What we claim, and what we do not.
We capture only what is necessary to follow up on an early-access request: work email, organization, role, free-text note, and the time it was sent. No tracking pixels, no marketing-automation tags. No third-party analytics on this site.
Operator-tier deployments process customer-controlled signals (infrastructure status, incident records, personnel rosters where applicable). These are processed under a Data Processing Agreement and never aggregated across customers.
Early-access submissions are retained for the duration of the early-access programme. Operator-tier retention is set by contract; default is 24 months for incident records and configurable per deployment.
All hosting is EU-region. The default production path uses an EU commercial cloud region; no US hyperscaler region appears in the data path. Operator-tier deployments can be pinned to a single member state on request, and sovereign-cloud / on-prem targets are available for civil-protection authorities that require them.
The current sub-processor list is being finalised. We will publish the named list, the region in which each runs, and the role each plays before signing the first operator-tier contract.
Will list: EU cloud-region provider, transactional email provider, error-monitoring provider, and any upstream data providers required at the operator tier. Each will be named with region and purpose. We will not list a sub-processor we are not currently using.
In transit (TLS 1.2+) and at rest (provider-managed keys at launch; customer-managed keys available for sovereign deployments).
Operator-tier access is role-scoped per municipality. Audit logs travel with the same provenance discipline as the data layers.
Responsible disclosure address published at launch. Dependency monitoring against the underlying OSS supply chain runs continuously in CI.
ISO 27001 and SOC 2 are in scope at launch. We are not certified today and will not display a badge we have not earned. NIS2 alignment for the operator tier is tracked against the essential-entity profile; CER directive alignment follows the sector taxonomy.
The console is built on open-source dependencies: Next.js, React, MapLibre, deck.gl, H3, fast-xml-parser. We track upstream advisories continuously and update on a fixed cadence; security patches are out-of-cadence.
Public-data sources are credited inline in the product and on /platform. Where we extend an open project, we feed fixes back upstream.
Detailed documentation on request.
Draft DPA, DPIA template, and security questionnaire response are available for evaluating authorities. Tell us who you are and we will send the current versions.