Security & Privacy

GISOwl is designed with security and privacy at every layer.

Infrastructure

GISOwl runs on cloud infrastructure with SOC 2 Type II compliance. All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Databases are backed up continuously with point-in-time recovery.

Authentication

GISOwl supports email/password login, Google OAuth, and Microsoft OAuth. Team and Enterprise plans support SAML 2.0 SSO with any compatible identity provider (Okta, Azure AD, OneLogin, etc.). Enterprise plans additionally support SCIM for automated user provisioning.

Authorization

GISOwl uses a role-based access control (RBAC) model at the workspace, project, and map levels. See Permissions for details.

Data Residency

By default, data is stored in the United States (AWS us-east-1). Enterprise customers can select alternative regions including EU (eu-west-1), Asia-Pacific (ap-southeast-1), and others.

Data Processing

GISOwl processes your data only to provide the service: rendering maps, executing queries, and running spatial analysis. Your data is never shared with third parties or used for training AI models.

Owl AI Privacy

When you use Owl AI, your prompts and map data are sent to the AI provider for processing. Owl AI does not retain your data between sessions. Enterprise customers can opt out of Owl AI entirely.

Compliance

GISOwl complies with GDPR, CCPA, and SOC 2 Type II. Data Processing Agreements (DPAs) are available for Enterprise customers upon request.

Vulnerability Reporting

Report security vulnerabilities to security@gisowl.com. We respond within 24 hours and follow responsible disclosure practices.

Next Steps