Map Data & Map Tile Security

What is Map Data?

When using a map-based application, it's important to understand the difference between map data and map tiles and how they impact your privacy and security.

Map data refers to the underlying geographical information that makes up the map. This includes roads, buildings, landmarks, terrain features, and other geographical elements. When you share your location in our app, the app uses latitude and longitude coordinates, which are derived from this map data. In our app, this data is End-to-End Encrypted (E2EE), meaning only the intended recipient can view the shared location. Even if someone intercepts the data in transit, they can't decipher it.

What are Map Tiles?

Map tiles are the visual representations of the map data that you see on your screen. These are pre-rendered images or small square sections of the map that your app downloads and stitches together to form the full map view at different zoom levels. When you zoom in or out, the app requests different sets of tiles to display the appropriate level of detail.

Privacy Considerations with Map Tiles

While your location data (lat/long coordinates) is E2EE when shared between users, the map tiles themselves are typically not. When your app requests map tiles from a server, it sends information about which part of the map you are viewing. This means that the server providing the map tiles can potentially log your requests and infer information about your location and activity. This was a major concern when considering third-party map providers such as Google Maps, Apple Maps, Mapbox, Here Maps, and MapTiler Cloud. These services often require you to trust them with your data, as they may log IP addresses, tile requests, and other metadata that could potentially compromise your privacy.

Why We Chose to Host Our Own Tile Server

To ensure the highest level of privacy for our users, we decided to host our own map tile server on Cloudflare, a trusted company. By doing so, we can limit:

• IP Logging: We do not log your IP address when you request map tiles. This ensures that your identity remains private. Cloudflare may store anonymized statistics about requests including IP address. To learn more read here at: Cloudflare Privacy Policy. To improve privacy and anonymity, we recommend utilizing a VPN while using Grid. This ensures that not only your location data is E2EE, but tile requests are private and anonymous.
• HTTPS for Secure Transfer: All map tile requests are made over HTTPS, ensuring that the data in transit is encrypted and cannot be easily intercepted.
• Flexibility for Future Enhancements: Hosting our own tile server also gives us the flexibility to implement additional privacy features in the future, such as using proxies to further anonymize your requests.

Potential Future Integration of Native Maps

We understand that some users may prefer the features and familiarity of native map services like Apple Maps or Google Maps. While we prioritize privacy and currently use our own tile server to protect your data, we may allow users to opt for native maps in the future. However, it's important to note that if you choose to use a third-party map service, your privacy may depend on the policies of the service provider. We will continue to explore ways to enhance privacy for users who prefer these services.

Our commitment is to provide a secure and private location-sharing experience. By hosting our own tile server, we minimize the risks associated with third-party tracking and logging. Your shared location data is E2EE, ensuring that only the intended recipient can view it. We’re dedicated to continuously improving our privacy measures, giving you control and peace of mind when using our app.