SlugPark

UCSC

SlugPark

Back

Privacy Policy

SlugPark Last Updated: February 16, 2026

Effective Date: February 16, 2026

1. Introduction

This Privacy Policy ("Policy") describes how SlugPark ("we," "us," "our," or the "App") collects, uses, discloses, and otherwise processes personal information in connection with our mobile application and related services (collectively, the "Services"). By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree to this Policy, you must not access or use the Services.

SlugPark is a parking recommendation and availability tracking application designed for the University of California, Santa Cruz ("UCSC") campus community.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information. When you create an account, we collect your email address and password. Passwords are managed by our authentication provider (Supabase) and are not stored in plaintext.
  • Permit and Preference Data. You may provide your parking permit type, allocated parking lot group, preferred walking distance, notification preferences, and theme preferences.
  • Parking Sessions. When you log a parking session, we collect the zone where you parked, your destination, session start and end times, planned duration, and any session notes you provide.
  • Saved Destinations and Schedules. If you save destinations or create recurring parking schedules, we store those selections, custom labels, and associated timing information.
  • Availability Reports. When you submit a crowdsourced parking availability report, we collect the zone identifier, the availability level you selected (e.g., empty, available, limited, full), and the source of the report (manual input or inferred from session activity).
  • Feedback. If you provide feedback on parking recommendations, we collect your feedback response and any accompanying notes.

2.2 Information Collected Automatically

  • Device and Usage Information. We collect information about your device type, operating system, app version, and general usage patterns through our analytics provider (PostHog). This includes screen views, feature interactions, and session-level activity.
  • Session Replay. We use PostHog session replay to record how users interact with the App for the purpose of improving user experience and identifying bugs. All text input fields are masked during replay capture. Session replay does not capture passwords or authentication credentials.
  • Error and Performance Data. We use Sentry to collect crash reports, error logs, and performance metrics. This data may include device information, operating system version, and stack traces associated with errors.
  • Location Data. If you grant location permissions, we collect your device's geographic coordinates to display nearby parking zones and calculate walking distances. Location data may optionally be included when you submit an availability report. We do not continuously track your location in the background.

2.3 Information from Third-Party Services

We receive authentication tokens and session management data from Supabase, our backend infrastructure provider, to maintain your authenticated session.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Services. To generate parking recommendations based on your permit type, destination, arrival time, and duration; to track your parking sessions and history; and to display crowdsourced parking availability information.
  • Personalization. To remember your preferences, saved destinations, and recurring schedules, and to tailor recommendations accordingly.
  • Crowdsourced Availability. To aggregate availability reports from multiple users and compute real-time parking availability scores for each zone. Individual reports are aggregated and weighted using a time-decay algorithm; availability data displayed to other users is not attributed to any individual reporter.
  • Notifications. To send local push notifications for parking timer reminders, expiration alerts, and daily parking reminders, subject to your notification preferences and device permissions.
  • Analytics and Improvement. To understand how users interact with the App, identify bugs, improve features, and monitor performance.
  • Security and Integrity. To detect and prevent fraud, abuse, and security incidents.

4. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We share information in the following circumstances:

4.1 Service Providers

We use the following third-party service providers to operate the Services:

| Provider | Purpose | Data Shared | |----------|---------|-------------| | Supabase | Backend database, authentication, and real-time data infrastructure | Account data, parking sessions, availability reports, user preferences | | Sentry | Error tracking and performance monitoring | Crash reports, error logs, device information, user identifiers for error correlation | | PostHog | Product analytics, feature flags, and session replay | Usage events, screen views, session interactions (text inputs masked), user identifiers | | Mapbox | Map rendering and geographic data display | Map tile requests (may include approximate viewport location) | | Expo | Application framework and over-the-air update delivery | Device type and app version for update compatibility |

Each service provider processes data in accordance with its own privacy policy and applicable data processing agreements.

4.2 Aggregated and De-identified Data

We may share aggregated or de-identified data that cannot reasonably be used to identify you, such as aggregate parking availability statistics across zones.

4.3 Legal Obligations

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe in good faith that such disclosure is necessary to protect the rights, property, or safety of SlugPark, our users, or the public.

5. Data Storage and Security

  • Cloud Storage. Your data is stored on Supabase's cloud infrastructure. Supabase provides row-level security policies to ensure that users can only access their own data.
  • Local Storage. Authentication tokens are stored on your device using platform-specific secure storage mechanisms (iOS Keychain, Android Secure Shared Preferences). Certain usage statistics may be stored locally on your device.
  • Security Measures. We implement commercially reasonable technical and organizational measures to protect your information, including encrypted data transmission (HTTPS/TLS), secure token storage, and database-level access controls. However, no method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.

6. Data Retention

  • Account Data. We retain your account data for as long as your account remains active. If you delete your account, we will delete or de-identify your personal information within a reasonable period, except as required by law.
  • Parking Sessions and History. Session data is retained for as long as your account is active to provide you with parking history and statistics.
  • Availability Reports. Crowdsourced availability reports are retained indefinitely to support historical analysis and improve the accuracy of the availability algorithm. Reports older than 60 minutes are not used in active availability calculations.
  • Error and Analytics Data. Error logs and analytics data are retained in accordance with the retention policies of our third-party service providers (Sentry and PostHog).

7. Your Rights and Choices

7.1 Account and Data Management

  • Access and Correction. You may access and update your profile information, preferences, and saved data through the App's settings.
  • Location Permissions. You may enable or disable location permissions at any time through your device's operating system settings.
  • Notifications. You may enable or disable push notifications through the App's profile settings or your device's notification settings.
  • Demo Mode. You may use certain features of the App without creating an account. In demo mode, limited analytics data may still be collected.

7.2 California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act ("CCPA") and the California Privacy Rights Act ("CPRA"), including:

  • Right to Know. You have the right to request information about the categories and specific pieces of personal information we have collected about you.
  • Right to Delete. You have the right to request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out of Sale or Sharing. We do not sell or share your personal information for cross-context behavioral advertising purposes.
  • Right to Non-Discrimination. We will not discriminate against you for exercising your privacy rights.

To exercise these rights, please contact us using the information in Section 11.

7.3 Do Not Track

The App does not respond to "Do Not Track" browser signals. However, you may control analytics data collection by adjusting your device permissions and notification settings within the App.

8. Children's Privacy

The Services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly. If you believe that a child under 13 has provided us with personal information, please contact us using the information in Section 11.

9. Third-Party Links and Services

The App may display information about third-party services, including ParkMobile, for informational purposes. We do not process payments or handle financial transactions. Any interaction with third-party services is governed by those services' own terms and privacy policies. We are not responsible for the privacy practices of any third party.

10. Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will notify you by updating the "Last Updated" date at the top of this Policy and, where appropriate, providing additional notice through the App. Your continued use of the Services after any changes constitutes your acceptance of the revised Policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: support@slugpark.app

12. Disclaimer Regarding University Affiliation

SlugPark is an independent application and is not officially affiliated with, endorsed by, or sponsored by the University of California, Santa Cruz, or the University of California system. All parking zone data, lot information, and campus references are provided for informational purposes only. Users should always verify parking regulations, signage, and permit requirements directly with UCSC Transportation and Parking Services.