Privacy Policy

Last updated: April 5, 2026

1. Who We Are

Geosift ("Geosift," "we," "us," or "our") is a web-based geospatial SaaS platform that lets users upload, visualize, and share map data. We operate at geosift.io.

Questions about this policy? Contact us at privacy@geosift.io.

2. Information We Collect

Account Information

When you sign up, we collect your email address. We use it to create your account, send authentication links, and communicate important service updates.

Usage Data

We collect anonymized usage data to understand how the product is used and improve it. This includes pages visited, features used, and general interaction patterns. This data is tied to a random visitor ID (stored in localStorage), not your email address.

Map Data You Upload

Any CSV, GeoJSON, or other spatial data you upload is stored to provide the service. You own this data — see Section 7. We do not analyze, sell, or share your uploaded data with third parties.

Subscription & Billing

Subscription purchases are processed by our payment platform. We receive confirmation of your subscription status but do not store full credit card numbers or payment details on our servers.

3. How We Use Your Information

• To create and manage your account
• To provide the Geosift map visualization service
• To send authentication emails and account notifications
• To process and manage your subscription
• To improve the product using anonymized analytics
• To respond to support requests
• To comply with legal obligations

We do not sell your personal information to third parties. We do not use your data for advertising purposes.

4. Third-Party Services

Geosift integrates with the following third-party services to deliver its functionality:

Mapping & Geocoding

• OpenStreetMap Nominatim — Used for geocoding (converting addresses to coordinates). Address queries you enter are sent to Nominatim servers. OpenStreetMap's privacy policy applies to those requests.
• CartoDB / CARTO Tile Servers — Used to serve map tile images (the base map you see). Tile requests are sent to CARTO's CDN. No personal data is sent beyond standard HTTP request metadata (IP address, user agent).
• Leaflet — Open-source JavaScript library used for map rendering. Runs entirely in your browser; no data is sent to Leaflet's maintainers.

Analytics

• Polsia Analytics — We use Polsia's analytics beacon to track anonymized page visits. The beacon sends a random visitor ID (stored in your localStorage as polsia_vid) and the site slug. No personally identifiable information is sent.

Payments

• Stripe (via Polsia) — Payment processing. Stripe's privacy policy applies to payment data. We receive only subscription status and plan information.

Fonts

• Google Fonts — We load fonts (Space Grotesk, DM Sans) from Google Fonts CDN. Google may log the request. Google's privacy policy applies.

5. Cookies & Local Storage

Geosift does not use tracking cookies. We use your browser's localStorage for the following purposes:

What We Store in localStorage

• polsia_vid — A randomly generated visitor ID used for anonymized analytics. Contains no personal information.
• Layer settings — Your map layer configuration (colors, visibility, styles) so they persist between sessions.
• Onboarding flags — Whether you've seen the welcome tutorial, so we don't show it again.
• Filter presets — Saved data filter configurations for your maps.
• Authentication token — A session token used to keep you logged in. Cleared when you sign out.

localStorage data stays in your browser and is never transmitted to our servers except as part of normal API authentication. You can clear it at any time via your browser's developer tools or by clearing site data.

We do not use third-party advertising cookies.

6. Data Retention

• Account data — Retained while your account is active. Deleted within 30 days of account deletion request.
• Uploaded map data — Retained while your account is active. Deleted within 30 days of account deletion.
• Analytics data — Anonymized; retained for up to 24 months for product improvement.
• Subscription records — Retained for 7 years for tax/accounting compliance.

7. Your Data Rights

Depending on your location, you may have the following rights:

• Access — Request a copy of the personal data we hold about you.
• Correction — Request correction of inaccurate personal data.
• Deletion — Request deletion of your account and associated data.
• Portability — Export your map data in standard formats (GeoJSON, CSV) at any time from the app.
• Opt-out of analytics — Clear polsia_vid from your localStorage to reset your anonymous visitor ID.

To exercise these rights, email privacy@geosift.io. We respond within 30 days.

California Residents (CCPA)

California residents have additional rights under the CCPA, including the right to know what personal information is collected, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising privacy rights.

EEA / UK Residents (GDPR)

If you are in the European Economic Area or United Kingdom, our lawful basis for processing your personal data is: (a) performance of a contract (providing the service you signed up for), and (b) legitimate interests (product analytics, security). You have the right to lodge a complaint with your local data protection authority.

8. Data Security

We use industry-standard security measures to protect your data, including encrypted connections (HTTPS/TLS) for all data in transit and secure cloud hosting for data at rest. No system is 100% secure — if you become aware of a security issue, please contact privacy@geosift.io.

9. Children's Privacy

Geosift is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be noted at the top of this page with an updated date. Continued use of Geosift after a policy change constitutes acceptance of the new policy.

11. Contact

Questions, requests, or concerns about this Privacy Policy:

• Email: privacy@geosift.io
• Website: geosift.io