What we keep,
and what we don't.
Short version: we store what's needed to run the platform. We don't sell anything. Sensitive cave locations never leave the access boundary you set.
What we collect.
The account information you provide (name, email, NSS number if you share it, affiliations) and the records you upload (cave data, documents, photos, survey files). Standard server logs retain IP addresses and request metadata for 30 days for security and debugging. No third-party analytics, no advertising trackers, no fingerprinting.
How cave locations are protected.
Sensitive coordinates are gated by access level on every request. Unauthenticated viewers do not receive coordinates, entrance photos, or cave maps for protected sites. Audit logs record who viewed what, when. When you error-report or send us a Sentry event, coordinates and PII are scrubbed before transmission.
Who sees your data.
Only members you grant access to. Trustees have elevated visibility for moderation and support, and their actions are logged. We do not share, sell, rent, or trade user data. We respond to lawful legal process only as required, and prefer to notify affected users when legally permitted.
Your rights.
Export every record, document, and file associated with your account at any time. Delete your account — your personal data (name, email, profile) is scrubbed, and your contributed cave records are unlinked from your identity but remain in the community record, since the data belongs to the grotto or region, not to you individually. Request a copy of what's on file through the contact form.
Contact.
Questions, concerns, or data requests: use the contact form. Every submission reaches the KEEP operations inbox — privacy and data-request messages are prioritized.