Transparency, safety, and control. Learn how SummitX handles your data, integrates with trusted partners, and provides secure access for developers and expedition teams.
We only share data when it directly enhances your safety, improves expedition logistics, or enables seamless partner services. Every integration is governed by strict Data Processing Agreements (DPAs), GDPR/CCPA compliance, and user consent protocols.
Detailed breakdown of data types collected, shared, and their specific purposes across our platform and partner ecosystem.
| Data Category | Purpose | Shared With | Retention | Classification |
|---|---|---|---|---|
| Real-time GPS & Route | Safety monitoring, emergency routing, guide coordination | On-ground guides, rescue services | 30 days post-trip | Safety Critical |
| Health & Medical Profile | Allergy tracking, altitude sickness prevention, emergency response | Medical partners, expedition doctors | Until opt-out or 5 years | HIPAA/GDPR |
| Booking & Payment Info | Reservation processing, gear allocation, accommodation booking | Payment gateways, logistics partners | 7 years (financial compliance) | Logistics |
| Environmental Telemetry | Weather adaptation, trail condition monitoring, conservation reporting | Weather APIs, park authorities, research NGOs | Anonymous aggregates | Anonymized |
| Feedback & Media | Service improvement, marketing consent, community showcases | Internal analytics, opted-in partners | Until deleted or 2 years | Opt-in Only |
We integrate exclusively with vetted providers who meet our security, reliability, and ethical standards.
Real-time location sharing and medical profile access during red-flag safety events or SOS triggers.
Hyperlocal forecasts, storm tracking, and microclimate analysis for route planning and daily briefings.
Automated gear sizing, shuttle scheduling, and camp supply chain coordination based on itinerary.
Partners and certified developers can access expedition data through our secure REST API. Sandbox credentials available upon partner onboarding.
Use Bearer tokens for all requests. Tokens expire after 3600s. Refresh using your partner secret.
Retrieve expedition telemetry, group manifests, or safety alerts. All endpoints require valid authentication.
Strict rate limiting and data minimization enforced. All requests are logged for audit compliance.
You maintain full ownership of your data. Adjust sharing preferences directly in your account dashboard or use these quick toggles for trip-specific settings.
Enable continuous GPS tracking for guides and emergency services.
Allow restricted access to allergies, conditions, and medications.
Contribute trail conditions and weather data to open research.
Receive curated gear deals and partner expedition offers.
Need to export or delete your data? Visit your Privacy Dashboard or contact our Data Protection Officer at dpo@summitx.com. All requests processed within 30 days per GDPR/CCPA.