Privacy Policy

1. Information We Collect

Account and Organization Information

When an agency or organization subscribes to NIMS Logic, we collect information necessary to establish and maintain the account. This includes agency name, contact information for designated administrators, and user credentials for authorized personnel.

Incident and Operational Data

In the course of using the platform, authorized users create and manage incident-related information. This includes data associated with incident operations, resource assignments, organizational structures, situational assessments, and related planning and logistics records. This data is created and controlled by your agency.

Personnel Information

The platform manages records about personnel involved in incident operations, including names, organizational affiliations, role assignments, qualifications, and contact information as entered by authorized agency users.

Location and Device Data

Our mobile application may collect location data from field personnel devices to support operational awareness and resource tracking. Location data is collected only when the application is actively in use and when the user has granted appropriate device permissions. We also collect basic device information (device type, operating system version, and application version) to ensure compatibility and troubleshoot issues.

Usage and Log Data

We automatically collect information about how users interact with the Services, including access times, pages and features used, and system performance data. We use server logs and similar technologies to maintain security and improve the platform.

Cookies and Similar Technologies

Our website and web application use cookies and similar tracking technologies to maintain sessions, remember preferences, and analyze usage patterns. You can control cookie settings through your browser, though some features of the Services may not function properly without them.

2. How We Use Information

We use the information we collect for the following purposes:

• Providing, operating, and maintaining the Services
• Supporting incident management operations and resource coordination
• Authenticating users and enforcing access controls
• Generating reports, analytics, and operational summaries for subscribing agencies
• Communicating with agency administrators about account-related matters, updates, and service changes
• Improving, developing, and enhancing the platform and user experience
• Ensuring the security, integrity, and availability of the Services
• Complying with applicable laws, regulations, and government record-keeping requirements

3. Data Ownership and Control

Your agency retains full ownership of all incident data, personnel records, and operational information entered into the platform (collectively, “Agency Data”). NIMS Logic does not claim any ownership interest in Agency Data.

We process Agency Data solely to provide the Services and as directed by the subscribing agency. Agency administrators maintain control over user access, data entry, and the management of information within their organizational scope.

4. Data Sharing and Disclosure

We do not sell, rent, or trade personal information or Agency Data to third parties. We may share information only in the following limited circumstances:

• Service Providers. We engage trusted third-party vendors to host infrastructure, provide technical support, and perform other services on our behalf. These providers are contractually obligated to protect data and may only use it to perform services for us.
• Multi-Agency Incidents. During multi-agency incident operations, certain operational data may be visible to authorized users from other participating agencies as configured by incident and agency administrators within the platform.
• Legal Requirements. We may disclose information when required by law, regulation, court order, or governmental authority, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers. In the event of a merger, acquisition, or sale of assets, Agency Data and associated account information may be transferred as part of the transaction. We will notify affected agencies prior to any such transfer.

5. Data Security

We implement administrative, technical, and physical safeguards designed to protect the confidentiality, integrity, and availability of information processed through our Services. These measures include:

• Encryption of data in transit and at rest
• Role-based access controls and multi-factor authentication
• Continuous monitoring, logging, and intrusion detection
• Regular security assessments and vulnerability testing
• Incident response and breach notification procedures

Our platform is hosted on government-authorized cloud infrastructure and is designed to meet the security requirements expected by public-sector agencies. While no system can guarantee absolute security, we are committed to maintaining rigorous protections commensurate with the sensitivity of the data entrusted to us.

6. Data Retention

We retain Agency Data for the duration of the subscription and for a reasonable period thereafter to allow for data export and transition. Specific retention periods may be governed by your subscription agreement or applicable record-keeping requirements, including those related to federal disaster reimbursement documentation.

Upon termination of a subscription, agencies may request export of their data. After the agreed-upon transition period, we will securely delete or de-identify Agency Data in accordance with our data disposal procedures, unless retention is required by law.

7. Your Rights and Choices

Depending on your jurisdiction and the nature of your use of the Services, you may have the following rights:

• Access and Portability. Agency administrators may access and export Agency Data through the platform's built-in tools at any time during an active subscription.
• Correction. Authorized users may update or correct personnel and incident data directly within the platform.
• Deletion. Agencies may request deletion of their data, subject to applicable legal retention requirements.
• Location Permissions. Mobile application users may enable or disable location services at any time through their device settings.
• Cookie Preferences. You may manage cookie settings through your browser. Opting out of certain cookies may affect platform functionality.

For individual data rights requests, please contact your agency administrator in the first instance. Agency administrators may contact us directly for assistance.

8. Children's Privacy

The Services are designed for use by emergency management professionals and authorized agency personnel. We do not knowingly collect personal information from individuals under the age of 13. If we become aware that we have inadvertently collected such information, we will take steps to delete it promptly.

9. Third-Party Services and Links

The Services may contain links to or integrations with third-party websites, tools, or services. This Privacy Policy does not apply to the practices of third parties. We encourage you to review the privacy policies of any third-party services you access through or in connection with the platform.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Services, or applicable law. When we make material changes, we will notify subscribing agencies through the platform or by other appropriate means, and will update the “Last Updated” date above. Continued use of the Services following notice of changes constitutes acceptance of the updated policy.

11. Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at: