I'm Sam Schooler, an independent developer. I built Bike Action Denver on my own and I host this privacy policy at sam.ink. The app is open source under the MIT license and is not operated by, affiliated with, or endorsed by the City and County of Denver. The app submits reports to Denver's 311 system on your behalf — that's the only relationship. If you want to reach me about privacy, email me at privacy@sam.ink.
Bike Action Denver does not have its own server. I, as the developer, do not receive any data from you — not your photos, not your reports, not analytics, not crash logs, not even the fact that you opened the app. Everything below either stays on your iPhone or goes directly from your iPhone to Denver or to Microsoft's Azure AD B2C login service.
| Data | Who receives it | Where it lives |
|---|---|---|
| Photos you capture or pick | Your device only | Processed on-device, then sent to Denver 311 only when you tap submit |
| License plate text (OCR) | Your device, then Denver 311 on submit | Computed locally from the photo |
| Vehicle type and color | Your device, then Denver 311 on submit | Computed locally from the photo |
| EXIF GPS coordinates | Your device, then Denver 311 on submit | Read locally from the photo |
| Street address | Your device, then Denver 311 on submit | Resolved locally via Apple's geocoder from EXIF GPS |
| Observed date/time | Your device, then Denver 311 on submit | Read locally from the photo |
| Your Denver sign-in (email, password) | Azure AD B2C (Microsoft, on Denver's behalf) | Never touches the app beyond the login screen |
| id_token, refresh_token | Issued by Azure AD B2C | Stored in the iOS Keychain on your device |
| Your profile (first name, last name, email, phone, Denver b2cId) | Denver (den.denvergov.org/api/profiles) | Held in memory while the app runs; not written to disk |
| Submitted report | Denver 311 (den.denvergov.org/api/cases) | Stored in Denver's 311 system |
| Case history | Denver 311 | Fetched on demand; not cached on disk |
| Analytics, crash reports, device IDs, ad IDs | Nobody | Not collected |
The app developer (me, Sam Schooler) does not collect, see, or store any of this. I have no backend, no database, no logs.
Detecting violations. When you capture or pick a photo, the app runs license plate OCR, vehicle detection, and color analysis on your iPhone using Core ML. Your photo never leaves the device during this step. If you discard the report, the analysis is discarded with it.
Filing a 311 case. When you tap submit, the app sends the photo, coordinates, street address, plate, vehicle type, vehicle color, observed date, and your profile (Denver b2cId, first name, last name, email, phone) to Denver's 311 API. Denver needs your contact info so 311 can follow up on the case. That submission is the only time data leaves your device.
Signing you in. Sign-in happens in a secure web view against Denver's Azure AD B2C tenant at denverresidents.b2clogin.com. B2C returns an id_token and a refresh_token. The tokens go into the iOS Keychain, which is hardware-encrypted. They rotate automatically, and a persisted B2C session cookie keeps silent SSO working, so you normally stay signed in until you sign out.
Showing your case history. The History tab calls Denver's /api/cases endpoint and renders the results with Apple Maps and thumbnails from Denver's /api/cases/attachments/thumbnail/{attachmentId}. Nothing is saved to disk.
There is no developer-side server. I do not run a database, cache, proxy, or log aggregator.
Two, both required for the app to do its job:
denverresidents.b2clogin.com). Handles sign-in. See: privacy.microsoft.comThat's it. No Firebase, no Sentry, no Crashlytics, no Mixpanel, no Google Analytics, no Facebook SDK, no advertising networks, no attribution SDKs.
None. The app contains zero analytics SDKs and zero tracking SDKs. It does not use the iOS Advertising Identifier. It does not show the App Tracking Transparency prompt because it has nothing to track. It does not collect crash reports — if the app crashes, I only find out if you tell me.
The app is rated 4+ but it is not directed at children under 13. It requires a Denver resident account and is meant for adults filing 311 reports. I do not knowingly collect information from children, and in fact I don't collect information from anyone. If you believe a child has created a Denver resident account to use this app, please contact Denver 311 — account management is on their side.
Depending on where you live, you may have additional rights under laws like the CCPA or GDPR. Since I don't collect or store your data, there's nothing on my end to access, correct, or delete. For anything Denver holds, reach out to Denver.
If I change how the app handles data, I'll update this page and bump the "Last updated" date at the top. For material changes, I'll also note it in the app's release notes. The full history of this document lives in the public GitHub repository linked from the app's Settings screen.
Questions, concerns, or corrections: privacy@sam.ink