##ALERT: A bit of Anonymous Tracking has been Added to SmartTiles v5.6.1
A bug fix / maintenance release of SmartTiles (v5.6.1) will be deployed imminently. A very small part of this upgrade is the addition of some anonymous statistical tracking written to a secure external database.
Our “Privacy Policy” remains unchanged (and, well, as of this moment, sorry, it is still unpublished in any formal way): But in summary: @625alex and I do not intentionally capture or share any data about your Account, Location, Devices, Access Tokens, SmartApp instance id, etc… We do capture your IP address and “Region Code” (US or UK) upon web based installation, and your email address (if you voluntarily supplied it on our installation web page). We also have non-granular tracking enabled via WordPress plugins on the http://SmartTiles.click web page. This information is for internal statistical analysis only and will never be shared or sold. This information (source IP address, pages visited, etc.) is no different than the access logs of nearly every typical website.
SmartTiles v5.6.1 has added a tiny bit of tracking code to our dashboard SmartApp solely to allow us to determine the number of active Locations and Dashboards and the total count of full refresh calls. This data will help us measure growth in actual live and active dashboards, as opposed to those which are installed and not used, or installed and then removed (or installed and have already been removed).
Each tracking record is keyed using a one-way-hashed (MD5) value, calculated in the SmartApp before storage, so that it is anonymous and non-traceable back to individual users or Locations. We do not use any browser “cookies”.
NB: even if we did not hash the Location ID; the Location ID is a meaningless UUID number on its own. Of course, clever data mining is possible – in theory, Location ID could be used to correlate tracking activity between multiple different SmartApps, if the other SmartApps used the same tracking mechanism and we shared the data with those other SmartApp developers … which we don’t. Even in this latter situation, we would not know, nor attempt to know, any user-identifiable data related to this set of SmartApps
We lean towards maximum disclosure. We believe that “anonymous and non-correlated tracking” is common and typical, so I am sharing the tracking source code here (minus the details of the secure Firebase database that is used for storage). We may modify this code slightly, but the anonymous characteristics will always be maintained.
def hash = new BigInteger(1,java.security.MessageDigest.getInstance("MD5").digest("${location.id}".getBytes())).toString(16).padLeft(32,"0")
def timestamp = [".sv": "timestamp"]
if( state?.refreshCount == NULL ) { state.refreshCount = 0 }
state.refreshCount = state.refreshCount + 1
def String instanceName = appInstance()
def map = [
uri: appSettings.apiPath + "/${hash}.json",
body: ["time" : timestamp, server: getApiServerUrl(), ("${appInstance()}") : ["instanceID" : instanceName, "instanceTime" : timestamp, "refreshCount" : state?.refreshCount, tileCount: state.tileCount]],
headers : ["x-http-method-override" : "PATCH", auth : appSettings.apiKey, print : "silent"]
]
httpPostJson(map) {}
###Your questions regarding the above tracking policy and source code are welcome.
You can respond in this Topic or private email to: Support@SmartTiles.click
We reserve the right to change our tracking policy to less anonymous mechanisms, but we will provide at least 14 days notice and an “in-app” notification that would possibly allow users to opt out of tracking, or at least be informed enough to choose to discontinue their use of SmartTiles. At this time, we have no intention of more detailed tracking, and, in fact, personally identifiable tracking via the SmartTiles V5 design is impossible or very very difficult, so we don’t even have time or energy to consider it.
Inaccuracies or corrections will be updated in-place and/or noted in a soon to be published “Privacy Policy”.
Sounds reasonable to me.