Short version: We collect what we need to run the Service. We don't sell your data. NERIS incident data is used only to generate analytics for your department. Benchmarking participation (sharing anonymized metrics with peers) is always opt-in. You can request deletion of your data at any time.
1. Overview
Arborlook Insights, LLC, an Oregon limited liability company ("Arborlook," "we," "us," or "our"), operates Risk & Response, a community risk analytics platform for U.S. fire and EMS agencies. This Privacy Policy describes how we collect, use, store, and share information when you use our Service.
This policy applies to all users of the Service, including visitors to free department profile pages, registered account holders, and subscribers.
2. Information We Collect
Information You Provide
When you create an account or subscribe, we collect:
- Name and email address
- Organization name and NERIS ID
- Role / title (optional)
- Payment information (processed by Stripe; we do not store full card numbers)
Information We Receive from NERIS
For paid subscribers who have completed NERIS enrollment, we receive incident data from the NERIS API on your behalf. This includes incident timestamps, type codes, location (census tract level), unit response times, and other fields returned by the NERIS API. This data is used solely to generate analytics for your department.
Information We Collect Automatically
When you access the Service, we automatically collect standard web analytics information:
- IP address (anonymized by Google Analytics)
- Browser type and version
- Pages visited and time spent
- Referrer URL
- Device type
We use Google Analytics (GA4) for this purpose. See Section 7 for details on cookies and analytics.
Information from Public Sources
Free tier department pages are built entirely from public government datasets (FEMA, U.S. Census Bureau, NERIS Public, OpenFEMA). This data is not personally identifiable and is publicly available from its original sources.
3. How We Use Information
| Information | How we use it |
|---|---|
| Account information (name, email, org) | Deliver the Service, send transactional emails (signup, weekly digest, trial notices), provide customer support |
| Payment information | Process subscription payments via Stripe; detect fraud |
| NERIS incident data | Generate response analytics shown on your dashboard; compute aggregate metrics for your department; nightly data refresh |
| Web analytics | Understand how the platform is used; improve features; measure marketing effectiveness |
| Benchmarking metrics (opt-in only) | Compute anonymized peer benchmarks shown to enrolled departments; see Section 6 |
We do not sell personal data to third parties. We do not use your data for targeted advertising.
4. Third-Party Services
We use the following third-party services to operate the platform:
| Service | Purpose | Data shared |
|---|---|---|
| Supabase | Database, authentication, and Edge Functions | Account data, org data, NERIS incident records, dashboard metrics |
| Stripe | Payment processing and subscription management | Email address, billing address, payment method details |
| Resend | Transactional email delivery (weekly digest, account notices) | Name, email address, digest content |
| Cloudflare Pages | Static site hosting and CDN | Standard web request logs (IP, user agent), subject to Cloudflare's privacy policy |
| Google Analytics (GA4) | Web analytics | Anonymized usage data; IP addresses are anonymized before transmission |
| GitHub Actions | Automated pipeline for NERIS data pulls and report generation | NERIS department ID used in API calls; no personal data transmitted |
Each of these services operates under its own privacy policy and data processing agreements. We enter into Data Processing Agreements with sub-processors where required.
5. NERIS Incident Data
NERIS incident data is accessed through Arborlook's registered API integration with the National Emergency Response Information System (NERIS), operated by FSRI. Access is granted when your department adds Arborlook as an authorized integration in the NERIS portal.
Incident records are stored in our Supabase database and are used exclusively to generate the analytics shown on your Response tier dashboard. They are not shared with other subscribers (except in aggregate, anonymized form if you opt into benchmarking), not used for advertising, and not sold.
We pull new incident data nightly and retain historical records for the duration of your subscription plus 90 days after cancellation.
You may revoke NERIS access at any time by removing Arborlook from your authorized integrations in the NERIS portal. Revoking access stops future pulls but does not automatically delete previously retrieved data. To request deletion, contact us.
6. Benchmarking Program
The benchmarking program is entirely opt-in. It allows participating departments to see their performance in context. For example: "your median P90 response time is in the 35th percentile among peer departments."
What is shared
If you opt in, the following anonymized metrics from your department may be included in aggregate peer benchmarks shown to other enrolled departments:
- Response time percentiles (P50, P90) by incident type
- Call volume by incident type (counts, not individual incidents)
- Unit availability metrics
Individual incident records are never shared. Your department is not identified by name in benchmarks shown to other subscribers. Only aggregate statistics are used.
What is not shared
- Individual incident records
- Patient or location information
- Your department's name, NERIS ID, or any identifying information
- Any data you have not been notified about through this policy
Withdrawing consent
You may withdraw from the benchmarking program at any time in your account settings. Withdrawal removes your data from future benchmark calculations. Previously computed aggregate statistics that included your anonymized data may not be retroactively removed, as they do not contain identifying information.
7. Analytics & Cookies
We use Google Analytics 4 (GA4) to understand how the platform is used. GA4 uses first-party cookies to track sessions and page views. IP addresses are anonymized before being stored by Google.
We do not use advertising cookies or third-party tracking pixels beyond Google Analytics.
You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on. Free tier pages can be accessed without any account or cookies (beyond analytics).
Authentication sessions for paid subscribers use Supabase's secure session tokens, stored in your browser's local storage. These tokens are used solely for authentication and are not used for tracking or advertising purposes.
8. Data Security
We implement reasonable technical and organizational measures to protect your data:
- All data in transit is encrypted via TLS
- Database access requires authentication; row-level security (RLS) policies ensure subscribers can only access their own organization's data
- API keys and credentials are stored as environment variables, never committed to source control
- Stripe handles all payment card data. We never store full card numbers.
- Access to production systems is limited to authorized personnel
No method of internet transmission or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach affecting your personal information, we will notify you within 45 days, as required by applicable law.
9. Data Retention
- Account data: Retained while your account is active and for 90 days after deletion
- NERIS incident data: Retained while your subscription is active and for 90 days after cancellation
- Payment records: Retained as required by tax and accounting regulations (typically 7 years)
- Analytics data: Google Analytics retains data per their standard retention settings (default 14 months for user/event data)
You may request deletion of your account and associated data at any time. See Section 10.
10. Your Rights
You have the following rights regarding your personal data:
- Access: Request a copy of personal data we hold about you
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your account and personal data (subject to legal retention requirements)
- Data portability: Request an export of your analytics data in a machine-readable format
- Opt-out of benchmarking: Withdraw benchmarking consent at any time in account settings
- Opt-out of marketing emails: Unsubscribe from non-transactional emails via any email footer or by contacting us
California residents may have additional rights under the California Consumer Privacy Act (CCPA). Contact us to exercise them.
To exercise any of these rights, email [email protected] with the subject line "Privacy Request." We will respond within 30 days.
11. Children's Privacy
The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us and we will delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes that affect how we use your personal data, we will notify paid subscribers by email before the changes take effect. The effective date at the top of this page will be updated.
Continued use of the Service after any changes constitutes your acceptance of the updated policy.
13. Contact
For privacy questions, data requests, or concerns, contact:
Arborlook Insights, LLC
Email: [email protected]
Subject line: Privacy Request
See also our Terms of Service.