Effective August 20, 2019

‍

Welcome!

‍

Welcome to RapidDeploy. This Privacy Policy (“Policy”) describes how we collect, process, and share your Personal Data. We also describe Users' rights and choices with respect to how we process your personal data and other important information. Please read this Policy carefully.

For further information related to our Human Resources Privacy Policy, please click here. For individuals, customers, partners and suppliers based in the Republic of South Africa, please click here for our South African PAIA Manual. For further information regarding our Information Security Policy, please click here.

‍

Who We Are

‍

This is the Policy of RapidDeploy Inc. (“RapidDeploy,” “us,” “our,” or “we”), a Delaware corporation with offices at 310 Comal St, Suite 200, #205, Austin, TX 78702. Our contact information is below.

‍

Applicability

‍

This Privacy Policy applies to our “Services” which include our websites that link to/post this Privacy Policy, (including any subdomains or mobile versions the “Site(s)”), our Nimbus CAD and other software applications (“Platform”), and RapidDeploy’s mobile applications (the “Mobile App(s)”).

‍

Agreement

‍

This Policy is incorporated into the Terms of Use governing your use of any of our Services. Any capitalized terms not defined in this Privacy Policy will have the definitions provided in our Terms of Use.

Your use of our Services indicates your acknowledgement of practices described in this Policy.

‍

Third Parties and Our Role

‍

RapidDeploy is a service provider to governments, emergency services agencies, and other public safety organizations (our “Clients”). Our Services enable our Clients, dispatchers, first responders, and other users associated with a Client (“Client Users”) to complete and track emergency incidents, manage first responder teams, and analyze and obtain insights about emergency incidents and incident response.

‍

This Policy only addresses how RapidDeploy processes Personal Data. This Policy does not apply to our Clients, or describe how our Clients process Personal Data, including the Personal Data we collect or process on their behalf. Our Clients may process your Personal Data (including while using our Service) in ways that are not described in, or that are different from, the practices described in this Policy.

‍

This Policy also does not apply to information processed by other third parties, for example, when you visit a third-party website or interact with third-party services. Please review any third party’s privacy policy before disclosing information to them.

‍

Processing of Personal Data

‍

Types of Personal Data We Process

‍

We may process the following categories of data that relate to identified or identifiable individuals (“Personal Data”)

‍

Note: Specific Personal Data elements listed in each category are only examples and may change):

‍

Identity Data: Personal Data about you and your identity, such as your name, ID/driver’s license number, gender, date of birth, photo/avatar, username, persistent user identifiers/ID number, and biographical information.

‍

Contact Data: Personal Data used to contact an individual, e.g. email address(es), physical address(es), phone number(s), or usernames/handles for online services.

‍

Device/Network Data: Personal Data relating to your device, browser, or application, e.g. IP addresses, MAC addresses, application ID/AdID/IDFA, identifiers from cookies, session navigation history and similar browsing metadata, and other data generated through applications and browsers, including cookies and similar technologies.

‍

Audio/Visual Data: Personal Data contained in connection with audio or visual recordings or other audio/video content.

‍

Incident Data: Information about a reported incident, including:

‍

“Incident Metadata” comprised of general information RapidDeploy creates about an incident, such as call type, incident category, responder category, and location. Incident Metadata may include Personal Data such as Device/Network Data or Location Data, but will not include Identity Data or Special Category Data.

‍

“Incident Records” comprised of content provided by Client Users, such as descriptions of the incident and response, and other content or records they append to the incident report relating to the incident or individual reporting the incident. Incident Records may include Personal Data and Special Category Data to the extent provided by the Client User.

‍

Inference Data: Personal Data inferred about personal characteristics and preferences, such as demographics, interests, behavioral patterns, psychological trends, predispositions, or behavior.

‍

Location Data: Personal Data relating to your precise location, such as information collected through your device’s GPS, WiFi, or other precise localization service.

‍

Special Category Data: Personal Data revealing racial, national, or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health information, or information relating to sex life or sexual orientation.

‍

How We Collect Personal Data

‍

We collect Personal Data in various ways, which vary depending on the context in which we process that Personal Data:

‍

Data we collect from you: We collect Personal Data from you directly, for example, when you complete a registration form or directly interact with our Service.

‍

Data we receive from others: We receive Personal Data from third parties with whom we or a Client have a relationship. For example, we may receive certain Personal Data from Clients or via integrations with our Clients’ third-party service providers.

