§ 01Who we are
This Privacy Policy explains how personal data is handled when you, or an End User of an application you operate, interact with the free map services made available at and through maptoolkit.org.
The controller within the meaning of Article 4(7) of the EU General Data Protection Regulation (GDPR) is:
A separate Data Protection Officer is not appointed; the requirements of Article 37 GDPR do not apply. All privacy enquiries can be sent to the address above.
This policy covers two distinct products, and is split into two self-contained chapters so you only have to read the one that applies to you:
- Part I · the “Tile Server” (or “Service”) - the tile, style, font, sprite, and terrain endpoints at
tiles.maptoolkit.org,styles.maptoolkit.org,fonts.maptoolkit.org, and (via Mapterhorn)tiles.mapterhorn.com, which you embed into your own application; - Part II · the “Website” - www.maptoolkit.org, mapmaker.maptoolkit.org, docs.maptoolkit.org, status.maptoolkit.org, and our GitHub Discussions forum.
The sections between here and Part I apply to both. Use of the Tile Server is additionally governed by our Terms of Service.
§ 02Our privacy promise - what we do not do
Both the Tile Server and the Website are built to be privacy-respecting by default. We do not:
- require API keys, accounts, sign-up, or any other form of user registration;
- set tracking cookies, advertising cookies, or any cookies that require consent under the EU ePrivacy Directive;
- use browser fingerprinting, device IDs, or similar identification techniques;
- maintain user-level profiles, behavioural histories, or cross-site identifiers;
- sell, rent, or share personal data with advertisers or data brokers;
- use Service data, request data, or End User data to train, fine-tune, or evaluate machine-learning or artificial-intelligence models.
There is no opt-out you need to click - there is nothing to opt out of.
§ 03International data transfers
Service infrastructure is hosted within the European Union. Where third-party processors (Cloudflare, GitHub) operate global networks that may route requests through points of presence outside the EU/EEA, transfers are covered by the Standard Contractual Clauses adopted by the European Commission (Article 46 GDPR) and the providers' supplementary technical measures.
§ 04What the Tile Server logs, and for how long
Operating a public tile service requires a minimum of operational logging for security, abuse prevention, capacity planning, and billing reconciliation with our CDN provider. We keep this to the smallest set that still allows the Tile Server to run safely.
Anonymised request logs
For each request reaching our origin servers, we may log:
- a truncated IP address, where the final three digits are replaced with zero before the entry is written (e.g.
203.0.113.137is stored as203.0.113.000). The full IP address is never persisted to disk; - the timestamp of the request;
- the requested URL path (e.g. the tile coordinates or style name);
- the HTTP status code and response size.
We do not log Referer headers or User-Agent strings at this stage of the Tile Server. (If we introduce optional Referer- or User-Agent-based registration in the future to raise rate limits, this policy will be updated before that change takes effect.)
Retention
Anonymised request logs are retained for a maximum of 15 days and then permanently deleted. We do not produce long-term archives, backups, or aggregates that would re-identify any End User.
Legal basis
Processing of the anonymised log data described above is based on Article 6(1)(f) GDPR (legitimate interest) - specifically our legitimate interest in operating, securing, and abuse-protecting a public shared infrastructure. Because the IP address is truncated before it is written, the residual data is not, in practice, capable of identifying a natural person.
§ 05Third-party services used by the Tile Server
To deliver the Tile Server we use a small number of external providers. Where these providers process data on our behalf, we have data-processing agreements in place under Article 28 GDPR; where they act as independent controllers, we link to their own privacy statements below.
Cloudflare (CDN, edge cache, DDoS protection)
We use Cloudflare as the content delivery network for tiles, fonts, sprites, and styles served from tiles.maptoolkit.org, styles.maptoolkit.org, and fonts.maptoolkit.org. The overwhelming majority of requests (typically ≥95%) are answered directly from Cloudflare edge caches and never reach our origin.
