Is my Smartsheet geographic data secure?

Geographic data is often highly sensitive, containing private client addresses, asset locations, and competitive territory insights. At SmartSyncApp, we treat security as a fundamental feature, not an afterthought. GeoMap is built on a "Zero-Retention" architecture, ensuring that your data remains where it belongs: inside your secure Smartsheet environment.

The Security Architecture: OAuth 2.0

GeoMap never asks for your Smartsheet password. Instead, we use **OAuth 2.0**, the same secure authentication protocol used by major enterprise platforms like Google and Microsoft. When you authorize GeoMap, Smartsheet issues a temporary "Token" that allows us to read only the specific sheets you choose. You can revoke this token at any time directly from your Smartsheet account settings, instantly terminating our access and ensuring you have absolute control over your data footprint.

Data Privacy & Encryption

1. **Zero Data Storage:** Unlike other mapping tools that import your data into their own databases, GeoMap is a "Pass-Through" visualizer. We pull the data in real-time, render the map pins in your browser, and then the data is purged when the session ends. We do not maintain a secondary copy of your client or asset lists on our servers.
2. **End-to-End Encryption (TLS 1.3):** Every piece of data moving between Smartsheet, our servers, and your browser is encrypted using TLS 1.3. This prevents "Man-in-the-Middle" attacks and ensures that even if data packets are intercepted, they are unreadable.
3. **Shared Link Obfuscation:** Our public map links use long-form, cryptographically secure URLs that are impossible to "Guess" or brute-force. This adds a layer of "Security through Obscurity" for your public visualizations.

SME Strategy: GDPR & CCPA Compliance

For organizations operating in Europe or California, the "Right to be Forgotten" and data residency are critical concerns. Because GeoMap does not store your data, complying with GDPR and CCPA requests is simplified. If a client requests their address be removed, you simply delete the row in Smartsheet, and that data is gone from the map instantly. There are no "Shadow Backups" for you to track down and purge. We recommend using our "Password Protection" feature for any map containing Personally Identifiable Information (PII) to ensure that your geographic visualizations meet the highest standards of enterprise privacy compliance.