RapidSOS Emergency-Related Services Privacy Notice
RapidSOS, Inc. and its Affiliates (an “Affiliate” is any entity that is controlled by, or is under common control with RapidSOS, Inc.) (collectively “RapidSOS,” “we,” or “us”) seek to transform the emergency management ecosystem by offering a platform, products, tools, and services (collectively, the RapidSOS “Emergency-Related Services”) that facilitate and enhance emergency-related and emergency-preparedness-related services, communications among Emergency Service Providers (such as 911/999/112 providers, providers of private security, or campus safety officials), and communications between members of the public and emergency responders. We respect personal privacy and recognize the importance of protecting the Personal Information (defined below) we collect, use, store, disclose, transfer, and otherwise process.
This Privacy Notice (“Notice”) may be updated from time to time to reflect changes in RapidSOS’ business and operations, or as required to comply with law, regulation, or industry practices. Any updates to this Notice will be posted to this webpage, and the “Last Updated” date above will be amended to reflect the date on which the new Notice became effective. Any updated Notice will also be linked through our Terms of Use. We encourage you to periodically review this page for the latest information on our privacy practices.
This Notice complements related provisions of the RapidSOS Terms of Use (also referred to as RapidSOS’ EULA) (“Terms of Use”) and the RapidSOS’ Master Services Agreements (“Master Services Agreements”). Such agreements contain important information about RapidSOS’ responsibilities with respect to our customers’ data, including Personal Information, arising under contract, applicable law/regulation, and industry standards.
What This Privacy Notice Covers
This Notice describes RapidSOS’ collection, use, sharing, and retention of Personal Information in connection with operating our Emergency-Related Services. This Notice is incorporated into and made part of the RapidSOS Terms of Use and the RapidSOS Master Services Agreements. We have a separate privacy notice here that describes our privacy practices related to RapidSOS Non-Emergency Channels, such as our public website.
This Notice addresses individuals who are Emergency Responders, Emergency Callers, RapidSOS Partners, or who otherwise operate Connected Devices (each capitalized term as defined below).
This Notice does not address Personal Information we may receive from RapidSOS Partners and process on their behalf. If you are the user of a Connected Device, your device may have an app, platform, operating system, or piece of software installed on it that is offered by one or more RapidSOS Partners, and that incorporates RapidSOS functionality. When we collect information from a Connected Device to provide Emergency-Related Services, we are collecting that information on behalf of the relevant RapidSOS Partner, pursuant to contracts governing our use of that information and in compliance with terms and policies you have agreed to in using the services offered by RapidSOS Partners. As with all Personal Information collected from your device by or on behalf of the RapidSOS Partner, the RapidSOS Partner may access, use, share, or otherwise process this information in accordance with the RapidSOS Partner’s own privacy notice. We do not control RapidSOS Partners’ use of any Personal Information that they directly or indirectly collect as part of offering their app, platform, operating system, or software. If you have questions about a RapidSOS Partner’s privacy practices, we will refer you to that RapidSOS Partner.
Definitions
As used in this Privacy Notice:
“Personal Information” means any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household. It may include, but is not limited to, name, email address, postal or other physical address, or title, as well as persistent identifiers and information reasonably capable of being associated with an individual.
“Emergency Responder” means an organization or official tasked with responding to emergencies experienced by members of the public, such as 911/999/112 operators, computer aided dispatch system providers, campus safety officials, or emergency monitoring services.
“Emergency Caller” means someone who dials 911 /999/112 (or attempts to contact an Emergency Responder through other means), using a “Connected Device.” An “Emergency Caller” also includes someone who provides RapidSOS with information that they wish to be transmitted to an Emergency Responder in the event a future emergency arises.
A “Connected Device” is a device or application that uses RapidSOS Emergency-Related Services to potentially provide additional assistance in an emergency.
A “RapidSOS Partner” is a provider of online or offline services including, without limitation, platforms, applications, and other electronic commerce services that partners with RapidSOS by incorporating RapidSOS into its online offerings to facilitate response to emergencies involving one of its users.
“Data Privacy Laws” means the laws governing our processing of your Personal Information, which include but are not limited to the following:
The General Data Protection Regulation (GDPR), the UK Data Protection Act 2018 and General Data Protection Regulation (UK GDPR), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and US state privacy laws currently in effect—including the states of California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia—as well as similar state laws to the extent they take effect (collectively, the “US State Privacy Laws”).