When a request passes through Cloudflare, Cloudflare may transiently process the End User's IP address, the request URL, and standard HTTP metadata in order to deliver the response and to protect the Tile Server from attacks. Cloudflare acts as our processor for this activity. See Cloudflare's privacy policy at https://www.cloudflare.com/privacypolicy/.
Terrain tiles via Mapterhorn
Terrain and hillshade data is served from tiles.mapterhorn.com, an external provider that is itself hosted on Cloudflare. When your application requests terrain data, the End User's browser connects directly to that endpoint, and Mapterhorn processes the request as an independent controller under its own privacy policy. According to that policy, Mapterhorn stores request-level data - including the source IP address, referrer, source ASN, requested path, browser, operating system, device type, and user-agent - for up to 30 days, which is broader than our own truncated-IP, 15-day practice described in Section 4.
§ 06When you embed the Tile Server in your own application
If you (the developer) embed the Tile Server into your own website, app, or other Application, you are the controller for the personal data of your End Users under Article 4(7) GDPR. That means you are responsible for:
- your own privacy notice;
- any consent flows or cookie banners required by applicable law for the rest of your application;
- determining the lawful basis on which you display maps to your End Users.
Toursprung GmbH acts as an independent controller for the limited operational processing described in Section 4 above, and not as your processor, unless a separate data-processing agreement under Article 28 GDPR has been concluded between us in writing.
You may freely reference this Privacy Policy from your own privacy notice when describing the map component of your application. For convenience, our developer documentation provides a suggested text block you can adapt for your own privacy notice - it is not a substitute for this Privacy Policy, which remains the legally binding version.
§ 07What the Website logs
Aggregate page-view counts across www.maptoolkit.org, docs.maptoolkit.org, and status.maptoolkit.org are collected via self-hosted Plausible Analytics, described in Section 8 below. Beyond that, we do not run any additional server-side logging of our own on the Website.
MapMaker - data stored in your browser
MapMaker, our browser-based tool for designing map styles at mapmaker.maptoolkit.org, has no server-side component. The style you create is never transmitted to or stored on our infrastructure. Instead, it is saved directly in your browser's localStorage, tied to your device and browser, where it remains until you clear it - for example via your browser's site-data settings - or until you delete it within MapMaker itself.
This local storage is a strictly necessary function of the tool: without it, MapMaker could not preserve your work between visits. Because the data never leaves your device and is not accessible to Maptoolkit, it does not constitute processing of personal data by us as controller, and it falls under the "strictly necessary" exemption of Article 5(3) of the ePrivacy Directive - no cookie-style consent banner is required.
§ 08Third-party services used by the Website
To run the Website we use a small number of external providers. Where these providers process data on our behalf, we have data-processing agreements in place under Article 28 GDPR; where they act as independent controllers, we link to their own privacy statements below.
Cloudflare (CDN, edge cache, DDoS protection, DNS)
We use Cloudflare as the content delivery network and DDoS-protection layer in front of www.maptoolkit.org, mapmaker.maptoolkit.org, and docs.maptoolkit.org. The overwhelming majority of requests are answered directly from Cloudflare edge caches and never reach our origin.
When a request passes through Cloudflare, Cloudflare may transiently process the End User's IP address, the request URL, and standard HTTP metadata in order to deliver the response and to protect the Website from attacks. Cloudflare acts as our processor for this activity. See Cloudflare's privacy policy at https://www.cloudflare.com/privacypolicy/.
Cloudflare is also the DNS provider for status.maptoolkit.org. Unlike the domains above, HTTP traffic to that page is not proxied through Cloudflare's edge network - Cloudflare's role there is limited to resolving DNS queries for the domain, while the page itself is served directly by Site24x7 (see below).
Site24x7 (status page)
status.maptoolkit.org is a status page operated by Site24x7 (a Zoho product), which monitors and reports the uptime of our public endpoints. When you visit this page, your browser connects directly to Site24x7's infrastructure rather than our own, and Site24x7 may process your IP address and standard HTTP metadata to serve the page and to compile aggregate visitor statistics. Site24x7 acts as an independent controller for this processing; see Site24x7's privacy policy at https://www.site24x7.com/privacypolicy.html.
