The short version: Your location is end-to-end encrypted on your device before it leaves your phone. Our servers never see your actual location. We don't sell data. We don't serve ads. We don't use analytics or tracking SDKs. Map tiles are loaded in a way that protects your IP address from third-party servers.
Data We Process
Location Data
- Your location coordinates are encrypted using AES-256-GCM on your device before being transmitted.
- Our relay server receives and temporarily stores only encrypted blobs — we cannot decrypt them.
- Encrypted location data is automatically deleted from the relay server after 1 hour.
- Only family group members who hold the shared encryption key can decrypt location data.
- Location determination uses your device's on-board positioning (GPS and device sensors). No location data is sent to Google, Apple, or any third-party positioning service by MapVeil.
Encryption Keys
- Group encryption keys are generated on your device and stored in your device's secure enclave (iOS Keychain / Android Keystore).
- Keys are shared between family members via time-limited, single-use invite codes or QR codes.
- Keys are derived using a memory-hard key derivation function resistant to brute-force and GPU-accelerated attacks.
- Keys shared via QR code use a full-strength random key directly, with no derivation required.
- Our servers never have access to encryption keys in any form.
Group Metadata
- Our relay server stores a randomly-generated group identifier (UUID) to route encrypted data between group members.
- Group names and member nicknames are stored only on your device, not on our servers.
- We do not associate group identifiers with real names, email addresses, or phone numbers.
Invite Codes
- Invite codes are time-limited (up to 24 hours) and single-use by default.
- When an invite code is redeemed, it is deleted from our relay immediately — it cannot be reused or replayed.
- Invite codes contain no location data.
Camera Access
- Camera access is used solely to scan QR invite codes when joining a family group.
- No photos or videos are captured, stored, or transmitted.
Data We Do NOT Collect
- Real names, email addresses, or phone numbers
- IP addresses or device identifiers (not logged by our relay)
- Browsing history or app usage analytics
- Advertising identifiers
- Contacts, photos, or files
- Unencrypted location data
Third-Party Services
Relay Infrastructure
Our relay server acts as an encrypted data passthrough. It is hosted on infrastructure subject to Cloudflare's privacy policy. MapVeil does not access or store infrastructure-level logs. No other third-party services, analytics platforms, or advertising networks are used.
OpenStreetMap (Map Tiles)
MapVeil displays maps using OpenStreetMap tile data — a community-maintained, open-source geographic dataset released under the Open Database License (ODbL). MapVeil does not use Google Maps, Apple Maps, or any proprietary mapping SDK.
To protect your privacy, map tiles are routed through our own infrastructure rather than being requested directly from OpenStreetMap servers by your device. This means your device's IP address and identifying headers are not exposed to OpenStreetMap infrastructure. We do not log or store information about which map regions you view.
Map data is © OpenStreetMap contributors and is used under the Open Database License. MapVeil displays the required attribution in the map view. Visit
openstreetmap.org/copyright for full details.
Data Retention
| Data |
Retention |
| Encrypted location blobs |
Auto-deleted after 1 hour on relay |
| Local app data |
Until you delete it via Privacy Dashboard |
| Invite codes |
Deleted on use, or after 24 hours maximum |
| Encryption keys |
Until you wipe data or leave a group |
Your Controls
MapVeil gives you full control over your data:
- Stop Sharing: Tap "Go Hidden" to immediately stop sharing your location.
- Precision Control: Choose how precisely your location is shared (city, neighborhood, street, or exact).
- Clear Cache: Purge locally cached location data at any time.
- Wipe All Data: Permanently destroy all encryption keys, group memberships, and cached data. Without the encryption keys, previously encrypted data becomes permanently unreadable.
- Leave Group: Remove yourself from any family group at any time.
Children's Privacy
MapVeil does not knowingly collect personal information from children under 13. Because MapVeil collects no account information whatsoever, all users benefit from the same privacy protections described in this policy. The app is designed for family use where parents or guardians manage group membership and sharing settings.
Security
- All location data is encrypted using AES-256-GCM, a NIST-approved authenticated encryption algorithm.
- Encryption keys are derived using a memory-hard algorithm resistant to brute-force attacks, stored in hardware-backed secure storage (iOS Secure Enclave / Android Keystore).
- Our relay server operates on a zero-knowledge basis — it processes encrypted data without the ability to decrypt it.
- Map tile requests are routed through our own infrastructure to prevent your IP address from being exposed to third-party servers.
Changes to This Policy
We will update this policy if our data practices change. Material changes will be communicated through an in-app notice. The "Last Updated" date at the top reflects the most recent revision.
Contact
If you have questions about this privacy policy or MapVeil's data practices:
Email: [email protected]