‍

Data collected automatically: We may collect certain Personal Data automatically, for example, we collect Device/Network Data automatically using cookies and similar technologies when you browse our Site.

‍

How we Process Personal Data: Client Services

‍

Client User Account Registration

‍

Data: We process Identity Data, Device/Network Data, and Contact Data when Client Users register and create an account on our Services.

‍

Uses: On behalf of the Client, we use Identity Data, Device/Network Data and Contact Data as necessary to create, maintain, and provide Client Users with information about their account and services/features they request. Subject to Users’ rights and choices, we may also use Identity Data and Device/Network Data in connection with aggregate analytics and internal processes and service improvement, and we may use your Contact Data in connection with marketing communications.

‍

Platform Use

‍

Data: We process Identity Data, Contact Data, and Device/Network Data when Client Users access and use our Platform.

‍

Uses: On behalf of the Client, we use Identity Data, Device/Network Data, and Contact Data as necessary to provide our Service, operate the Platform, and carry out the processes and transactions the Client or its Client Users request. Subject to Users’ rights and choices, we may also use Identity Data and Device/Network Data to improve our Services and in connection with aggregate analytics and internal processes and service improvement.

‍

Mobile Application

‍

Data: If you use our Mobile Apps, we typically process Identity Data, Contact Data, Device/Network Data, and when authorized, Location Data.

‍

Uses: On behalf of the Client, we process the Identity Data, Contact Data, Device/Network Data, and Location Data as necessary to create your account and deliver the Service and fulfill Clients’ and Client Users’ requests. Where authorized by the Client or Client User (as appropriate) and subject to Users’ rights and choices, we may also process Identity Data, Contact Data, Device/Network Data, and Location Data on the Client’s behalf in connection with Client User location tracking and reporting to the Client, for duty assignment and equipment tracking, and to populate or append to Incident Reports. Finally, Subject to Users’ rights and choices, we may use the Identity Data, Device/Network Data, and Location Data in connection with aggregate analytics and internal processes and service improvement.

‍

Incident Communications and Reports

‍

Data: When someone calls in or otherwise reports an incident to a Client, or where a Client User reports or responds to an Incident, on behalf of that Client, we may process Identity Data, Audio/Visual Data, Contact Data, Device/Network Data, Incident Data, and Inference Data. When authorized, we may also collect Location Data if the reporting/responding party chooses to share their location or additional Audio/Visual Data if the reporting/responding party chooses to share video or images from their device. This Personal Data may contain or reveal Special Category Data.

‍

Uses: Identity Data, Audio/Visual Data, Contact Data, Device/Network Data, Incident Data, and Inference Data used in Incident Reports are processed by RapidDeploy on behalf of its Clients as necessary to perform the services requested by Client (e.g. emergency response functions, call recording and analysis, incident documentation, incident analysis and management, etc.) Additionally, subject to Users’ rights and choices, we may process Device/Network Data or Location Data included in any Incident Metadata in connection with aggregate analytics and internal processes and service improvement.

‍

How We Process Personal Data: RapidDeploy

‍

Cookies and Similar Technologies

‍

Data: We, and certain third parties, may process Device/Network Data and Inference Data when you interact with cookies and similar technologies on our Site. We may receive this data from third parties to the extent allowed by the applicable partner. Please note that the privacy policies of third parties may apply to these technologies and information collected.

‍

Uses: In connection with our legitimate interests in providing and improving the user experience and efficiency of our Services, and understanding information about the devices and demographics of visitors to our Services, we use the Device/Network Data and Inference Data (i) for “essential” or “functional” purposes, such as to enable various features of the Services such as your browser remembering your username or password, maintaining a session, or staying logged in after a session has ended; and (ii) for analytics and site performance purposes, such as tracking how the Services are used or perform, how users engage with and navigate through the Services, what sites users visit before visiting our Services, how often they visit our Services, and other similar information.

‍

Note: Some of these technologies can be used by third parties to identify you across platforms, devices, sites, and services. Clients may also have access to information, such as reports and analytics, generated through these services. See Users’ rights and choices for information on how to opt out of the use of these technologies.

‍

Marketing Communications

‍

Data: We may process Identity Data, Device/Network Data and Contact Data in connection with email marketing communications, including, where allowed: (i) when you register for an account, and choose to enroll, or are enrolled by the Client, to receive marketing communications; (ii) when you contact us directly, or express an interest in our products and services; and (iii) when you open or interact with our marketing communications.