Who we are
RapidSOS Inc.
161 Madison Ave
Suite 205 #615
New York City, New York, 10016
Personal Information Sources
In connection with providing Emergency-Related Services to RapidSOS Partners, RapidSOS collects Personal Information from Emergency Responders, Emergency Callers, RapidSOS Partners, and Connected Devices. We may also collect Personal Information from other individuals who are directly or indirectly involved in or responding to emergencies, and from third parties. We collect this information in several ways.
- We may receive Personal Information about you or a member of your household directly from Emergency Callers, Emergency Responders, or a RapidSOS Partner.
- We may automatically collect Personal Information from your Connected Device when you call an emergency number such as 911/999/112 or another Emergency Responder, or your device is used to send an emergency alert to an Emergency Responder.
- We may receive Personal Information directly from Emergency Callers who voluntarily provide us with Personal Information about themselves and others for use in connection with our Emergency-Related Services.
- We may receive Personal Information about Emergency Responders related to their use of RapidSOS Emergency-Related Services.
We may collect the following categories of Personal Information in connection with our Emergency-Related Services:
- Information that directly identifies the owner or customary user of the Connected Device, such as name, physical address, email address, and phone number.
- Health information, medical information, and any other information residing on a Connected Device that the customary user of the device has indicated (through device or account settings or otherwise) should be shared with Emergency Responders.
- Precise geolocation of the Connected Device, including information about the direction and speed at which the Connected Device is moving.
- Information about the Connected Device’s configuration, network, and internet connection, such as IP address(es), MAC address, other device ID (UDID), device type, operating system type and version, client version, and other technical data that enables us to provide the Emergency-Related Services.
- Other metadata associated with emergency calls, such as call routing information, call duration, and location-related telemetry.
- Personal Information that an individual affirmatively discloses to RapidSOS in the course of responding to an emergency.
- Other Personal Information communicated by and among Emergency Responders.
- Other Personal Information reasonably related to facilitating the provision of Emergency-Related Services.
Legal basis for processing
The data we collect ourselves, as well as those we receive from partners (RapidSOS Partners, Connected Devices, Emergency Callers and Emergency Responders), is processed on one or more of the following legal bases, depending on the context in which we collect it: (i) to protect your or another person’s vital interests in the context of an emergency; (ii) our legitimate interests in operating our business and providing accurate information to Emergency Responders quickly and efficiently; (iii) compliance with applicable law; and (iv) your consent, where we have obtained it (for example, through a RapidSOS Partner’s onboarding flow or for non-essential cookies).
Personal Information Use
We only collect Personal Information reasonably necessary to provide our services and to carry out our operations, which may involve automatic processing using machine learning and artificial intelligence. We use Personal Information to operate, maintain, enhance, expand, support, and provide all features of our Emergency-Related Services to RapidSOS Partners, protect our legal rights and the rights of others, and as otherwise required by law. Specifically, we use Personal Information to:
Supplement the standard emergency services telephone (911/999/112) system functionality with more accurate geolocation information and other insights related to the location, movement, and speed of a Connected Device.
Transmit potentially life-saving health or other information to Emergency Responders.
Authenticate and communicate with registered Emergency Responders who access our Emergency-Related Services.
Conduct quality assurance and for research and development purposes, such as data security, improved website navigation and content display, fraud prevention, data analysis, audits, developing new products, producing predictive data models, improving our Emergency-Related Services, identifying usage trends, and determining the effectiveness of our Emergency-Related Services.
Artificial Intelligence (AI), Your Personal Data, and Your Rights
We use AI and automated decision-making technologies to support safety and emergency related services, such as helping collect, organize, translate, or summarize information about an incident so that human responders such as call-takers and dispatch can act more efficiently and accurately.
Depending on the service and situation, our AI systems may process:
- Contact and location information, such as phone numbers, device reported location, or address details.
- Communications information, including voice calls, text messages, or transcripts generated from those communications.
- Incident or alarm information, such as descriptions of an emergency, alarm signals, or sensor generated alerts.
- Images or video streams, where enabled.
- Device and technical information, including device type, operating system, or connection metadata.
Our AI systems use pattern recognition and language processing technologies to analyze this information and generate outputs such as transcriptions, translations, or summaries.
