RDS only collects information with your consent and only the minimum amount of personal data necessary to facilitate the use of In Case of Crisis. All data is securely handled, being encrypted in-transit and fully encrypted with registered cryptographic libraries while in storage. Specifically:
- In Case of Crisis uses individuals email addresses as their usernames.
- Optionally, a user may enter their mobile phone numbers if they’d like to opt-in for SMS text messaging services.
- Upon submission of Incident Reports within the In Case of Crisis application, a user’s information may be contained within that report, but only if they’ve allowed for their account information to be accessed for report submission and the report will specifically state the information which is being collected, such as their Location.
THE INFORMATION COLLECTED:
RDS collects information in several different areas:
- "REGISTRATION INFORMATION": You, the User, if you choose to setup an account, must provide at a minimum, a personally-identifiable email address as the username along with a secure password within In Case of Crisis registration process. We use each email address to uniquely identify accounts within our system. After setting up an account each user is given the option within the User Settings to enter other personally-identifiable information (such as phone number, your phone’s country code, and the name identifier you wish to be referred to) to assist with Collaboration services and notifications.
- "PROFILE INFORMATION": When using the In Case of Crisis Services the Clients of our services provide certain other personal information and content – such as emergency event information and responder's contact information for each event relevant to a Crisis Plan. This information will only be displayed to other Users who have your organization’s security access controls, a validated user account and password with an optional PIN to download the Crisis plan.
- "COOKIES": When you use the In Case of Crisis Services, the Services may send one or more session-only cookies (small text files containing a string of alphanumeric characters) to your computer. In Case of Crisis uses these session-only cookies to remember information so that you will not have to re-enter it during your current use of the In Case of Crisis website.
- "LOG FILE INFORMATION": When you use the In Case of Crisis Services, RDS's servers automatically record certain information about a user's usage. These server logs may include information such as a mobile device identification number and device identifier, web requests, Internet Protocol ("IP") address, browser type, browser language, referring / exit pages and URLs, platform type, number of clicks, domain names, landing pages, and pages viewed.
USE AND DISCLOSURE:
Personal information will not be released to third parties without a User's explicit permission. In Case of Crisis may provide information to third parties in aggregate with other information, which does not allow you to be identified or contacted ("Aggregate Information"). For example, we might inform third parties regarding the number of users of our site and the activities they conduct while on our site. An example of this would be if RDS informed a county or state official that "30 percent of our users live in the Southeast".
THE WAY IN CASE OF CRISIS USES INFORMATION:
- In Case of Crisis uses your personally identifiable, registration, profile, and location information to operate, maintain, and provide to you and other Users all of the features and functionality of the In Case of Crisis Services.
- To provide the basic functionality of the In Case of Crisis Services – such as alerting you of a warning message relevant to a Crisis Plan you've loaded into the app.
- In Case of Crisis uses your personally identifiable, location, and certain non-personally-identifiable information (such as anonymous log file information) to analyze trends in order to improve the quality and design of the In Case of Crisis Services and to create new features, promotions, functionality, and services.
- In Case of Crisis uses your email address or phone number (optionally) from time-to-time to send you messages from In Case of Crisis such as privacy or security related notices, notifying you of major In Case of Crisis Services updates, or for other alerting purposes.
- In Case of Crisis will not use your personally identifiable information to send commercial SMS text messages to you without your express consent.
OUR COMMITMENT TO DATA SECURITY:
In Case of Crisis uses state of the art, physical, managerial, and technical safeguards. Even though RDS uses state of the art safeguards to protect the User information we cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If In Case of Crisis learns of a security systems breach, then we will attempt to notify you electronically so that you can take appropriate protective steps in a timeframe in compliance with the required standards. In Case of Crisis may post a notice on the website upon a security breach occurs.
You may update and correct your profile information at any time using the In Case of Crisis website. To protect your privacy and security, we take reasonable steps to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times. If your account is no longer required for the purposes of the ICC services and you wish to have information removed, upon request, we will delete the account. We will also delete all data completely associated with your account (name, phone number and mobile phone country). Data you have entered within an organization’s Incident Reports and collaboration belonging to third parties will remain in existence as these are part of third party client accounts. If data has to be retained for statutory reasons, these will be blocked and will then no longer be available for any further use. You can always contact us in order to delete your Personal information from our systems by e-mailing us at firstname.lastname@example.org
OUR COMMITMENT TO CHILDREN'S PRIVACY:
In Case of Crisis does not knowingly allow children under the age of thirteen (13) to register due to RDS's full compliance with the Children's Online Privacy Protection Act, which prohibits the online collection of personal information from people under 13.
IF YOU ARE UNDER 13 YEARS OF AGE, THEN PLEASE DO NOT USE OR ACCESS THE INCASEOFCRISIS SERVICES AT ANY TIME OR IN ANY MANNER. If In Case of Crisis learns that personally-identifiable information of persons less than 13-years-of-age has been collected without verifiable parental consent, In Case of Crisis will take the appropriate steps to remove this information.
EFFECTIVE DATE, DATE LAST MODIFIED: June 6, 2018.
I HAVE READ THIS AGREEMENT AND AGREE TO ALL OF THE PROVISIONS CONTAINED ABOVE.