‍

Uses: We use Identity Data and Contact Data as necessary to provide marketing communications, and consistent with our legitimate business interests, we may send you marketing and promotional communications if you sign up for such communications or purchase services from us. We may also process Device/Network Data and Contact Data when you interact with our communications in connection with our interest in understanding communication response and open rates. See Users’ rights and choices for information about how you can limit or opt out of this processing.

‍

Aggregate Analytics

‍

Data: We process Identity Data, Device/Network Data, Incident Data, Inference Data, and Location Data, in connection with our creation of aggregate analytics.

‍

Uses: Subject to Users’ rights and choices, we use this data to create aggregate analytics relating to trends in how our Services are used and perform, about incident response patterns and response times, device usage, incident trends, to understand which aspects of our products and services most relevant to users, and to create other reports regarding patents in incidents and the use of our Services that we or our Client may request from time to time. Aggregate analytics will not contain information from which an individual may be reasonably re-identified.

‍

Internal Processes and Service Improvement

‍

Data: We process Identity Data (de-identified so that an individual is not personally identifiable), Device/Network Data, Incident Data, Inference Data, and Location Data in connection with our work improving our internal processes and our Service.

‍

Uses: We may use any Personal Data we process through our Services as necessary in connection with our business interests in improving the design of our Services, to create a personalized user experience (such as greeting you by name, or associating Client Users with Clients and Platform versions), and for ensuring the security and stability of the Platform. Additionally, we may use this data to understand what parts of our Services are most relevant to users, how users interact with various aspects of our Platform, how our Services perform or fail to perform, etc., or we may analyze use of the Services to determine if there are specific activities that might indicate an information security risk to the Services or our Clients and Authorized Users. We may also use this information in connection with the provision of new features, products, and analytics tools to be used by other Clients. See Users’ rights and choices for information about how you can limit or opt out of this processing.

‍

How We Process Personal Data: Other

‍

If we process Personal Data in connection with our Services in a way not described in this Policy, this Policy will still apply generally (e.g. with respect to Users’ rights and choices) unless otherwise stated when you provide it.

‍

Note that we may, without your consent or further notice to you, and to the extent required or permitted by law, process any Personal Data subject to the Policy for purposes determined to be in the public interest or otherwise required by law. For example, we may process information as necessary to fulfil our legal obligations, to protect the vital interests of any individuals, or otherwise in the public interest or as required by a public authority. Please see the data sharing section for more information about how we disclose Personal Data in extraordinary circumstances.

‍

For purposes of the California Consumer Privacy Act, we do not sell consumers’ personal information.

‍

Data Sharing

‍

Information we collect may be shared with a variety of parties, depending upon the purpose for and context in which that information was provided. We generally transfer Personal Data to the following categories of recipients:

‍

Clients: We process data on behalf of Clients and may share Personal Data with Clients to the extent such information was provided to us for processing on the Client’s behalf, subject to the data sharing choices and configurations made by the Client. For example, any Incident Data, Identity Data, Contact Data, Location Data, Device/Network Data, Audio/Visual or other Personal Data provided by a Client User or processed on the Client’s behalf may be shared with Clients.

‍

Client Users: Depending on the settings of the Client, we may share certain information about Client Users with other Client Users, such as Identity Data, Contact Data, Device/Network Data, Audio/Visual and/or Location Data when (i) a Client User is responding to an incident; (ii) when a Client User is associated with a Client that authorizes sharing of other Client Users for operational reasons; and (iii) when Client Users are logged in to the Mobile App.

‍

Business Purposes: In connection with our general business operations, product/service improvements, to enable certain features, and in connection with our other legitimate business interests or other business purposes, we may share your Personal Data with service providers or subprocessors who provide certain services or process data on our behalf. For example, we may use cloud-based hosting providers to host our services or may disclose information as part of our own internal operations, such as security operations, internal research, etc. When we disclose information for business purposes we may disclose Identity Data, Contact Data, Device/Network Data, Audio/Visual Data, Inference Data, Incident Data, Location Data, and Special Category Data.

‍

Affiliates: In order to streamline certain business operations, develop products and services that better meet the interests and needs of our customers, and inform our customers about relevant products and services, we may share your Personal Data with any of our current or future affiliated entities, subsidiaries, and parent companies.

‍

Successors: Your Personal Data may be shared if we go through a business transition, such as a merger, acquisition, liquidation, or sale of all or a portion of our assets. For example, Personal Data may be part of the assets transferred, or may be disclosed (subject to confidentiality restrictions) during the due diligence process for a potential transaction.

