Petal Maps: Protecting Users’ Personal Data from Misuse and Theft

Since the introduction of the General Data Protection Regulation (GDPR) law in Europe in 2018, many organisations with cross-border business have invested in personal data privacy measures to protect their users’ data against external attacks and misuse. Petal Maps, a location and navigation app that processes user data, is a strong example of how an app can champion user data protection, with three separate routes to ensure the ultimate safeguarding practice.

Data protection is fundamental to any organisation and Petal Maps is proud to be transparent over its approach to protecting its users.

When looking at data collection, the first step in protecting users is by using random identifiers and data storage solutions to anonymise personal location information. With a service such as Petal Maps, a larger data pool is often needed over a longer period to create accurate user profiles. This means that information about users’ travel habits, including where they frequently visit and preferred means of transport, is needed to build up a catalogue of recommendations to improve the user experience.

While this data collection method is crucial in providing users with an improved, personalised in-app experience, Petal Maps understands that it can be more easily subject to data leaks or additional processing beyond the app. Ultimately, this has been an area of focus for Petal Maps and its development, and something the team has been keen to address.

Overall, Petal Maps is attentive when it comes to data collection. For example, the content that each user explores within the app is not directly associated with that user’s account or bound to a fixed, specific identifier. When looking at Petal Maps’ search terms, direction routes and route planning data collection, all data links to a random identifier, essentially a session ID that generates randomly every time the app is in use. This leads to a collection of data that is too fragmented to produce a thorough impression of the user, without jeopardizing the benefits of a personalised Petal Maps experience.

Furthermore, Petal Maps uses additional data storage solutions to ensure the safety of its users. One example is that the app reduces the accuracy of longitude and latitude of points of interest (POIs) within the platform, limiting each measurement to two decimal places. Users’ direction trajectory is further secured by being processed up to one mile from the original starting point, with the destination removed altogether to further mask each user’s location.

As well as the importance of data processing, the data storage location is another essential component to protect users. Traditionally, users’ personal data is collected and retained in the cloud for convenient and efficient management by default, however, this can often lead to data leaks and even incidents of money loss.

With this risk in mind, Petal Maps offers a choice to its users, allowing each individual the option of where their data is stored through an independent cloud space control button within the app. Rather than automatically uploading data to the cloud space without obtaining consent, Petal Maps gives its users’ control over how their information is stored. What’s more, if users’ choose their device as the only data storage location, all personal information is encrypted meaning it can only be read by that device.

By choosing how their personal data is used and stored within the app, users can personalise their own Petal Maps experience. As in-app recommendations are based on the data stored within each device, those choosing to avoid cloud storage can feel reassured that they are still receiving a truly unique Petal Maps experience.

The only need for cloud data storage is when individuals wish to access their data via other devices, where switching to cloud space is recommended. In this instance, Petal Search ensures the maximum level of security by enforcing end-to-end encryption to guarantee that cannot be read by others.

While Petal Maps demonstrates a true passion for protecting its users’ data, there will always be those who remain concerned over personal privacy. As a last resort, Petal Maps users can choose to remain anonymous while using the app; individuals can enjoy many of the app’s key features without leaving any trace of data behind at all.

On downloading and using Petal Maps, service providers will amass the necessary data to provide relevant services; each user will have personal usage record stored on their device (if they’ve activated data sync).

To erase pre-existing location data, users can simply go to the app management page and manually delete it. To avoid collection altogether, Petal Maps offers an incognito mode which disguises each user without needing a HUAWEI ID login or similar. Once in incognito mode, users’ search terms, route plans and direction records are no longer captured by the map service provider or saved within the cloud space or device. Essentially, this mode removes any reference to where each user has or hasn’t been using the app. While this can be a great choice for those who are concerned about their personal information, incognito mode means that Petal Maps is unable to personalise that individuals map experience, limiting access to key features such as the location recommendations.