How is my scan data secured?

The Short Answer

Canvas is most often used to capture very personal and private spaces. Whether it’s your own home, a client’s home, or a secure commercial facility, we know that security and privacy are at the top of our customers’ mind. As such, we place the utmost importance on both security and transparency about how your data is handled. 

We have detailed answers to common questions below, but overall we follow three basic principles:

  1. Your data is never uploaded without an opt-in action.
  2. Your data is only ever “touched” when necessary to help serve you.
  3. Your data is your data.

You may also be interested in reading our latest terms of service and privacy policy.


The Long Answer

The following FAQs are intended to cover the most common questions we are asked by customers. If you have any further questions to feel comfortable and confident in how your data is handled, please don’t hesitate to reach out to support@canvas.io.

Where is my data stored?

All scan data is by default only stored on your device. If you do not explicitly choose to upload your scan data, it will never hit our servers in any way. 

Any uploaded data is transferred with secure HTTPS connections via our secure cloud infrastructure using modern encryption technologies. The data itself is stored on U.S. servers using Amazon Web Services (AWS), a leading provider of cloud infrastructure which itself applies its own additional encryption and security practices.

How long is my data stored?

We do not currently automatically delete data from our servers, so that customers can continue to retrieve data from old orders as well as add on to existing spaces. 

Abiding by the principle of “Your data is your data,” we are always happy to honor deletion requests for any uploaded data as well as GDPR forget-me requests, with the sole exception of orders opted into our Research Opt-In Program. If you would like to request the removal of any uploaded data, please reach out to support@canvas.io.

Who can access my data and for what purposes?

In short, absolutely no one accesses customer scan data unless they are actively processing an order that requires human touch (e.g., a Scan To CAD order), reviewing your order to provide technical support, or in aggregate to improve our products and services. 

If you have not uploaded your data, it never touches our servers, and there is no way for anyone to access your data.

If you have placed a reprocess only order, or you are simply uploading your scan for sharing via the web viewer, there is zero human involvement in processing your order. The only reason a human would interact with this order is if you are requesting technical support related to it. 

If you have placed a Scan To CAD order, there is human involvement in the processing of your data, as Scan To CAD is a semi-automated pipeline that includes a mix of both automated computer vision technology as well as human operators. The majority of the work is done by software to recreate your space and generate CAD geometry, with highly trained human operators using specialized tools overseeing the process — ensuring the files you get back are design-ready and professional-grade for your chosen output format. All Scan To CAD orders are processed by our dedicated team, who only have access to data for the duration and purpose of order processing under tightly controlled conditions.