Effective Date: January 1, 2018
Customer refers to the individual, company, or other type of organization that creates a team (or is created on it’s behalf). For a team, there is one Customer that is assigned ownership of relevant data, as described below, with 1 or many Authorized Users. For non-team individual data, Customer refers to the individual himself/herself.
Authorized User is an individual authorized by the Customer to access Spatial Current Services and submit Customer Data, such as search queries and geospatial datasets. For non-team use, Customer would be equivalent to Authorized User.
Other Data is data generated by the use of any Spatial Current service, including the Spatial Current Platform, that is not Customer Data.
Changes to this Security Policy
Spatial Current may make revisions to this securiy policy (and other policies) at its discretion. If any Authorized User uses any service provided by Spatial Current, including the Spatial Current Platform, after the effective date, the Customer agrees to the revised policies.
We take security seriously with the utmost importance here at Spatial Current. We hash all passwords and continuously monitor our system for unauthorized access. Our Amazon Web Services infrastructure is secured using multiple keys and limited roles.
Authorized User passwords are hashed using bcrypt using multiple rounds and a salt.
Customer Data hosted Spatial Current, Inc. platform is securely stored in a database that supports security labels or a database managed by a cloud service provider.
Spatial Current, Inc. currently has no security certifications. If a certification is important to you to use Spatial Current, please let us know at email@example.com and we’ll consider the effort to receive the certification.
Reporting Security and Privacy Issues
Please report any suspected security issues or significant privacy issues to firstname.lastname@example.org. This email is restricted to a small team of Spatial Current employees. If you discover a security or privacy issue with an associated platform, dataset, or technology, we are happy to coordinate reporting with the data or technology owner. If desired and appropriate, we will publicly recognize reporting by individuals or organizations. At this time, no bug bounty program is in place, but it is something being considered.
If any part of this policy is held or modified by a Court of Law in a jurisdiction, the remaining provisions of this policy will continue to be in maximum effect.