Sauce for Zwift

I assume Zwift don’t deem your publicly available ride data as user data. And neither would i really as without it there is no Zwift. Maybe it is maybe it isn’t but it does not bother me enough to worry about it.

But if that is the OPs concern (not what was posted as the original question) then there are a few options,

1. wait for zwift to reply here.
2. cancel zwift
   3 contact support or zwifts legal teams.

All the above is no reason to continue with the conversation so I’m off have a good days zwifting everyone

Any data that is connected to identifiable information would be considered “user data”.

1. That’s one option
2. I don’t want to but I shouldn’t have to put up with the sharing of my information without protections
3. If you want me to do that, I can, but it could mean Sauce is temporarily disabled and I don’t want that, I just want to know how my data is used, processed and stored and whether I can opt out if I have concerns about it’s use.

Based on how I understand Sauce works (I don’t use it), I don’t think there’s much to be concerned about. I do think it’s a legitimate question though, because ultimately the data is still going through a third party in some way. I think?

When the WTRL calamity over passwords for racing verification occurred, questions were asked about a third party having access to Zwift customers’ data. That was far more serious for obvious security reasons, but the principle is no different.

One would hope that Zwift themselves have long since satisfied themselves that there’s no potential data protection issue for their customers here. Zwift should be able clear things up.

…

Why are you laughing?

Option 1 is a questionable choice, since multiple people seem to be trying to end this conversation, though for what reason is not clear.

I’m new to this forum. I don’t know any of you, nor do am I familiar with any prior interactions you’ve all had, but… from an “outsider looking in perspective”, this conversation has been really strange, negative, and inexplicably condemning of the OP. (And there really is a lot of condemnation.)

This is a legitimate question about Zwift’s privacy protections (or lack thereof) of user data. Just because that data is public facing doesn’t mean the company has the right to bundle it up and sell it. Just because other companies can scrape doesn’t mean the company has the right to bundle it up and sell it. Just because someone on this forum doesn’t feel they have anything to hide, doesn’t give the company the right to bundle it up and sell it.

I typically travel in much more technical forums where the question of the privacy protections of user data is approached more seriously. The broad assumption is that data, collected in bulk, can and likely will be used to sell you things, manipulate you, and far more.

As the OP commented, if someone doesn’t like this conversation, don’t participate. This is particularly ironic because it’s what those complaining about this conversion are saying… “Don’t like it, don’t use Zwift.” Except that’s not really the best solution is it. They don’t want to give up this forum and more than they want to give up Zwift.

It would seem the best answer would to raise this issue among those most involved in Zwift, get an idea of whether people agree and whether the OP is missing something they didn’t realize, and from there gain Zwift’s attention to the issue.

This is exactly what the OP has done, unfortunately to the condemnation of others.

Thank you Tim.

Frankly I was quite surprised by the vitriol I received. I’ve observed these forums for a while and, it seems, that the same group of people seek to shut down discussions (use of “discussion” is deliberate) that they don’t agree with, rather than engaged in any productive way. It’s very odd.

This is not what Sauce does. It is watching one user and Zwift is sending it the data on up to 100 riders nearby - exactly the same thing it does for Zwift itself.

There seems to be a misconception over what sauce is and what it does and also how zwift works.

Zwift - the app on your PC / AppleTV / etc, requires certain amounts of data to be able to correctly display a picture to you and for you to interact with the world on their servers. Sauce merely listens to this data. (It is not switching to different users at superhuman speed as suggested above)

Sauce also has the ability where riders mentioned in the data (like in the rider list you see in the normal hud) can be “looked up” to find out their profile data - which is also publicly available. (Just like clicking on them in companion app for example)

Sauce is just a different way of displaying the data that Zwift transmits and uses in-game.

It is not doing any magic, or stealing or storing data (it may cache some data to prevent multiple lookups)

Like others have said before, if you don’t accept that the game requires a certain amount of data sharing, you can’t use Zwift, never mind sauce. The data being shared between users is the only way the game actually functions. Otherwise you would just be on a solo ride all the time.

I’m not sure the last paragraph addresses or understands the point. Users sign up to Zwift (with the terms that come with that, notably, there is no reference to Sauce), users don’t all sign ul to Sauce, therefore, in legal terms, sauce are not allowed to process identifiable information in anyway unless I allow them to do so. How am I supposed to make an informed decision about their use of my data unless they have a data protection policy that I can read.

Tim Holmes explained it very eloquently above.

See 5.A.IX and XI of terms of service (prohibited conduct)

Use any data mining, robots or similar data gathering or extraction methods designed to scrape or extract data from our Platform, including any application that reads areas of RAM used by the Platform to store information about a character or an environment without Zwift’s prior authorization;

Develop or use any applications that interact with our Platform without our prior written authorization, including any cheats, mods or matchmaking services or applications that emulate or redirect the communication protocols used by Zwift in any way, including for unauthorized play over the Internet, network play, or as part of content aggregation networks;

Have you asked the developer for one yet?

A bit like a Spotify dashboard in excel How to make a (Spotify) Excel Dashboard - YouTube then i wonder what Spotify have in there end user license agreement.

To quote spotify EULA

“In posting or sharing User Content or other information on the Spotify Service, please keep in mind that content and other information will be publicly accessible, and may be used and re-shared by others on the Spotify Service and across the web, so please use caution in posting or sharing on the Spotify Service, and be mindful of your account settings. Spotify is not responsible for what you or others post or share on the Spotify Service.”

I was just thinking all zwift need is something similar and here we go it’s already there Zwift EULA,

“When you post or otherwise share User Content on or through our Platform, you understand that your User Content and any associated information (such as your username or profile photo) may be visible to others”

So what more do we need?