AI outputs may affect decisions related to:
- Routing or prioritizing emergency communications.
- Providing responders with clearer or more complete incident information.
- Processing alarm-initiated or device-initiated safety events.
Although our AI systems operate independently, we have implemented measures to ensure human oversight of their outputs where necessary. Human personnel remain responsible for reviewing information and determining appropriate actions. Where appropriate, AI-generated outputs are reviewed by trained staff to help ensure accuracy and fairness. If you believe an AI-assisted outcome has negatively affected you, you may request a review within the platform.
Our use of AI may:
- Improve response speed and situational awareness.
- Reduce delays caused by manual processing.
- Help human responders better understand emergency situations.
If you have questions about an AI-assisted outcome, you may request additional information about how the output was created and what data was used, consistent with Data Privacy Laws.
We process Personal Data only as long as needed to provide the requested service. We do not retain Personal Data beyond that period. Any limited technical or operational metadata retained does not include the content of Personal Data and is used solely for security, reliability, or compliance purposes.
Personal Information Sharing
We disclose Personal Information collected through Emergency-Related Services only as reasonably necessary to provide our Emergency-Related Services, protect our legal rights and the rights of others, and to comply with applicable law. RapidSOS does not sell Personal Information collected in connection with Emergency-Related Services.
To these ends, we may disclose your Personal Information to the following categories of third parties:
- Emergency Responders. We share Personal Information with Emergency Responders in order to enhance emergency response, facilitate communication during an emergency, and facilitate emergency-preparedness-related communication.
- Our service providers. RapidSOS shares Personal Information with our service providers as needed to assist RapidSOS in providing Emergency-Related Services and to operate our business. Those service providers are found here
These service providers are contractually required to maintain comparable confidentiality and security to what we maintain for Personal Information ourselves. These service providers are prohibited from using or disclosing this data for any purpose other than carrying out the services that they are performing for us. RapidSOS remains liable for the protection of your Personal Information that we transfer to our service providers, except to the extent that we are not responsible for the event outside of our control giving rise to any unauthorized or improper processing.
Other Disclosures of Your Personal Information
RapidSOS may disclose Personal Information (i) to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders; (ii) in connection with any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings); or (iii) to our subsidiaries or affiliates only if necessary for business and operational purposes.
We reserve the right to use, transfer, sell, and share aggregated, anonymous data, which does not include any Personal Information, about our emergency services users as a group for any legal business purpose, such as analyzing usage trends and seeking compatible advertisers, sponsors, clients, and customers.
If we must disclose your Personal Information in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your Personal Information will maintain the privacy or security of your Personal Information.
RapidSOS does not sell Personal Information collected in the course of providing Emergency Related Services or use Personal Information for advertising purposes.
Personal Information Retention
As described above, RapidSOS receives certain Personal Information when providing Emergency-Related Services. RapidSOS retains this Personal Information in an identified form only for so long as it is (i) permitted by our contractual commitments to our partners, (ii) needed to provide the Emergency-Related Services, and (iii) as needed to operate our business in compliance with applicable law, regulation, and industry standards and best practices. The retention periods established by contract, law, and industry standards may vary depending on the nature of the Emergency-Related Services. Wherever possible, when RapidSOS no longer requires Personal Information for active service delivery but is required to retain that data for legal or other purposes, we take steps to pseudonymize, anonymize, and/or securely segregate that data to guard against unauthorized access, use, disclosure, or alteration. Personal information from children under sixteen years old is only knowingly collected when needed to provide Emergency-Related Services and is retained in personally identifiable form for as long as is reasonably necessary to provide such services and comply with applicable law and regulation.
Cookies and Similar Technologies
We automatically collect Personal Information on our Emergency-Related Services Platform using common, industry-standard technologies (for example, standard web logs and cookies). Cookies are small text files that are created when your web browser loads one of our general information websites.
RapidSOS does not use marketing or advertising cookies on the Emergency-Related Services Platform. Instead, only the following types of cookies are deployed on our Emergency-Related Services Platform:
- Necessary cookies: These cookies are necessary to the operation of our Emergency-Related Services Platform. They are required to perform basic functions such as page navigation and access to secure areas of our websites. These cookies do not store any Personal Information.
