ResponderRMS may collect information directly from users, agencies, devices, and third-party service providers in order to provide, secure, operate, and improve the Service.

Account Information

• Name
• Email address
• Phone number, if provided
• Agency, department, company, organization, or employer affiliation
• Role, rank, title, unit, station, or assignment
• Login credentials and authentication identifiers
• User permissions, access level, and account status

Operational and Agency Data

Depending on how an agency configures and uses ResponderRMS, the Service may store or process data such as:

• Incident information
• CAD or dispatch-related information
• Apparatus, unit, vehicle, or resource information
• Personnel, staffing, roster, and response information
• Hydrant, preplan, inspection, equipment, inventory, training, grant, and reporting information
• Status updates, timestamps, notes, forms, checklists, reports, and audit-related activity
• Uploaded documents, images, attachments, or photos

Agencies and authorized users are responsible for ensuring that information entered into the Service is lawful, accurate, appropriate, and permitted under agency policy.

Location Information

ResponderRMS may collect or process location information when location-based features are enabled or permitted, including:

• Device GPS location
• Apparatus, unit, responder, or resource location
• Incident location
• Hydrant, preplan, hazard, inspection, or map-related location data
• Geocoding, reverse-geocoding, routing, mapping, or location-derived information

Location information may be used to support mapping, resource awareness, response workflows, accountability, incident management, and related operational features. Location accuracy depends on device settings, GPS signal, network availability, third-party mapping services, and other factors outside our control.

Photos, Files, and Attachments

Users may upload photos, images, documents, or other attachments into the Service. These may include images related to equipment, apparatus, preplans, inspections, reports, hydrants, incidents, facilities, or other agency workflows. Users and agencies are responsible for ensuring that uploaded content is appropriate, authorized, and compliant with applicable law and agency policy.

Device, Usage, and Technical Information

• Device type, operating system, browser, and app version
• IP address
• Log data
• Crash reports
• Diagnostic information
• Authentication events
• Security events
• Feature usage
• Performance data
• Push notification tokens
• Firebase identifiers or similar service identifiers

This information helps us operate, secure, troubleshoot, support, and improve the Service.

ResponderRMS uses third-party infrastructure and service providers to operate the Service. These may include:

• Google Firebase
• Google Cloud services
• Firebase Authentication
• Firebase Firestore
• Firebase Storage
• Firebase Cloud Messaging
• Firebase Hosting
• Apple services for iOS app distribution, notifications, and device functionality
• Google Play services for Android app distribution, notifications, and device functionality
• Mapping, geocoding, email, hosting, analytics, crash reporting, or similar service providers

These third parties may process data as needed to provide hosting, authentication, storage, messaging, notifications, security, diagnostics, analytics, and related services. Your use of the Service may also be subject to the privacy policies and terms of those third-party providers.

ResponderRMS may use collected information to:

• Provide and operate the Service
• Authenticate users
• Manage accounts, agencies, roles, and permissions
• Store and display agency data
• Support CAD, RMS, mapping, reporting, personnel, apparatus, incident, and operational workflows
• Send push notifications, emails, alerts, or service-related communications
• Provide customer support
• Troubleshoot bugs and technical issues
• Monitor performance and reliability
• Improve features and user experience
• Protect against unauthorized access, abuse, fraud, or security threats
• Maintain audit logs and operational records
• Comply with legal, contractual, and regulatory obligations

We may also use aggregated, anonymized, or de-identified information for analytics, benchmarking, security, product development, and service improvement, provided that such information does not identify a specific person, agency, incident, or customer.

ResponderRMS does not sell user personal information.

We may share information in the following limited circumstances:

With Authorized Agency Users

Information may be visible to authorized users within the same agency, organization, department, company, or account depending on roles, permissions, and configuration.

With Service Providers

We may share information with vendors and service providers that help us operate the Service, including cloud hosting, authentication, storage, notifications, diagnostics, analytics, security, and support providers.

With an Agency or Customer Administrator

If your account is provided through or associated with an agency, department, municipality, company, or organization, account administrators may be able to access, manage, export, retain, or delete information associated with that account.

For Legal, Safety, or Security Reasons

• Comply with law, subpoena, court order, public records request, or legal process
• Protect the rights, safety, property, or security of ResponderRMS, users, agencies, responders, or the public
• Investigate fraud, abuse, unauthorized access, or security incidents
• Enforce our Terms of Service or agreements

Business Transfers

If ResponderRMS is involved in a merger, acquisition, financing, restructuring, sale of assets, or similar transaction, information may be transferred as part of that transaction, subject to appropriate protections.

ResponderRMS retains information for as long as reasonably necessary to provide the Service, support agency operations, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and satisfy legitimate business needs.

Retention periods may vary depending on:

• The type of data
• Agency configuration
• Contractual requirements
• Legal or regulatory obligations
• Backup and security requirements
• Whether the account remains active
• Whether the agency has requested deletion or export

Agencies remain responsible for their own records retention, public records, FOIL/FOIA, evidence preservation, legal holds, medical records, employment records, and other official recordkeeping obligations. ResponderRMS is not intended to be the sole official records repository unless expressly agreed in writing.

Users may request deletion of their account through available in-app account deletion features, including the Delete Account option where available.

When a user deletes an account, ResponderRMS may delete or de-identify account-level personal information, subject to the following limitations:

• Information required for legal, security, fraud-prevention, billing, dispute-resolution, or compliance purposes may be retained.
• Information that belongs to or is controlled by an agency, department, municipality, company, or organization may be retained under that agency’s account, records policy, contract, legal obligations, or operational needs.
• Backup copies may persist for a limited period before being overwritten or deleted.
• Audit logs, security logs, incident records, reports, or operational records may be retained where necessary for integrity, accountability, legal compliance, or agency recordkeeping.

Users may also contact ResponderRMS to request account deletion, correction, or assistance at info@responderrms.com.

Agency users should understand that some data may need to be requested through their agency administrator because the agency may control the relevant records.

Depending on device settings and app configuration, users may be able to control access to:

• Location services
• Camera
• Photos
• Notifications
• Microphone, if applicable
• Background location, if applicable

Disabling certain permissions may limit or prevent some Service features from working properly.

ResponderRMS uses commercially reasonable administrative, technical, and physical safeguards designed to protect information. However, no internet, mobile, cloud, or electronic system is completely secure. Users and agencies are responsible for maintaining secure devices, protecting credentials, managing access, removing inactive users, and following appropriate cybersecurity practices.

ResponderRMS is intended for use by agencies, organizations, and authorized users who are at least 18 years old. The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

ResponderRMS may be used in public-safety, emergency-services, healthcare-adjacent, law-enforcement-adjacent, municipal, or operational environments.

Users and agencies must not upload Protected Health Information, Criminal Justice Information, evidence, legally restricted records, or other regulated sensitive information unless authorized by law, agency policy, and a written agreement with ResponderRMS that expressly permits such use.

We may update this Privacy Policy from time to time. When we make changes, we will update the effective date above. Continued use of the Service after changes become effective means you accept the updated Privacy Policy.

Questions, requests, or concerns about this Privacy Policy may be sent to:

ResponderRMS
Email: info@responderrms.com