Security and Privacy at Spot

Our goal is to reduce the prevalence of workplace harassment and discrimination.

Reporting harassment and discrimination can be an uncomfortable and unsafe process. We built Spot to make reporting as comfortable, secure, and accurate as possible.

Four Core Principles

With that goal in mind, we’ve structured Spot around four core security and privacy principles:

  1. Give you control
  2. Protect your data from unwanted access
  3. Align Spot’s interests with the interests of those who use Spot for reporting
  4. Conduct scientific research to better understand harassment and discrimination and identify causes of underreporting

Give you control

Spot is designed to help you record what happened as reliably as possible. We’ve adapted a technique called the Cognitive Interview, developed to increase the accuracy of police reports. We continuously work to improve our methodology.

Once you complete the interview, Spot generates a securely signed, timestamped PDF that you can download and keep in a safe place. This confidential record of your interview carries a special mark that can verify it hasn’t been modified since you created it. You can also encrypt and password-protect the PDF. The record can be used as high-quality evidence if you need it.

After sending the confidential record to yourself, you have the option to create a report to send to someone else, deleting any details that you don’t want to share. First you send this redacted version to yourself, then you can choose to have Spot email it, anonymously, to your employer. If your organization is not using Spot for Teams, you’ll get a link to a status webpage where you can see if your employer has downloaded the report sent to them. If your organization is using Spot for Teams, your organization is required to follow up with you through Spot within 10 business days.

No human sees your data unless you want them to, not even Spot employees. All interviews with Spot are private and fully automated. You are the only person who sees what you tell Spot, unless you explicitly choose to send a report to your organization or submit it for research.

Protect your data from unwanted access

We use industry-standard end-to-end encryption throughout Spot. To minimize the chances of your information being hacked or stolen, we don’t keep data around any longer than necessary.

We automatically delete reports from the Spot servers 30 days after they’re downloaded for the first time. Once you’ve downloaded your confidential record and / or your version of the report, you can choose to manually delete those documents from our servers. If you sent a version of the report to your organization and they haven’t downloaded it yet, you can manually delete that document on the status webpage.

Reports submitted by verified employees of an organization that uses Spot for Teams are treated differently. These reports can be kept by the organization indefinitely and cannot be manually deleted by the reporter. We allow organizations to keep reports so they have the information they need to take action on harassment and discrimination and to track their progress.

If you email your confidential record and report to yourself, we don’t keep your email address. If you ask Spot to send a report to your employer, we do retain their email address—if necessary, we can verify that a report was sent at a specific time to a specific recipient. At the end of your session, we delete your chat history with Spot.

If you use Spot for Teams as a verified employee, we keep your email address so that your company can follow up with you through Spot. We do not reveal your email address to your organization. You can stay anonymous even if you use Spot for Teams.

Align Spot’s interests with the interests of those who use Spot for reporting

We are very clear about whose side we’re on: we designed Spot for individual employees.

Spot will always be free to use by anyone who feels they have been treated inappropriately at work or have witnessed such treatment.

We will never sell your data or use it for advertising, targeting, or other indirect ways of making money.

Our revenue will come from working with employers who understand that what’s best for their employees is what’s best for the organization. We provide such organizations with tools to encourage reporting, manage reports, and resolve issues. If you want to learn about Spot for Teams, get in touch.

Conduct scientific research to better understand harassment and discrimination and identify causes of underreporting

Spot has a dedicated research team that compiles data on harassment and discrimination. Every time you use Spot, you’ll have the option to submit a redacted version of your report to our researchers. Submitting a report for research is an opt-in process and will not happen without your consent.

If you submit your report to us for research, we scrub it of identifying information, automatically removing details such as your name, the any other names of any other individuals, and your organization’s name.

We’ll periodically publish the results of our research so others can benefit from it.

How can we improve?

Thank you for your support and interest in our mission. To report any concerns about our security or privacy or to make suggestions for improvements, email us at security@talktospot.com.