Skip to content

Security Policy

Our commitment to your data safety

🛡️

Our Core Promise

We understand that geographic data can be sensitive. We have architected our system with a "minimal knowledge" principle. We don't want to see your data, we just want to convert it.

Infrastructure Security

Transport Encryption

All data transferred between your device and our servers is encrypted using standard TLS 1.2+ (HTTPS).

Isolated Processing

Conversion jobs run in isolated containers that are spun up on demand and destroyed immediately after processing.

Data Lifecycle

  1. Upload: Your file is assigned a unique, non-guessable UUID v4 identifier.
  2. Processing: The file is processed in memory or ephemeral storage.
  3. Storage: The result is stored temporarily to allow for download.
  4. Deletion: An automated cron job permanently purges all files associated with the ID exactly 1 hour after creation.

Vulnerability Reporting

If you believe you have found a security vulnerability in KMLtoSHP, please report it to us immediately. We appreciate the contribution of the security research community.

Please email security@kmltoshp.com.