Etimaps Privacy Policy — Working Draft
Last updated: July 18, 2026
Private version 1. Before publication, add the operator’s legal name and postal address, confirm production log and email-delivery retention, review the target-country and children sections, obtain an appropriate legal review, and publish this at a stable public URL.
1. Who is responsible for your data?
Etimaps is operated by [operator’s legal name and postal address — to be completed before publication] (“Etimaps”, “we”, “us”). Etimaps is the data controller for personal data processed to provide the Etimaps app and Etimaps Cloud.
For privacy questions or requests, email contact@etimaps.com.
2. Local-first use
You can create and use local maps and datasets without an Etimaps account. Files you import and changes you make remain on your device unless you explicitly choose to save a map or dataset to Etimaps Cloud. Removing the app, deleting a local map, or erasing the device controls those local copies.
3. Information we process
- Account information: your email address, display name, profile image if supplied by a sign-in provider, email-verification state, and the identifiers needed to link password, Apple, or Google sign-in methods. Passwords are stored only as secure hashes.
- Cloud content: maps, datasets, uploaded files, configuration, edits, titles, and other content you deliberately save to Etimaps Cloud.
- Sharing information: Sharing-group memberships, roles, capabilities, invitations, invitee email addresses, invitation links, and records that a link or invitation was accepted.
- Technical information: session identifiers, IP address, user-agent information, request and error logs, timestamps, app version/build, and security information needed to operate and protect the service.
- Location: when you tap the location control and grant iOS permission, your location is used to show your position on the map. Etimaps does not upload that location to Etimaps Cloud.
- Communications: information you include when contacting support or making a privacy request.
4. How we use information
We use this information to:
- create and secure accounts, authenticate users, and restore accounts during the recovery period;
- store and synchronize cloud maps and datasets;
- provide Sharing groups, roles, invitations, and collaboration;
- send verification, sign-in, invitation, security, and support messages;
- diagnose errors, prevent misuse, maintain security, and improve reliability; and
- comply with legal obligations and respond to valid legal requests.
Where the GDPR applies, these activities are based on performing our contract with you, our legitimate interests in operating and securing Etimaps, your consent where requested (including iOS location permission), and compliance with legal obligations.
5. Service providers and other recipients
We do not sell personal data and do not use it for third-party advertising.
We use the following providers where needed to provide Etimaps:
- Cloudflare for application hosting, databases, cloud file storage, network security, logging, and email delivery infrastructure. See the Cloudflare Privacy Policy.
- Apple for iOS distribution, Apple sign-in when chosen, and MapKit/map imagery. Apple may receive the technical map requests needed to provide map content. See the Apple Privacy Policy.
- Google when you choose Google sign-in. See the Google Privacy Policy.
We may also disclose information when legally required, to protect users and the service, or as part of a business transfer subject to appropriate safeguards. Providers may process data outside your country. When required, we rely on recognized transfer safeguards such as adequacy decisions or standard contractual clauses.
6. Sharing with other Etimaps users
When you accept an invitation or join a Sharing group, authorized members may see information such as the email address used for the invitation, your membership, role, and join date. What members can view or edit depends on their server-enforced capabilities.
7. Retention and account deletion
- Local maps and datasets remain on your device until you delete them, remove the app, or erase the device.
- Cloud resources remain until they are deleted under Etimaps’ resource and Sharing-group rules.
- When you delete your account, it becomes inactive immediately. Your sessions are revoked and your memberships no longer appear or grant access.
- A recoverable archive of the account and its deleted memberships is kept for 30 days so that you can restore an accidental deletion. After that deadline, an automated cleanup removes the account and its personal access records from active Etimaps systems.
- Maps, datasets, Sharing groups, and edit history that must remain available to other members are not deleted merely because one account is deleted. Personal author identifiers in retained history are replaced with a generic “deleted account” attribution.
- Cloudflare database recovery copies may retain deleted records for up to 30 additional days after removal from active systems. They are access-restricted and expire through the provider’s normal backup cycle.
- Some information may be retained longer where reasonably necessary for security, fraud prevention, dispute resolution, or compliance with law.
To restore an account during the 30-day recovery period, sign in again and choose Restore account. To request earlier permanent deletion or help with restoration, email contact@etimaps.com.
8. Your choices and rights
Depending on where you live, you may have rights to access, correct, export, restrict, object to, or delete your personal data, and to withdraw consent without affecting earlier lawful processing. You may also have the right to complain to your local data-protection authority.
You can decline location permission and continue using Etimaps without the current-position feature. You can manage iOS permission later in Settings. Contact contact@etimaps.com to exercise a privacy right.
9. Security
We use access controls, encrypted network connections, hashed passwords, session revocation, and server-side capability checks designed to protect information. No storage or transmission system can be guaranteed completely secure.
10. Children
Etimaps is not currently directed to children and we do not knowingly collect personal data from children who cannot lawfully consent to the service. Contact us if you believe a child has provided personal data.
11. Changes to this policy
We may update this policy as Etimaps changes. We will update the date above and provide additional notice when a change materially affects how personal data is used.