‍

Lawful Recipients: In limited circumstances, we may, without notice or your consent, access and disclose your Personal Data, any communications sent or received by you, and any other information that we may have about you to the extent we believe such disclosure is legally required, to prevent or respond to a crime, to investigate violations of our Terms of Use, or in the vital interests of us or any person.

‍

Note: these disclosures may be made to governments that do not ensure the same degree of protection of your Personal Data as your home jurisdiction. We may, in our sole discretion (but without any obligation), object to the disclosure of your Personal Data to such parties.

‍

Terms & Privacy  

‍

Terms of Use  

‍

By using this website and its web applications, you agree to the following Terms of Use. “RapidDeploy” refers to RapidDeploy, Inc. a registered company in the United States of America.

‍

Intellectual Property (IP) rights unless otherwise indicated, the website, web applications and its contents are provided by us which are protected by copyright and other laws of the United States of America and/or foreign countries. We reserve all intellectual property rights not expressly granted in these Terms of Use.  

‍

You may not use any of the content and relevant information, marks or logos in any press release, advertisement, or other promotional or marketing material or media, whether in written, oral, electronic, visual or any other form, except if expressly permitted in writing by RapidDeploy. To request this written permission, use the contact us feature on this website.  

‍

Disclaimer  

‍

This website (including without limitation any content or other part thereof) contains general information only, and should not be regarded as professional advice or services.  

‍

This website is provided as is, and we make no express or implied representations or warranties regarding it. RapidDeploy will not be liable for any loss, harm, damage, expense, claim or complaint caused by the use of this website  

‍

Limitation of liability  

‍

Your use of this website and web applications is at your own risk and you assume full responsibility and risk of loss resulting from your usage, including, without limitation, with respect to loss of service or data.  

‍

RapidDeploy does not warrant that this website will be secure, error-free or free from viruses or malicious code. Certain links on this website may lead to websites, resources or tools maintained by third parties over whom we have no control. We are not responsible or liable for the privacy or security practices of other web sites or the misuse of information by other web sites.  

‍

The above disclaimers and limitations of liability are applicable to the fullest extent permitted by law, whether in contract, statute, delict (including, without limitation, negligence) or otherwise. We reserve the right to amend the contents of this Terms of Use. The amended version will be available on the website. If you have any questions, you may use the contact us feature on this website.

‍

It is your responsibility to be aware of any such revised Terms of Use by reading this webpage. Your continued use of this website and web applications following changes to these Terms of Use constitutes your agreement to the revised Terms of Use.

‍

ISO/IEC 27001:2022 Information Security Management Compliance

‍

RapidDeploy is ISO/IEC 27001:2022 certified for the integration of the public safety workflow from caller to first responder. ISO/IEC 27001 framework is the international standard for information security management systems (ISMS), audits and requirements. They also enable organizations of all sectors and sizes to manage the security of assets such as financial information, intellectual property, employee data and information entrusted by third parties.

‍

Users’ Rights and Choices

‍

Users’ Rights

‍

To the extent required under applicable law, and subject to our rights to limit or deny access/disclosure under applicable law, you may have the following rights in your Personal Data. You may exercise your rights by contacting us at the address below.

‍

Note: RapidDeploy is primarily a processor of its Clients’ personal data. We may notify Clients of your rights requests, however, we may be unable to directly fulfill rights requests regarding Personal Data unless we are the control that information, or have the necessary rights of access. RapidDeploy may not have access to or control over all or some Personal Data controlled by Clients. Please contact the Client directly for data rights requests regarding Client-controlled information, and we will assist the Client as necessary to complete your request.

‍

Access: You may receive a list of your Personal Data that we process to the extent required and permitted by law.

‍

Rectification: You may correct any Personal Data that we hold about you to the extent required and permitted by law. You may be able to make changes to much of the information you provided directly via the Service via your account settings menu.

‍

Erasure: To the extent required by applicable law, you may request that we delete your Personal Data from our systems.

‍

Data Export: To the extent required by applicable law, we will send you a copy of your Personal Data in a common portable format of our choice.

‍

Direct Marketing: Residents of California (and others to the extent required by applicable law) may request a list of Personal Data we have disclosed about you to third parties for direct marketing purposes during the preceding calendar year. This request must be written, signed, and mailed to us.

‍

Regulator Contact: You may have the right to contact or file a complaint with regulators or supervisory authorities about our processing of Personal Data. To do so, please contact your local data protection or consumer protection authority.

