Privacy Policy & Data Security

We built GeoAPIHub with privacy as a core principle — not an afterthought. This page explains exactly what data we collect, what we don't, and why your spatial data is always safe.

Last updated: June 26, 2026

The short version

Your GIS data — coordinates, GeoJSON files, shapefiles, bounding boxes — never leaves your browser. Every calculation runs locally in JavaScript. We only collect anonymised usage analytics (page views, tool clicks) via Google Analytics 4. That's it.

1. Client-Side Processing — Your Data Never Leaves Your Browser

GeoAPIHub tools run entirely in your web browser using JavaScript. When you paste a coordinate, upload a GeoJSON file, or enter a bounding box, that data is processed locally on your device. It is never transmitted to our servers, any third-party server, or any external service.

  • Coordinate conversions are computed by proj4.js running in your browser tab.
  • GeoJSON rendering is handled by Leaflet.js — the map tiles come from OpenStreetMap, but your GeoJSON data does not.
  • Bounding box extraction and DMS conversions are pure in-memory JavaScript operations.
  • No file is uploaded to a server. The "Upload" buttons use the browser's local FileReader API.

This is a deliberate architectural choice — not a promise we could break later. There is no backend, no database, and no API that could receive your data.

2. What We Do Collect — Google Analytics 4

We use Google Analytics 4 (GA4) to understand how GeoAPIHub is used so we can improve it. GA4 collects anonymised, aggregated usage data. Specifically:

  • Page views — which pages were visited and when.
  • Tool interactions — which tools were opened (e.g., "coordinate-conversion tool opened from home page"). We track button clicks, not the data entered.
  • Session metadata — approximate country/region (not city-level), browser type, device type, and screen size.
  • Referral source — how you arrived at GeoAPIHub (search engine, direct link, etc.).

GA4 uses cookies and anonymised identifiers. IP addresses are not stored. Google processes this data under its own Privacy Policy.

We do not collect: names, email addresses, login credentials, payment information, or any content you enter into the tools.

3. Cookies

We use a minimal set of cookies:

  • Google Analytics cookies (_ga, _ga_*) — set by GA4 for session tracking and analytics. These expire after 2 years / 24 hours respectively.
  • Theme preference (localStorage.theme) — stored in your browser's localStorage (not a cookie) to remember your dark/light mode preference. This never leaves your device.

We do not use advertising cookies, tracking pixels, or any marketing cookies.

4. Third-Party Libraries Loaded via CDN

GeoAPIHub ships its open-source browser libraries with the built site. These assets are served from GeoAPIHub instead of third-party CDNs:

Library Source Purpose
Tailwind CSS Local Tailwind CSS Compiled site styling
Font Awesome 6 Local build asset Icons
proj4.js Local build asset Coordinate transformation
Leaflet.js Local build asset Interactive maps
PapaParse Local build asset CSV parsing (client-side)

OpenStreetMap tiles are loaded by Leaflet for the map background. Your GeoJSON data is rendered on top of these tiles but is never sent to OpenStreetMap servers.

5. Data Security

Because GeoAPIHub has no backend and no database, the attack surface for data breaches is minimal by design:

  • There is no server to compromise — the site is served as static HTML/CSS/JS files.
  • There is no user account system, so there are no passwords or personal records to steal.
  • Your spatial data exists only in your browser's memory during the session and is discarded when you close the tab.
  • All pages are served over HTTPS to protect data in transit.

The most sensitive thing we store about you is an anonymised analytics session ID in a GA4 cookie. This cannot be used to identify you individually.

6. Children's Privacy

GeoAPIHub is not directed at children under the age of 13. We do not knowingly collect personal information from children. Because we do not collect personal information from any user, this is not a practical concern — but we state it clearly for compliance purposes.

7. Your Rights (GDPR / CCPA)

If you are in the European Economic Area (EEA) or California, you have rights regarding your personal data. Because we collect only anonymised analytics data and no personally identifiable information, most of these rights are satisfied by default:

  • Right to access — We hold no personal data tied to you individually.
  • Right to erasure — Clearing your browser cookies removes the GA4 identifiers stored on your device.
  • Right to opt out — You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on, or by blocking the domain www.googletagmanager.com with a content blocker.

For any privacy-related request, contact us at the address below.

8. Changes to This Policy

If we make material changes to this policy — for example, if we add a new analytics provider or change how we handle data — we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically. Continued use of GeoAPIHub after changes constitutes acceptance of the updated policy.

9. Contact

If you have questions about this privacy policy or how GeoAPIHub handles data, please contact:

Deepak Palanisamy

Back to GeoAPIHub Browse Tools