StreetProof

Privacy

Privacy Policy — we index businesses, not people

v1.0 — July 2026 · DRAFT pending counsel review. Written from StreetProof’s actual data flows, not a template. Scouts accept this policy together with the Terms of Service at signup.

The blur-before-persist invariant

Faces and license plates are irreversibly blurred in every image from every source before the image persists beyond processing staging. If the privacy scrub fails on an image, that image is quarantined and never passes through. Raw footage is deleted after frame extraction and never retained beyond 30 days.

What we collect from scouts

  • Account: email address (and phone number if you add one), display name, home city, and the Terms version and time you accepted.
  • Capture data: GPS position, heading, and accuracy at the moment of capture; capture timestamp; camera EXIF/sensor telemetry from the shutter moment; a device-bound signature over the capture.
  • Device integrity: attestation verdicts (e.g. “passed platform integrity”) and a device key identifier — used to keep fake submissions out of the index.
  • Program activity: submissions and their review states, points ledger, redemptions, task and payout records (payouts additionally require identity verification through our payment provider).

What we do NOT collect

  • No continuous or background location — GPS is read only at capture and only with your permission.
  • No contact lists, photo galleries (the in-app camera is the only image source), messages, or browsing history.
  • No advertising identifiers, and no sale of personal information to anyone, ever.
  • No biometrics: faces in imagery are blurred before storage, not analyzed.

How scout data is protected in public

  • Public surfaces never show your real name unless you set a public handle, and public scout profiles can be turned off entirely.
  • Capture locations are fuzzed on public surfaces — live-event coordinates are jittered to city level, and mobile-asset activity is shown as density only, never as routes.
  • Your submission history is never published in a form that reveals your movement patterns.

Business-owner data

Entity records describe businesses, not individuals: business name, branding, category, and where its public branding was observed. Owners who claim a record provide a business contact, which we use for verification, disputes, and service messages. Sole proprietors whose personal name is their business name may use the removal flow.

Retention

  • Raw capture staging: deleted after scrub, hard cap 30 days.
  • Scrubbed evidence images: retained while the observation is part of the index; removal requests set an audited redaction flag.
  • Account data: deleted on account deletion, except records we must keep (tax/payout records) and the ledger entries below.
  • Ledger permanence: accepted observations already minted into the append-only public ledger remain as anonymized records after account deletion — they can no longer be traced to you. We offer a full data export before deletion.

Where your data lives

StreetProof runs on our own infrastructure located in Canada. Core operation does not depend on foreign cloud processors; where a payment or identity provider is used for payouts, that processing is disclosed at the point of use.

Cookies

The public site sets no advertising or third-party tracking cookies. We use only the minimal, strictly-necessary storage required for signed-in sessions and security (rate-limiting). There is nothing here to opt out of.

Your rights (PIPEDA & Alberta PIPA)

StreetProof operates under Canada’s PIPEDA and Alberta’s Personal Information Protection Act. You can request access to, correction of, or deletion of your personal information. Businesses and individuals can dispute or request removal of any observation via the removal flow: we acknowledge within 2 business days and resolve or explain within 10 business days. Removals set a redaction flag on the append-only ledger through an audited procedure — the record of the removal itself is preserved. If you are unsatisfied, you may complain to the Office of the Information and Privacy Commissioner of Alberta or the Office of the Privacy Commissioner of Canada.

Contact

Privacy officer: [email protected] — Calgary, Alberta, Canada. We will notify affected individuals and the appropriate commissioner of any breach creating a real risk of significant harm, as required by law.