‍

California Rights: Residents of California (and others to the extent required by applicable law) may request a list of Personal Data we have disclosed about you to third parties for direct marketing purposes during the preceding calendar year. Upon receipt of a verifiable request, you may also request that we provide you a copy of your Personal Data, direct us to stop selling or disclosing Personal Data for certain purposes (if we have done so), and receive information regarding: (i) the categories of Personal Data we have collected about you, or that we have sold, or disclosed for a commercial purpose; (ii) the categories of sources from which your Personal Data was collected; (iii) the business or commercial purpose for which we collected or sold your Personal Data; (iv) the categories of third parties with whom we have disclosed your Personal Data, or sold, or disclosed it for a business purpose; and (v) the specific pieces of Personal Data we have collected about you.

‍

Note: We may require that you provide additional Personal Data to exercise these rights, e.g. information necessary to prove your identity.

‍

Users’ Choices

‍

It is possible for you to use some of our Services without providing any Personal Data, but you may not be able to access certain features or view certain content. To the extent required under applicable law, and subject to our rights under applicable law, you may have the following choices regarding the Personal Data we process.

‍

Note: RapidDeploy processes Personal Data primarily on behalf of its Clients. Some choices may be available only to certain Clients and Client Users, and your choices may be limited based on a Clients’ specifications and requirements.

‍

Consent: If you consent to processing, you may withdraw your consent at any time, to the extent required by law.

‍

Direct Marketing: You have the choice to opt-out of or withdraw your consent to processing related to direct marketing communications. You may have a legal right not to receive such messages in certain circumstances, in which case, you will only receive direct marketing communications if you consent. You may exercise your choice via the links in our communications or by contacting us re: direct marketing. To opt-out of the collection of information relating to email opens, configure your email so that it does not load images in our emails.

‍

Location Data: You may control or limit Location Data that we collect using our Mobile App by changing your preferences in your device’s location services preferences menu, or through your choices regarding the use of Bluetooth, WiFi, and other network interfaces you may use. Additionally, to disable tracking and sharing of location data collected through our Mobile App, you can disable location services for RapidDeploy in your settings menu, log out of the Mobile App, or (if supported by the Client) update your status to “off-duty.”

‍

Cookies and Similar Tech: If you do not want information collected using cookies and similar technologies, you can manage/deny cookies (and certain technologies) using your browser’s settings menu, or any menus we may make available to you. You must opt out of third party services directly via the third party. For example, to learn more about or opt-out of Google’s analytics services, visit Google Analytics Terms of Use, the Google Privacy Policy, or Google Analytics Opt-out. Please note, currently our Service does not respond to your browser’s do-not-track request.

‍

Other Processing: You may have the right under applicable law to object to our processing of your Personal Data that we undertake without your consent as in connection with our legitimate business interests. You may do so by contacting us re: data rights requests. Note that we may not be required to cease, or limit processing based solely on that objection, and we may continue processing cases where our interests in processing are balanced against individuals’ privacy interests.

‍

Security

‍

We follow and implement reasonable security measures to safeguard the Personal Data we process. However, we sometimes share Personal Data with, or process data on behalf of third parties, as noted above. While we may require our service providers to follow certain security practices, we do not have control over and will not be liable for third parties’ security processes. We do not warrant perfect security and we do not provide any guarantee that your Personal Data or any other information you provide us will remain secure.

‍

Data Retention

‍

We retain Personal Data for the periods stated above, or if none, for so long as it remains relevant to its purpose or for so long as is required by law (if longer). As we process Personal Data on behalf of Clients, we may retain information for the periods requested by the Client or delete information upon the Client’s request. We will review retention periods periodically, and if appropriate, we may de-identify or anonymize data held for longer periods.

‍

Minors

‍

Our Services are intended for use by Clients and Client Users and are neither directed at nor intended for direct use by individuals under the age of 16. Do not access or use the Services if you are not of the age of majority in your jurisdiction.

‍

International Transfers

‍

We operate and use service providers located in the United States. If you are located outside the U.S., your Personal Data may be transferred to the U.S. The U.S. may not provide the same legal protections of Personal Data as your home country. If you are a resident of the European Union, your Personal Data may be transferred pursuant to the Standard Contractual Clauses, or other adequacy mechanisms, or pursuant to exemptions provided under EU law.

‍

Changes to Our Privacy Policy

‍

We may change this Privacy Policy from time to time. Changes will be posted on this page with the effective date. Please visit this page regularly so that you are aware of our latest updates. Your acknowledgement of these changes, or use of the Services following notice of any changes (as applicable) indicates your acceptance of any changes.

‍