GitHub Discussions (community support forum)
We use GitHub Discussions at github.com/maptoolkit/maptoolkit.org/discussions as our community support forum. If you choose to post there, your interaction is governed by GitHub's privacy policy: GitHub General Privacy Statement. GitHub is operated by GitHub, Inc., a US company; data transfers to the United States are covered by GitHub's standard contractual safeguards. You can use the Tile Server without ever creating a GitHub account.
Self-hosted Plausible Analytics
The Website embeds Plausible Analytics to count aggregate page views, served from our own infrastructure at pls.maptoolkit.net. Plausible is a privacy-focused analytics tool that:
- does not use cookies;
- does not collect personal data;
- does not create user-level profiles or cross-site identifiers;
- is fully compliant with GDPR, PECR, and CCPA without requiring a consent banner.
See Plausible's own description of these properties at plausible.io/privacy-focused-web-analytics. Plausible is loaded only on the Website; it is not loaded by the Tile Server's tile, style, font, or sprite endpoints.
jsDelivr (documentation only)
Our developer documentation at docs.maptoolkit.org loads certain JavaScript libraries via jsDelivr (cdn.jsdelivr.net), a public CDN. When you load a documentation page, your browser connects directly to jsDelivr's edge network, which may process your IP address and standard HTTP metadata to deliver the file. jsDelivr acts as an independent controller for this processing; see jsDelivr's privacy policy at https://www.jsdelivr.com/terms/privacy-policy. jsDelivr is not used anywhere else on the Website or on the Tile Server.
Fonts, libraries, and other static assets
Web fonts (e.g. Mulish, Source Serif), the MapLibre GL JS library, icons, and other static assets used on www.maptoolkit.org and mapmaker.maptoolkit.org are served from our own infrastructure. The only external CDN used anywhere on the Website is jsDelivr on docs.maptoolkit.org, described above.
Comparison-page map previews (OpenFreeMap, VersaTiles)
On www.maptoolkit.org/compare/, our comparison pages against alternative map stacks embed live, interactive map previews rendered directly from the tile servers of OpenFreeMap and VersaTiles, so you can compare tile output side by side. When you view these pages, your browser sends tile requests - including your IP address and standard HTTP metadata - directly to OpenFreeMap's and VersaTiles' own infrastructure, independent of Maptoolkit.
OpenFreeMap acts as an independent controller for this processing; see OpenFreeMap's privacy policy at https://openfreemap.org/privacy/.
/compare/versatiles page.§ 09Your rights as a data subject
To the extent that any data we hold relates to you as a natural person, you have the following rights under the GDPR:
- right of access (Article 15);
- right to rectification (Article 16);
- right to erasure / “to be forgotten” (Article 17);
- right to restriction of processing (Article 18);
- right to data portability (Article 20);
- right to object to processing based on legitimate interest (Article 21);
- right not to be subject to automated decision-making (Article 22) - note that we do not perform any such automated decision-making.
You also have the right to lodge a complaint with a supervisory authority. The competent authority for our establishment is:
§ 10Security
Tile Server and Website traffic is delivered exclusively over TLS (HTTPS). Operational logs are stored on infrastructure within the European Union with access restricted to authorised personnel of Toursprung GmbH. We employ standard technical and organisational measures (encryption in transit, hardened access controls, regular patching) appropriate to the limited and anonymised nature of the data processed.
§ 11Changes to this Privacy Policy
We may update this Privacy Policy from time to time - for example, to reflect new endpoints, new third-party providers, or changes in the law. The current version is always available at maptoolkit.org/privacy, and the “Last updated” date at the top of this document indicates when it was last revised. Material changes (such as the introduction of new categories of logged data) will be announced on maptoolkit.org before they take effect.
§ 12Contact
Questions about this Privacy Policy, or about how we handle data in connection with the Tile Server or the Website, can be sent to: