Privacy Policy

WFPD Records

Effective Date: June 21, 2026

1. Introduction

WFPD Records ("the Platform," "we," "us," or "our") is a fire and EMS department operations management platform. This Privacy Policy explains how we collect, use, store, and protect the personal information of our users ("you" or "members"). By using the Platform, you acknowledge and agree to the practices described in this policy.

2. Information We Collect

2.1 Account Information

When your department creates an account for you, we collect your name, email address, phone number, and a securely hashed password. We also store your profile photo if one is uploaded.

2.2 Member Profile Data

To support department operations, your organization may enter additional personnel information, including:

  • Contact details (address, secondary phone numbers, personal email)
  • Demographic information (date of birth, gender)
  • Employment details (rank, station assignment, membership status, join date)
  • Identification numbers (driver's license, employee number)
  • Emergency contact information
  • Equipment sizing (uniform, PPE, SCBA)
  • Certifications and credentials

2.3 Health & Safety Data

For member safety and regulatory compliance, the Platform may store health-related information as entered by authorized department personnel, including:

  • Medical conditions, allergies, and current medications
  • Immunization records
  • Fitness test and medical exam results
  • Exposure records (chemical, biological, or other occupational exposures)

This data is accessible only to authorized personnel within your department and is used solely for operational and compliance purposes.

2.4 Usage & Device Data

We automatically collect certain technical information when you use the Platform:

  • IP address and browser/device information (user agent)
  • Login timestamps and session activity
  • Device tokens for push notification delivery

2.5 Location Data

The Platform may collect geographic coordinates in the context of incident response, mapping features, and address geocoding. Location data is used to support operational awareness and is not used for commercial tracking or advertising.

3. How We Use Your Information

We use the information we collect to:

  • Provide and operate the Platform's core functionality
  • Manage department personnel, scheduling, and compliance tracking
  • Send notifications, alerts, and operational communications
  • Support incident response coordination and mapping
  • Maintain audit logs for accountability and regulatory compliance
  • Authenticate users and protect account security
  • Deliver push notifications to your registered devices

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4. Third-Party Services

We use the following categories of third-party services to operate the Platform:

  • Email delivery: Transactional emails (notifications, alerts) are sent through third-party email service providers.
  • Push notifications: Firebase Cloud Messaging (Google) is used to deliver push notifications to mobile and web devices.
  • Geocoding: Google Geocoding API is used to convert addresses to map coordinates.
  • Mapping: OpenStreetMap tile data is used to render maps within the Platform.

These services receive only the minimum data necessary to perform their function. Each service is governed by its own privacy policy.

5. Cookies & Sessions

The Platform uses session cookies to keep you logged in and to maintain your preferences. We do not use advertising cookies or third-party tracking cookies. Session data is stored server-side in our database and is associated with your account only while your session is active.

6. Data Security

We implement industry-standard security measures to protect your information:

  • Passwords are securely hashed and never stored in plain text
  • Two-factor authentication (2FA) is available for enhanced account security
  • Sensitive fields (such as 2FA secrets) are encrypted at rest
  • All data modifications are recorded in an immutable audit log
  • Access to member data is restricted by role-based permissions
  • HTTPS encryption protects data in transit

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Platform's services. Member records that are removed are soft-deleted and may be retained in accordance with your department's record-keeping requirements and applicable regulations. Audit logs are maintained for compliance and accountability purposes.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal data, subject to legal and regulatory retention requirements
  • Withdraw consent for optional data processing

To exercise any of these rights, please contact your department administrator or reach out to us using the contact information below.

9. Children's Privacy

The Platform is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child's data has been collected, we will take steps to delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective Date" at the top of this page. We encourage you to review this policy periodically to stay informed about how we protect your information.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact your department administrator or email us at:

no-reply@wmallesoft.com

← Back to Login

© 2026 WFPD Records. All rights reserved.