- Functional cookies: These cookies keep track of your personal preferences and settings, such as your preferred language for our Emergency-Related Services Platform. Without these cookies, some of these settings may not function properly.
- Performance cookies: These cookies gather information on how visitors interact with our Emergency-Related Platform, allowing us to understand how they use our platform. This statistical information is used to monitor and improve the platform’s content and performance.
The following performance cookies are used on the RapidSOS Emergency-Related Services Platform:
- We use Gainsight cookies, based on consent, to track users’ interactions with the platform, including page visits, button clicks, and links followed. We use the Gainsight PX service in our platform to improve our analytics capabilities and to troubleshoot user interactions with the platform.
- We also use Google Analytics cookies, based on consent, on the Emergency-Related Services Platform to measure performance and collect data about how visitors use the platform. RapidSOS has turned off all data sharing settings within Google Analytics and configured the data retention settings for the lowest available period.
Your Choices and Your Legal Rights
Subject to applicable Data Privacy Laws, you may have certain rights to know, access, update, correct, delete, port, and restrict processing of your Personal Information.
For security purposes, we will verify your identity when you request to exercise your data privacy rights. For certain types of requests, we may also need to ask you for additional information to verify your identity. Once we have verified your identity (or your authorized agent, as applicable), we will respond to your request as appropriate.
Please note that we may be unable to comply with your requests where: (i) we cannot verify your identity; (ii) compliance with your request is not legally required and would involve disproportionate cost or effort or impact the privacy of others; or (iii) we no longer have the requested Personal Information. Because we do not retain information processed in the course of providing Emergency-Related Services beyond what is necessary to provide those services, we may not have requested information.
Your rights regarding your Personal Information depend on the Data Privacy Law applicable to where you reside.
- For Residents of the State of California:
The California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (CPRA) (collectively, the “CCPA”), provides certain rights to residents of California. Only you or someone legally authorized to act on your behalf may make a request related to your legal rights concerning your Personal Information.
Your Rights Under the CCPA
Right to Know: You have the right to know and request that we disclose to you the Personal Information we collect about you, including the categories of Personal Information, the purposes for collecting your Personal Information, the categories of third parties from whom we receive your Personal Information, and the categories of third parties with whom we share your Personal Information.
The chart below summarizes the categories of Personal Information we may have collected about you over the past 12 months and the categories of third parties with whom we may have disclosed that information.
| Categories of Personal Information Collected | Categories of Recipients |
|---|---|
|
|
You also have the following rights, though these rights, like the right to know, are not absolute and may be subject to certain exceptions and verification:
- Right to Request Correction: You have the right to request that we correct inaccurate Personal Information we maintain about you.
- Right to Request Deletion: You have the right to request that we delete Personal Information we collect and maintain about you.
You can make a request related to your Personal Information by emailing privacy@rapidsos.com or writing to RapidSOS, Inc., Attn: Privacy, 167 Madison Ave., Suite 205, #615, New York, NY 10016.
Please note that to protect your information and the integrity of our products and services, we may need to verify your identity before processing your request. In some cases, we may need to collect additional information to verify your identity, such as your email address or a government-issued ID.
You may also designate an authorized agent to make these requests on your behalf. If you use an authorized agent to submit a request, we may need to collect additional information, such as a government-issued ID, to verify your identity before processing your request to protect your information.
We will not discriminate against you for exercising any of these rights.
Laws in California give users in the state the right to opt out of the “sale” or “sharing” of their Personal Information. “Sale” refers to the disclosure of personal information to a third party in exchange for money or other value. “Share” refers to the disclosure of personal information to a third party for purposes of targeted advertising. RapidSOS does not “sell” or “share” Personal Information collected in connection with Emergency-Related Services; this includes Personal Information of individuals under 16 years of age. Please note that Do Not Track (DNT) is a privacy preference you can set in browsers, but we do not currently process DNT signals.
- For residents of Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia:
The US State Privacy Laws provide consumers with certain rights regarding their Personal Information. To the extent that you are a resident of one of these states, this section describes rights you may have under the US State Privacy Laws and explains how you may exercise these rights.
Your rights regarding your Personal Information depends on the U.S. State Privacy Law applicable to where you reside. You may have the following rights, through these rights are not absolute and may be subject to certain exceptions and verification:
- Right to Access: The right to know whether we process your Personal Information. You have the right to request access to the categories of Personal Information we collect about you, the purposes for collecting your Personal Information, the sources from which your Personal Information is collected, and categories of third parties with whom we share your Personal Information.
