Security and Privacy at Spot

Our goal is to reduce the prevalence of workplace harassment and discrimination.

Reporting harassment and discrimination is an uncomfortable and sometimes unsafe process. We built Spot to make reporting as comfortable, secure, and accurate as possible.

Four Core Principles

With that goal in mind, we’ve structured Spot around four core principles:

  1. Give you control
  2. Protect your data from unwanted access
  3. Align Spot’s interests with the interests of those who use Spot for reporting
  4. Conduct scientific research to better understand harassment and discrimination and identify causes of underreporting

Give you control

No human sees your data unless you want them to, not even Spot employees. All interviews with Spot are private and fully automated. You are the only person who sees what you tell Spot, unless you explicitly choose to send a report to your company or submit it for research.

Spot is designed to help you record what happened as reliably as possible. We’ve adapted a technique called the Cognitive Interview, developed to increase the accuracy of police reports. We continuously work to improve our methodology.

Once you complete the interview, Spot generates a securely signed, timestamped PDF that you can download and keep in a safe place. This confidential record of your interview carries a special mark that can verify it hasn’t been modified since you created it. You can also encrypt and password-protect the PDF. The record constitutes high-quality evidence if you need it.

After sending the confidential record to yourself, you have the option to create a report, deleting any details that you don’t want to share. Send this redacted version to yourself, then you can choose to have Spot email it, anonymously, to your employer. You’ll get a link to a status webpage where you can see if your employer has downloaded the report sent to them.

Protect your data from unwanted access

To minimize the chances of your information being hacked or stolen, we don’t keep data around any longer than necessary. We automatically delete reports from our servers 30 days after they’re downloaded for the first time. Once you’ve downloaded your confidential record and / or your version of the report, you can also manually delete those documents from our servers. If you sent a version of the report to your company and they haven’t downloaded it yet, you can manually delete that document on the status webpage.

If you email your confidential record and report to yourself, we don’t keep your email address. If you ask Spot to send a report to your employer, we do retain their email address—if necessary, we can verify that a report was sent at a specific time to a specific recipient. At the end of your session, we delete your chat history with Spot.

We use industry-standard end-to-end encryption throughout Spot.

Align Spot’s interests with the interests of those who use Spot for reporting

We are very clear about whose side we’re on: we designed Spot for the individual employee.

Spot will always be free to use by anyone who feels they have been treated inappropriately at work or have witnessed such treatment.

We will never sell your data or use it for advertising, targeting, or other indirect ways of making money.

Our revenue will come from working with companies who understand that what’s best for their employees is what’s best for the company. We intend to provide such companies with tools to encourage reporting, manage reports, and resolve issues. If you work at such a company and want to learn about our enterprise products, get in touch.

Conduct scientific research to better understand harassment and discrimination and identify causes of underreporting

Spot has a dedicated science team that compiles data on harassment and discrimination. Every time you use Spot, you’ll have the option to submit a redacted version of your report to our science team for research. Submitting a report for research is an opt-in process and will not happen without your consent.

If you submit your report to us for research, we scrub it of identifying information, automatically removing details such as your name, your company’s name, and any other names.

We’ll periodically publish the results of our research so others can benefit from it.

How can we improve?

Thank you for your support and interest in our mission. To report any concerns about our security or privacy, or to make suggestions for improvements, email us at