Privacy Policy#

Last Updated: 26 March 2025

MapX is a platform developed and maintained by the GRID-Geneva unit of the University of Geneva (hereinafter UNIGE/GRID) to support environmental decision-making by transforming data into actionable information. Throughout this document, ‘we,’ ‘our,’ or ‘us’ refers to UNIGE/GRID.

This Privacy policy explains how UNIGE/GRID collects, uses, and protects the personal data of users interacting with MapX. UNIGE/GRID is committed to safeguarding user privacy and adhering to applicable data protection laws, including the General Data Protection Regulation (GDPR).

By accessing and using MapX, you agree to comply with this Privacy policy. If you do not agree to these terms, please discontinue your use of MapX.

Who We Are#

The Global Resource Information Database - Geneva (GRID-Geneva) is a partnership between the United Nations Environment Programme (UNEP), the Swiss Federal Office for the Environment (FOEN), and the University of Geneva (UniGe). Our primary role is to transform data into actionable information to support environmental decision-making. For more details about our organization, please visit https://unepgrid.ch/ .

What Data We Collect#

We collect the following data from MapX users:

  • User email: For login, authentication, and communication purposes.

  • Device and usage information:

    • Browser information: We validate encrypted session tokens using basic user agent data, which is never stored on our server.

    • IP address: We may collect your IP address for security and analytics purposes.

    • Content interaction: Some interactions and timestamps are logged for project analytics.

Why We Collect This Data#

We collect user data for the following purposes:

  1. Administering and improving MapX: To ensure MapX functions effectively and efficiently.

  2. Analyzing quality and reach: To better understand user interactions and improve user experience.

  3. Promoting safety and security: To maintain the integrity and security of our services.

  4. Contacting users: To communicate important technical updates or respond to specific user inquiries.

  5. Login and authentication: User emails are used to facilitate login and authentication, including the distribution of one-time passwords to the registered email address, ensuring secure access to MapX.

  6. Metadata identification: User emails may be displayed in metadata to identify creators, editors, or individuals with access to specific MapX materials, enhancing collaboration and traceability. Additionally, metadata may include personal information added voluntarily by metadata editors. Editors are advised to include only information appropriate for sharing and to avoid adding sensitive personal details.

How We Use and Protect Your Data#

  1. Restricted access: User data is accessed only by authorized UNIGE/GRID personnel. Occasionally, consultants may require access to perform specific tasks; in such cases, they are bound by a Non-Disclosure Agreement (NDA). User email addresses may be visible in metadata to identify creators, editors, or individuals with access to specific MapX materials; however, this information is never shared outside the MapX interface.

  2. Data security: We apply a range of technical, administrative, and physical measures to safeguard your data and prevent unauthorized access or misuse. Despite our efforts, it is important to note that no method of data transmission over the internet or storage system is entirely secure. If you believe your use of MapX is compromised, please notify us immediately so we can assist you.

  3. Third-party access: No user data is shared with third parties, except for consultants under NDA who require access for MapX-related purposes. Data is never sold or shared for commercial or marketing purposes.

User Rights#

As a user, you have the following rights under GDPR :

  • Access: You can request access to the personal data we collect and process about you.

  • Deletion: You may request the removal of your personal data from our systems.

To exercise these rights, please send an email to info@mapx.org . Requests will be processed promptly and in accordance with applicable legal requirements.

Data Retention#

We retain user data only as long as necessary to fulfil the purposes outlined in this Privacy policy. Once a user requests the deletion of their data, we ensure it is securely removed from our systems. Datasets uploaded by users that are utilized by others will be anonymized (i.e., associated with a generic user) and retained to ensure continued functionality.

External Services, Third-Party Data Providers, and User Content#

Third-Party Services and Integrations#

MapX may incorporate links to or integrations with external third-party services and data providers. These third parties operate independently of MapX and maintain separate data collection and processing protocols governed by their respective privacy policies. Users are hereby advised to review the applicable privacy policies of these third-party entities to obtain a comprehensive understanding of their data handling practices.

User-Generated Content#

Content submitted by users to the MapX platform, including but not limited to datasets, analytical materials, comments, visualizations, and other contributions (“User Content”), may contain personal data or confidential information over which MapX exercises no direct control or supervision. The management and dissemination of such User Content is subject to and governed by the privacy configuration and policy parameters selected by the submitting user at the time of submission.

MapX strongly recommends that users exercise prudent judgment and appropriate caution when disclosing personal information or confidential data through any User Content submitted to the platform. Users are advised to refrain from including sensitive personal information in publicly accessible User Content.

Limitation of Liability#

This Privacy Policy applies exclusively to data collected and processed directly by MapX. MapX expressly disclaims any responsibility or liability for:

  1. The data collection, processing, or retention practices of third-party services integrated with or linked from the MapX platform;

  2. Any consequences arising from a user’s decision to disclose personal information through User Content on the platform.

By accessing or utilizing MapX services, users expressly acknowledge and accept that MapX bears no liability for the actions, omissions, or content provided by external entities or platform users.

This provision shall be interpreted in accordance with applicable Swiss data protection laws and regulations, including but not limited to the Federal Act on Data Protection (FADP) and relevant cantonal provisions.

Updates to This Policy#

We may update this Privacy policy to reflect changes in our practices or legal requirements. Significant updates will be communicated to users via email or the MapX notification system before taking effect. A summary of changes will be provided, and users may need to accept the updated policy to continue using MapX.

For material changes affecting data collected under the previous policy, we will seek explicit consent. Data collected under earlier policies will continue to be processed under the original terms unless consent is obtained for the updated policy.

The “Last Updated” date at the top of this document indicates the most recent revision.

Contact Us#

If you have questions about this Privacy policy or our data practices, please contact us:

Physical address

GRID-Geneva
International Environment House
11, Chemin des Anémones
1219 Châtelaine
Switzerland
1st Floor A Block

Postal mail

UN Environment Programme / GRID-Geneva
Avenue de la Paix 8-14
1211 Geneva 10
Switzerland
Website: https://unepgrid.ch
Email: info@mapx.org

By using MapX, you acknowledge that you have read, understood, and agree to the terms outlined in this Privacy policy.