Skip to main content
Menu

Build

Security & privacy

Private water only works if landowners, members, and conservation-sensitive places are protected. Those promises are enforced at the API boundary — not left to callers.

What the API never returns

  • Exact GPS coordinates, gate codes, or access instructions.
  • Landowner identities, contact details, or lease/financial terms.
  • Club member rosters or member PII.
  • Bookings, payments, payouts, or reservation history.
  • Guide credential documents or background-check state.
  • Internal notes and any conservation-sensitive location data.

Approximate coordinates

Property coordinates are deterministically jittered within a 2 km radius for public consumers, and the response is stamped coordinates_precision: "approximate". Exact locations are reserved for confirmed, authorized contexts inside the product — never the public API.

How it's enforced

Reads run against curated, column-limited projections (published properties only, live and background-checked guides only, public SQL views for guide and availability data). A build-time test asserts no sensitive column can enter a public allowlist, so a careless change fails CI rather than leaking data.

Key handling

Treat keys like passwords: keep them server-side, never in client bundles or mobile apps you ship. Rotate regularly and revoke immediately if exposed. We store only a hash of each secret, so we can never email it back to you — create a new one instead.

Report a vulnerability

Found a security issue? Email security@anglerpass.com. We respond quickly and credit responsible disclosure.