the server.
    • GPS is used by the following features: to locate the nearest SOTA Summits or POTA Parks to your current location, to provide bearing information to your selected Summit or Park destination, including Elevation required to activate a SOTA Summit,
    • At some point GPS may be used to capture accurate time in order to synchronize to the international FT8 standard. However, as of writing this policy the software does not have the ability to use GPS time data.

Comments

Currently the web site commenting feature is disabled. If, in the future, this feature is enabled, when visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

Currently the web site upload feature is disabled. If, in the future, this feature is enabled, if you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you register on this site, log-in to a registered account, or leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. If you select “Remember Me”, your login will persist. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you register, login, post a comment, edit an article, or request a password reset, your IP address will be included in the reset email, and our email service provider (SendInBlue) may have access to your email address and other personal information.

Our SMS and eMail provider Twilio, may have access to the information you share when executing a command on your request. For example, your telephone number or email address, and information in the messages that travel to/from SOTAmat.

See the section on Mobile Apps above, where it is discussed how your over-the-air transmissions are made public (your callsign and command details) on the web site.

How long we retain your data

If you leave a comment, post an article, register for an account, or similar activity, the content and its metadata may be retained indefinitely.

Your public over-the-air transmission decodes are retained for FCC compliance indefinitely.

For users that register on our website, we store the personal information provided in their user profile. Users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit such information.

System transaction log data is not stored indefinitely, and is managed by a service that rotates log files. The exact time frame for when a log is purged depends on the rate of data being logged and thus is not a fixed term.

What rights you have over your data

If you have an account on this site, or have left comments, you can request a copy of the personal data we hold about you. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes, such as decodes of your over-the-air transmissions.

Note that while some data is easy to retrieve and send to you, the service combines

Where we send your data

Visitor comments may be checked through an automated spam detection service. Emails, SMS messages (or other similar instant messages), and SOTA spots all share required data with our service providers or partners, including SendInBlue, Twilio, SOTA.org.uk, etc.

Contact Me

If you have questions or issues, including privacy issues, let me know. This service, like most of amateur radio, is my hobby and not a business. I created it for the benefit of the community and to learn new skills. I would very much love to hear from you but my family and my business take priority, so I will respond time permitting. You can reach me on the SOTA-NA Slack site (where I hang), or:
s u p p o r t @ s o t a m a t . c o m