Last updated: June 24, 2026
Security
This page describes how MapOps protects information processed through our website, configured workspaces, and related services (“Service”). It supplements our Privacy Policy and Terms of Service.
1. Security Principles
- Customer Data is treated as confidential and is not shared between MapOps customers
- We do not use your Input Data to build or improve scoring models for other customers without a separate written agreement
- We do not sell personal information or Customer Data
- Access to production systems is limited to personnel who need it to operate and support the Service
2. Technical Safeguards
We implement reasonable technical and organisational measures to protect data, including:
- Encryption in transit (TLS) for web traffic and API communication
- Authentication and role-based access for configured workspaces
- Row-level security and workspace isolation for customer records stored in our database layer
- Operational logging to support reliability, abuse detection, and incident investigation
- Regular review of access, dependencies, and deployment configuration
No method of transmission or storage is completely secure. We cannot guarantee absolute security.
3. Infrastructure and Sub-Processors
The Service runs on third-party infrastructure providers that process data only as needed to perform their function on our behalf and under contractual confidentiality obligations. Current categories include:
- Hosting and deployment infrastructure (for example, Vercel)
- Database and authentication services used in configured workspaces (for example, Supabase)
- Scheduling tools used for demo bookings (for example, Calendly)
- Mapping and geospatial services used to render territory views
A current list of sub-processors is available upon written request. See our Privacy Policy for more detail on how we share information with service providers.
4. Customer Data and CRM Integrations
Where you connect a CRM or upload customer records, MapOps processes that data only to provide the Service to you — for example, geocoding, territory assignment, outreach status sync, and map presentation configured for your workspace.
CRM webhook endpoints use connection-specific tokens. Where supported, inbound webhook requests are verified using provider-supplied signatures or secrets. You are responsible for maintaining the confidentiality of API keys, OAuth tokens, and webhook URLs configured for your workspace.
5. Confidentiality
We treat Customer Data as confidential. We will not disclose your data to any third party except as necessary to provide the Service, as described in our Privacy Policy, or as required by law. If we receive a legal demand for your data, we will notify you before disclosure unless prohibited by law.
You agree to treat non-public information about the Service's features, scoring methodologies, and proprietary configuration as confidential, as set out in our Terms of Service.
6. Incident Response
If we become aware of a data security incident affecting your Customer Data, we will investigate promptly and take reasonable steps to contain and remediate the issue. Where required by applicable law or contract, we will notify affected customers without undue delay.
To report a security concern, contact contact@mapops.co with sufficient detail for us to investigate.
7. Your Responsibilities
Access control
You are responsible for managing user access within your workspace, revoking access when no longer required, and ensuring that credentials are not shared inappropriately.
Lawful use of data
You must have appropriate rights and lawful bases to upload, connect, and use customer, prospect, and CRM data within the Service, including compliance with applicable privacy and marketing laws.
8. Contact
Security questions or requests? Contact us at contact@mapops.co.
MapOps · Australia