Security


Effective Date: January 1, 2018

Definitions

Spatial Current, we, our, or us in this document refers to the 501(C)(3) corporation Spatial Current, Inc. registered in the State of Delaware. The Spatial Current Platform refers to the user-facing instance of the Spatial Current stack hosted on infrastructure managed by Spatial Current. Other testing, staging, or otherwise non-public instances of the Spatial Current stack are not-necessarily governed by the same terms of service, privacy policy, or security policy.

Customer refers to the individual, company, or other type of organization that creates a team (or is created on it’s behalf). For a team, there is one Customer that is assigned ownership of relevant data, as described below, with 1 or many Authorized Users. For non-team individual data, Customer refers to the individual himself/herself.

Authorized User is an individual authorized by the Customer to access Spatial Current Services and submit Customer Data, such as search queries and geospatial datasets. For non-team use, Customer would be equivalent to Authorized User.

Other Data is data generated by the use of any Spatial Current service, including the Spatial Current Platform, that is not Customer Data.

Changes to this Security Policy

Spatial Current may make revisions to this securiy policy (and other policies) at its discretion. If any Authorized User uses any service provided by Spatial Current, including the Spatial Current Platform, after the effective date, the Customer agrees to the revised policies.

Security Features

We take security seriously with the utmost importance here at Spatial Current. We hash all passwords and continuously monitor our system for unauthorized access. Our Amazon Web Services infrastructure is secured using multiple keys and limited roles.

Authentication

Authorized User passwords are hashed using bcrypt using multiple rounds and a salt.

Authorizations

Customer Data hosted Spatial Current, Inc. platform is securely stored in a database that supports security labels or a database managed by a cloud service provider.

Certifications

Spatial Current, Inc. currently has no security certifications. If a certification is important to you to use Spatial Current, please let us know at info@spatialcurrent.io and we’ll consider the effort to receive the certification.

Reporting Security and Privacy Issues

Please report any suspected security issues or significant privacy issues to security@spatialcurrent.io. This email is restricted to a small team of Spatial Current employees. If you discover a security or privacy issue with an associated platform, dataset, or technology, we are happy to coordinate reporting with the data or technology owner. If desired and appropriate, we will publicly recognize reporting by individuals or organizations. At this time, no bug bounty program is in place, but it is something being considered.

Severability

If any part of this policy is held or modified by a Court of Law in a jurisdiction, the remaining provisions of this policy will continue to be in maximum effect.

More Information

If you have any questions or concerns, drop us a line at info@spatialcurrent.io. Our Privacy Policy and Terms of Service are also available.