Effective Date: Oct 23, 2023
Thank you for entrusting Topo Lock, or VonCannon Technology, Inc. (“we”, “us”, or “our”) with your private outdoor mapping data.
This statement explains how we will process your personal data and how you, as a user of our product, can exercise your rights.
By using our products, you agree to this Privacy Policy.
Summary
We have very high standards for data privacy. Topo Lock is built from the ground up to keep your data extremely private.
Where possible, all user data is End-to-End Encrypted (“E2EE”) with encryption keys that solely exist on your end user client devices.
- You own your data. Forever.
- Your data is never sold.
- Your data is never shared.
- We do not track you.
- We do not install spyware.
- We do not have social media SDKs.
What Information We Collect
There are two types of data we collect when you use our products:
- User Content - User content is E2EE. Encrypted with client side encryption keys that solely reside on end user devices and thus we are unable and unwilling to decrypt any user data.
- Administrative Content - This is data kept encrypted in-transit and on server but not E2EE. We collect data at registration time to identify your account and provide a customer service including: email address, payment / billing information, and certification if you agree to our Terms.
| Data Category | Protection |
|---|---|
| Map Tools (Pins, Tracks, Waypoints, Locations, Shapes, Routes, Photos, Offline Map Names etc.) GPS Coordinates, Titles, Notes, Photos, and any other user generated attributes | End-to-End Encrypted |
| Tag Names, Colors, and any other user generated attributes | End-To-End Encrypted |
| Passwords | Hashed client side and server side |
| Email Addresses | In-transit and on server |
| Session Information, API Keys, IP Addresses, Session Identifiers | In-transit and on server |
| Searching Coordinates In-App | No data is ever transmitted to the server |
| Reverse Geocoding | In-transit and on server |
| Viewing Map Tiles | No logging, API key validation only |
Meta Data that is not End-to-End encrypted:
Some metadata exists along side user content that describes the encryption algorithm used and other attributes that help us provide a high quality of service to you:
- Created dates
- Modification dates
- Deletion dates
- Favorited
- The type of encryption algorithm used
How we share the information we collect
We do not share or sell personal data to 3rd parties.
For legal disclosure: Topo Lock may disclose personal data or other information we collect about you to law enforcement or other governmental agencies if required in response to a valid legal process.
For security purposes: We will disclose personal data if we believe it is necessary to:
- protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
- operate and maintain the security of the Service, including to prevent or stop an attack on our systems or networks; or
- protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
Your Choices
Data Ownership: You own your data forever. You can always take your data with you, exporting it at anytime regardless if you have an active subscription.
Account Deletion: You may delete your account anytime. Your account data will be closed and all prior account data will be destroyed and unrecoverable. If you create another account with the same email, all prior data will not be available.
Retention of personal Data: We retain personal data for as long as necessary to provide the services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. For example, we may retain your personal data for longer periods, where necessary, subject to applicable law, for security purposes.
Communication Preferences: We use your email address to communicate important information to you.
How We Secure Your Information
- Topo Lock takes reasonable measures necessary to protect your personal data from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of your personal data.
- To help us protect personal data, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.
- All communication between client and server is over TLS.
- All sensitive user data is E2EE by design. See section What Information We Collect for more information on data encryption.
- We keep our systems patched and up to date as reasonably possible.
See our encryption design for more informaton.
U.S. State Data Privacy
If you are a U.S. resident, we process your personal data in accordance with applicable U.S. state data privacy laws, including the California Consumer Privacy Act (CCPA). This section of our Privacy Statement contains information required by the CCPA and other U.S. state data privacy laws and supplements our Privacy Statement.
Sale. We do not sell your personal data. So, we do not offer an opt-out to the sale of personal data.
Share. We do not share your personal data. So, we do not offer an opt-out to the sharing of personal data.
Rights. You have the right to request that we (i) disclose what personal data we collect, use, disclose, share, and sell, (ii) delete your personal data, (iii) correct your personal data, and (iv) restrict the use and disclosure of your sensitive data. You may make these requests yourself or through an authorized agent. If you use an authorized agent, we provide your agent with detailed guidance on how to exercise your privacy rights.
European Data Protection Rights Notice
If you are in the European Economic Area, we process your personal data in accordance with applicable laws, and the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:
You can request access to, and rectification or erasure of, personal data; If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format; If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing; You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and for residents of France, you can send us specific instructions regarding the use of your data after your death.
To make such requests, please use the contact information at the bottom of this statement. When we are processing data on behalf of another party (i.e., where Topo Lock is acting as a data processor) you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.
Additional Terms
Cookies: We use minimal cookies were needed to provide security when logged into our service. Otherwise we do not use cookies to track you.
| Purpose | Description |
|---|---|
| Required Cookies | TopoLock uses required cookies to perform essential website functions and to provide the services. For example, cookies are used to log you in, save your language preferences, provide a shopping cart experience, improve performance, route traffic between web servers, and improve user experience. These cookies are necessary for our websites to work. |
| Analytics | We do not use these cookies. |
| Social Media | We do not use these cookies. |
| Advertising | We do not use these cookies. |
Do Not Track Signals: We do not track visitors across third-party websites and thus we do not respond to Do Not Track signals.
Changes to our Privacy Statement
Topo Lock may change this Privacy Statement from time to time for a variety of reasons, including to comply with new laws and regulations, to cover new features and functionality, and to increase transparency. We will post changes to this page and / or update the “Policy Effective” date above.
Questions
If you have questions or suggestions, contact us.