map.ca
Security
We care about the security of map.ca and everyone who uses it. If you think you've found a vulnerability, we want to hear from you — responsible reports help us keep the community map safe.
Scope
This policy covers map.ca and its sister surfaces — map.foundation, realmap.ca, and mapu.ca — together with our public APIs. Please don't test third-party services we depend on, and never access, change, or delete data that isn't yours.
Safe harbour
We won't pursue legal action against researchers who act in good faith: avoid privacy violations and service disruption, only interact with accounts you own or have explicit permission to test, and give us a reasonable window to fix an issue before disclosing it publicly.
How to report
Send a clear description of the issue, the steps to reproduce it, and any proof-of-concept material to our security contact. We aim to acknowledge new reports within five business days, and you're welcome to write to us in English or French.
- Security contact
- security@map.ca
- Machine-readable
- security.txt