Secure geocoding without compromises

The safety and security of your data is a fundamental part of the Geocodio platform

Secure geocoding without compromises

We never share or sell your data. Ever.

Your data is yours, not ours. We never share your data with third parties. Read our privacy statement here and you can see our Terms of Use here.

Your data is encrypted in transit.

All data on the Geocodio platform, is transferred securely via HTTPS, ensuring that it is always encrypted in transit. This includes uploaded spreadsheets as well as access to our API. Customers may, however, explicitly decide to use the non-HTTPS API endpoint. Uploaded spreadsheets are encrypted at rest using AES256, and can be permanently deleted at any time.

On our standard platform, some API requests may be logged to disk in plain text. Need full encryption at rest? See (#hipaa-compliant-geocoding)

Resilient, hardened infrastructure.

Geocodio utilizes redundant, physical, dedicated servers and are not sharing hardware resources with other companies. We use state-of-the-art data centers with strict security such as electronic access controls, high security perimeters and 24/7 video monitoring of access routes, entrances, server rooms and more. Our infrastructure is distributed across multiple physical data centers, operated for full redundancy. Read more about how we ensure high availability.

Ongoing system updates.

We use automation and monitoring best-practices to ensure that all internal and external services receive ongoing security patches to protect against vulnerabilities. We utilize the principle of least privilege to limit our attack surface as much as possible, including addition of strict firewall and permission rules and utilizing internally-routed network traffic whenever it is possible. A third party company is contracted to conduct ongoing security scans, including port and vulnerability scans of all of our external networks.

Full access controls at no additional cost.

All accounts include an audit log that tracks time/date, IP address, action taken, and email address. If you have a Geocodio account, you can see your audit log here. If you're working with a team, we encourage you to create a Team Account so you can control access to your organization's data and add/delete users. We understand that user security is important to organizations large and small, so there is no additional cost to create a Team Account. If you already have a Geocodio account, you can create a Team Account here. You can delete your account at any time via the dashboard.

HIPAA-compliant geocoding

For particularly sensitive data, we have designed a HIPAA-compliant version of our product that includes even stricter access controls, and is located in a US-based HIPAA and SOC 2 compliant data center.

This plan is designed for health organizations, but is used by other organizations with the highest data protection concerns.

If your organization requires a BAA, please see our HIPAA-compliant version.

Upload a spreadsheet now. No credit card required.

Upload SpreadsheetGet an API Key

Responsible Disclosure Policy

Security researcher? Please read our Responsible Disclosure Policy.
Learn more

Infrastructure

Geocodio's resilient, hardened infrastructure processes over 2 billion lookups per month.

Privacy Practices

Details Geocodio's privacy practices, including GDPR and CCPA compliance.

Data Retention Policy

How long we store data for.

Data Sources

Geocodio only uses publicly-available datasets, powered by our in-house geocoding engine.

Contact Us

Does your IT security team have questions about our security practices? Please reach out to us.
Copyright © 2014-2024 Dotsquare LLC, Norfolk, Virginia. All rights reserved.