HERE data privacy by design
HERE is committed to bringing and working with your data both safely and securely in HERE Workspace.
BYO data sent to HERE Workspace is private by default. Your data is ingested into data catalogs that only you have access to. Moreover, all data sharing requires your explicit action, regardless of which interface you are working with. For more information about data catalog sharing and permissions, see the Data API Guide. The same is true for:
HERE’s proprietary access management services offer granular controls at the organization, project, group, user, and application ID levels, ensuring industry standard, privacy organization, and ISO compliant levels of protection. For more information about HERE Workspace access management controls, see the Identity & Access Management Guide.
In non-professional services assisted projects built using HERE Workspace, no HERE employee accesses your data. HERE Workspace provides integrated infrastructure services, which you as a customer instantiate based on your use-case needs. Examples of such services include different types of location data optimized storage, as well as batch and stream data processing pipelines.
Upon your action to create a new layer type within a catalog, cloud resources are created to instantiate the necessary data and metadata storage behind that layer. This process is fully automated, and only you have access to your data stored in that underlying infrastructure. The same is true for data processed through the cloud-based batch and stream processing pipeline infrastructure.
It is important to note that, while your data is not accessed by HERE employees or services for the point of sharing it further or processing it elsewhere for HERE business purposes, your data payload can be accessed in automated ways by HERE services when you initiate actions on the data for your own purposes. Examples of automated processes which must access the payload of your data based on actions you initiate include:
- Data tiling: Tiling data into HEREtiles, HERE’s proprietary location data partitioning scheme.
- Data indexing for the purposes of faster data retrieval. For an example, see the interactive map layer settings.
- Data decoding and rendering: Inspecting your raw data visually or on a private map.
- Data download.
In addition to granular access management controls, all Workspace services must pass security compliance checks before launching and on an on-going basis. For more information about HERE Workspace data security, see the Data API Guide.
For more information on how data privacy is of fundamental importance to HERE and our customers, see the HERE Privacy Charter.