- Right to Data Portability: The right to access and obtain a copy of your Personal Information that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another business without hindrance, where the processing is carried out by automated means. You may request such personal information up to twice annually, subject to certain exceptions.
- Right to Correct: The right to request the correction, updating, and completion of any Personal Information we collect and maintain about you, taking into account the nature of the Personal Information and the purposes for which we process it.
- Right to Delete: The right to request deletion of your Personal Information we collect and maintain about you. Please note that we may deny such a request if the requested deletion falls under an exception to this right set forth in US State Data Privacy Laws. If the personal data is no longer needed for any purposes that justify its retention and we are not required by law to retain it, we will do what we can to delete. We may need certain types of data so that we can provide our services to you. If you ask us to delete it, you may no longer be able to access or use our Services.
- Right to Appeal: Under applicable US State Privacy Laws, if we decline to take action or do not respond regarding a request that you have submitted pursuant to one of the privacy rights set forth in this section, you have the right to appeal our refusal to take action within thirty (30) calendar days after you receive our decision. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, we will also provide you with an online mechanism, if available, or other method through which you may contact your state attorney general’s office to submit a complaint.
- Right to Non-Discrimination: The right not to receive discriminatory treatment for the exercise of your rights. If you choose to exercise your rights, we will not differentiate our services as a result of your decision. We also do not offer any financial incentives in return for the collection or use of your Personal Information.
- “Sale”, “Sharing” or “Targeted Advertising”: RapidSOS does not sell or share Personal Information collected in connection with Emergency-Related Services. We do not process Personal Information for the purposes of targeted advertising. And we do not engage in profiling decisions based on your Personal Information that produce legal or similarly significant effects concerning you.
You can make a request related to your Personal Information by emailing privacy@rapidsos.com or writing to RapidSOS, Inc., Attn: Privacy, 167 Madison Ave., Suite 205, #615, New York, NY 10016. We will not discriminate against anyone who makes such a request.
- For UK/ EU/Switzerland Individuals:
EU-U.S. and Swiss-U.S. Data Privacy Frameworks
RapidSOS complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. RapidSOS has certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of Personal Information received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU U.S. DPF. RapidSOS has certified to the U.S. Department of Commerce that we adhere to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of Personal Information received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.
To learn more about the Data Privacy Framework Program and to view the certification for RapidSOS, please visit https://www.dataprivacyframework.gov/s/ and https://www.dataprivacyframework.gov/list, respectively.
RapidSOS acknowledges the right of EU, UK and Swiss individuals to access their Personal Information pursuant to the Data Privacy Framework and will grant individuals reasonable access to Personal Information it received pursuant to the Data Privacy Framework Principles. In addition, RapidSOS will take reasonable steps to permit individuals to correct, amend, or delete such information that is demonstrated to be inaccurate or processed in violation of the Principles. An individual may request to access their Personal Information, or otherwise correct, amend, or delete their Personal Information in line with the EU-U.S. (and its UK Extension) and Swiss-U.S. Data Privacy Framework Principles by contacting us at the contact information provided below.
We provide individuals with choices and control over their own Personal Information. Please note that you can only exercise these rights with respect to Personal Information that we process about you when we act as a data controller. To exercise your rights with respect to information processed by us on behalf of one of our RapidSOS Partners, please read the privacy notice of that RapidSOS Partner. You have the following rights:
- Right to Access and Review: If you are a data subject about whom we store Personal Information, you may have a right to request access to, and the opportunity to update, correct, or delete such Personal Information. To submit such requests or raise any other questions, please contact us at the contact information provided below.
- Right of Choice: You may opt out of having your Personal Information shared with third parties by us, and you may revoke consent to share your Personal Information with third parties, where it was the basis for processing your Personal Information, except as required by law. You may also have the right to opt out if your Personal Information is used for any purpose that is materially different from the purpose(s) for which it was originally collected or which you originally authorized. To do this, you may send your request using the contact information provided below.
- Right to Withdraw Consent: You have the right to withdraw consent to processing your Personal Information. Withdrawing consent does not affect the lawfulness of processing based on consent prior to the withdrawal. To do this, you may send your request using the contact information provided below.