Now you could argue that the scraping of data is against terms or service and i would agree technically that is but has no impact on the user only whether Zwift think it’s acceptable or not. and so far they have not banned/restricted access and are well aware of sauce and many other apps so my assumption is that they are happy for it to continue.

Suggest you read a few of the posts above kid.

I can make my play lists private and restrict access to my data. Also, when I delete my Spotify account, their data protection policy guarantees that they remove all my data (it is their obligation to do so).

I suggest you read a few of the posts above before you continue to misrepresent the point.

Appreciate that you’re a Sauce fan and want to defend it to the hilt while simultaneously not wanting this discussion to be taking place but I can politely remind you, again, that you do not need to participate if you don’t want to. You’ve been successful in restricting posts (that is your MO on this forum) but other people want this discussion. Please read Tim Holmes’ post.

I don’t think insulting people is the way to go, “kid”.

You continue to either wilfully or accidentally misunderstand the reality of the situation.
As you have been told previously, the only way to stop data being shared is to stop using Zwift. Zwift needs to expose certain amounts of data (and a little but more data in the case of fair racing) to actually work. If you do not wish to participate you can simply not.

You seem to persist with the idea that Sauce is some service taking and storing your data, which it does not. You have been asked to go speak to the developer with your concerns because you are woefully misinformed in the misinformation you and some others are spreading here, almost to the point of an agenda?

It is probably time the thread is locked imho, as its descending into insults and trolling as far as I can see.

In any event, “I’m out”

As I’ve already said, the only user data that Zwift needs to expose is a User Name - and that could easily be anonymised.

The info sauce pulls…

“athlete”: {
“age”: xx,
“countryCode”: xxx,
“firstName”: “name”,
“ftp”: ,
“fullname”: “fullname”,
“gender”: “male”,
“height”: 178,
“id”:
" initials": “XX”,
“lastName”: "Surname ",
“level”: xx,
“name”: [ “first”, “surname” ],
“powerMeter”: false,
“sanitizedFullname”: “name”,
“sanitizedName”: [ “name” ],
“type”: “NORMAL”,
“updated”:
“wPrime”:
“weight”:

},
“athleteId”:
“gap”:
“gapDistance”:
“isGapEst”: false,
“laps”: [
{
“cadence”: {
“avg”:
“max”:
“peaks”: {},
“smooth”: {}
},
“draft”: {
“avg”: ,
“max”: ,
“peaks”: {

        "hr": {
            "avg": 
            "max": 
            "peaks":

“power”: {
“avg”:
“max”:
“np”:
“peaks”: {
"
“speed”: {
“avg”: ,
“max”: ,
“peaks”: {

"latency": ,
"state": { 
    "activePowerUp": null,
    "altitude": 
    "athleteId": 
    "auxCourseId": 
    "cadence": 
    "canSteer": 
    "climbing": 
    "companionApp": true,
    "courseId": 
    "distance": 
    "draft": 
    "eventDistance": 
    "eventSubgroupId": 
    "heading": 
    "heartrate": 
    "joinTime": 
    "justWatching": 
    "kj": 
    "laps": 
    "lean": 
    "overlapping": 
    "power": 
    "powerMeter": 
    "progress": 
    "reverse": 
    "reversing": 
    "rideons": 
    "roadCompletion": 
    "roadId": 
    "roadLocation": 
    "roadPosition": 
    "speed": 
    "sport": 
    "time": 
    "ts": 
    "turning": 
    "watchingAthleteId": 
    "workoutZone": 
    "x": 
    "y":

Edit - I’m not fixing the quote, that’s to much hard work…

I wasn’t going to get involved in this discussion but what the heck.

We may not have heard from Zwift but I don’t think we should take that as their agreement that it is ok to scrape information from their system

I believe that the first time we found out that they didn’t like ZAM is when we found they had made some changes at their end so that ZAM no longer worked.

I suspect that through this thread and others Zwift are now in a position where they can no longer ignore what is happening. They are probably working behind the scenes to prevent this data scraping in future and can not at this point in time condone or censure what is happening as they can not immediately deal with either outcome.

I have just signed up for Sauce and find it useful but by signing up I must take responsibility for and trust how they treat any of my information they are able to gather from Zwift.

If, like the OP, I had not signed up to Sauce I might well be asking Sauce how they keep my data safe and don’t pass it on to a ‘fourth’ party and of course how I can request that none of my data is made public elsewhere. I might well also ask Zwift how a third party has access to any of this data.

I’m not particularly data conscious but I am mindful that others are.

Does MS need to provide a privacy policy for personal Excel use? Yes, of course they do.
privacy dot microsoft dot com/en-us/privacystatement

Zwift said that an outside party (I forget which one) made changes, which in turn required that Zwift encrypt their data stream to comply with that outside party. This affects all 3rd party apps which rely on the data stream between the local client and Zwift’s server. It wasn’t specifically directed at ZAM. There was a lot of dislike for ZAM expressed by forum posters, but I don’t think Zwift expressed an opinion.

 
In the case of Sauce, it reads and displays data locally. I guess the concern is that this data is also being “phoned home” and stored in a central location, but I don’t think that’s the case. I really wish Zwift would make their own UI customizable. Then we wouldn’t need things like Sauce.

It was Google Play (Important announcement that may affect your project · Issue #5 · wiedmann/zwift-packet-monitor · GitHub)

I suggest opening an issue in GitHub · Where software is built, I think the developer wouldn’t mind explaining or adding some clarification about that in the documentation.