- Right to Data Portability: You have the right to request/claim that your Personal Information be provided to you in a structured, commonly-used and machine-readable format and to transfer that data to another party, e.g., a service provider. This applies to Personal Information for which processing is based on your consent and the processing carried out by automated means. Where feasible, you can also request/claim that the Personal Information be transferred directly from our systems to those of another provider.
- Right to Lodge a Complaint with a Supervisory Authority: If the EU or UK General Data Protection Regulation (GDPR) applies to our processing of your Personal Information, you have the right to lodge a complaint with a supervisory authority in the Member State of your habitual residence, place of work, or of the alleged infringement of the GDPR if you are not satisfied with how we process your Personal Information.
Should you have questions or concerns about this Notice, data protection, your Personal Information, or should you wish to submit a verifiable consumer request, you may contact us at privacy@rapidsos.com or by mail:
RapidSOS, Inc.
Attn: Privacy
167 Madison Ave.,
Suite 205, #615
New York, NY 10016
USA
Please allow up to four weeks for us to reply. We will not discriminate against anyone who makes such a request.
United Kingdom Representative
We have appointed RapidSOS UK Limited as our representative in the UK for data protection matters. RapidSOS UK Limited can be contacted on matters related to the processing of Personal Information. To contact RapidSOS UK Limited please use the email address privacy@rapidsos.com or postal address:
RapidSOS UK Limited
(Company Number 14704468) C/O Mercer & Hole, 21 Lombard Street, London, United Kingdom, EC3V 9AH
Data Protection Officer
We have appointed VeraSafe as our Data Protection Officer (DPO). While you may contact us directly, VeraSafe can also be contacted on matters related to the processing of Personal Information. VeraSafe’s contact details are:
VeraSafe LLC
100 M Street S.E., Suite 600
Washington, D.C.
20003
USA
Email: experts@verasafe.com
Web: https://www.verasafe.com/about-verasafe/contact-us/
Dispute Resolution
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, RapidSOS commits to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of Personal Information received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.
If your dispute or complaint cannot be resolved by us, nor through the dispute resolution program, you may have the right to require that we enter into binding arbitration with you pursuant to the Data Privacy Framework’s Recourse, Enforcement and Liability Principle and Annex I of the Data Privacy Framework.
For further information about the Data Privacy Framework dispute resolution, please visit: https://www.dataprivacyframework.gov/program-articles/How-to-Submit-a-Complaint-Relating-to-a-Participating-Organization%E2%80%99s-Compliance-with-the-DPF-Principles
Data Transfer Outside the UK/EU
Where the processing of Personal Information involves the transfer of such data, we ensure that the transfer is carried out under appropriate conditions which guarantee a sufficient level of protection, security and confidentiality.
Some of our service providers or their own service providers or partners, are located in countries outside the UK and the EEA and your Personal Information is processed in those countries. Some of these countries may have different Personal Information regulations from those of the UK or the EEA. In such a case, we take particular care to ensure that the transfer is carried out in accordance with the applicable regulations and put in place safeguards to ensure a level of protection of your privacy and fundamental rights equivalent to that offered by the UK (in particular the Commissioner’s Standard Data Protection Clauses) and the European Union (in particular the European Commission’s Standard Contractual Clauses). You may obtain a copy of these clauses by writing to our DPO as listed above or to the following address: privacy@rapidsos.com.
Regulatory Oversight
RapidSOS is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
About Children: Direct Notice to Parents
RapidSOS collects the Personal Information of children under sixteen years old in the ways outlined above in order to respond to emergencies, including to protect the safety of a child in need of our Emergency-Related Services or who reports an emergency using RapidSOS functionality. RapidSOS will not use or disclose Personal Information collected from children under sixteen for any purpose unrelated to the emergency situation involving or reported by a child. This information will only be retained as long as necessary to fulfill the purpose for which it is collected and in accordance with the retention periods described above.
Security
RapidSOS has taken security measures to protect the confidentiality, integrity, and availability of your Personal Information. We make every effort to maintain security measures appropriate to the level of risk associated with the processing of Personal Information.
We are continually working to improve our security practices to ensure that your data is safe. Your Personal Information is stored on secure servers. We implement, and require our third parties and partners to implement, appropriate security and data protection measures in line with the latest technology.