First Pro: Fire Fighter Edition

Privacy Policy​

Effective Date: August 22, 2025
Last Updated: August 22, 2025

1. Overview and Commitment​

First Pro, Inc. ("First Pro," "we," "us," or "our") provides training and development services to fire departments through our First Pro: Fire Fighter Edition platform (the "Service"). We are committed to protecting the privacy of firefighters, fire departments, and all users of our Service while enabling departments to transform their experiences into valuable training opportunities.

This Privacy Policy explains how we collect, use, protect, and handle information through our mobile applications (iOS and Android) and administrative web portal.

2. Key Privacy Protections​

2.1 FOIA Protection for Recordings​

Important Notice: Audio recordings, transcriptions, and AI-generated training materials created within First Pro are NOT public records subject to Freedom of Information Act (FOIA) requests.

• Protected Materials: All recordings, transcriptions, scenarios, and podcasts are proprietary training materials owned by First Pro and licensed to your department
• FOIA-Accessible Data: Only official NFIRS reports (transitioning to NERIS in 2026) and their contained data remain subject to FOIA as public records
• Legal Classification: First Pro content is classified as proprietary third-party training materials, not government records

2.2 Recording Retention and Deletion​

We maintain recordings only as long as necessary for training purposes:

• Initial Processing: 30 days for transcription and content generation
• Quality Review: Additional 60 days for quality assurance and content refinement
• Automatic Deletion: Original audio recordings are permanently deleted after 90 days
• Exceptions: Recordings may be retained longer only with explicit department administrator approval for specific training development purposes

What Remains After Deletion:

• Anonymized transcripts
• Generated training scenarios (without identifying information)
• AI-created podcasts (using synthesized voices)
• Aggregated learning objectives and safety insights

3. Information We Collect​

3.1 Account Information​

• Name and professional title
• Department affiliation
• Email address
• Username and authentication credentials
• Firefighter type (career/volunteer)
• Apparatus assignment (optional)

3.2 Training Records​

• Scenario completion data
• Podcast listening history
• Training scores and progress
• Time spent on training activities
• Compliance tracking metrics

3.3 Recordings and Content​

• Audio recordings of incident debriefs (deleted after 90 days)
• Transcriptions (anonymized and retained)
• User-generated training suggestions
• Feature request recordings

3.4 Department Data​

• NFIRS/NERIS reports (when uploaded by administrators)
• Department roster information
• Shift schedules and assignments
• Department policies and SOPs (for AI reference only)

3.5 Technical Information​

• Device type and operating system
• App version
• IP address (for security only)
• Usage patterns and analytics

4. How We Use Information​

4.1 Primary Service Delivery​

• Provide access to training materials
• Generate personalized training recommendations
• Track compliance with training requirements
• Create AI-generated content from recordings
• Facilitate department-wide learning

4.2 Product Improvement (Anonymized Data Only)​

• Analyze aggregated usage patterns
• Improve AI content generation
• Enhance user experience
• Develop new training methodologies
• Identify common training needs across departments

4.3 What We DON'T Do​

• Sell personal information to third parties
• Use recordings for non-training purposes
• Share identified performance data between departments
• Retain personally identifiable information in recordings beyond 90 days
• Allow FOIA access to proprietary training materials

5. Data Anonymization Process​

5.1 Recording Processing​

When processing recordings, we:

1. Transcribe audio using AI technology
2. Identify and remove:
   • Patient names and information
   • Specific addresses and locations
   • Personal medical information
   • Individual performance critiques
   • Any other personally identifiable information
3. Replace identified information with generic placeholders
4. Generate training content using only anonymized data

5.2 Report Generation​

Reports created from recordings:

• Focus on tactical decisions and procedures
• Exclude individual identifying information
• Emphasize learning objectives
• Maintain operational security

6. Access Controls and HR Protection​

6.1 Internal Department Access​

To prevent HR policy violations and protect personnel:

• Individual Performance Data: Only accessible by designated administrators
• Recordings: Not accessible after 90-day retention period
• Peer Comparison: Only shown in aggregate, never individually identified
• Disciplinary Shields: Training data cannot be used for punitive purposes per our Terms of Service

6.2 Role-Based Access​

• Firefighters: See only their own performance and department-wide aggregates
• Training Officers: Access training metrics without individual performance details
• Fire Chiefs: Full administrative access with audit logging
• Department HR: No direct access to training platform data

6.3 Audit Trails​

All administrative access to individual data is logged and can be reviewed for compliance with department policies.

7. Data Sharing and Disclosure​

7.1 We Share Data Only:​

• With Your Department: As necessary for training administration
• Service Providers: Technical partners under strict confidentiality agreements (e.g., Cloudflare, Stripe, Clerk)
• Legal Requirements: Only when legally required, excluding FOIA requests for proprietary content
• Anonymized Insights: Aggregated, non-identifiable trends with the fire service community

7.2 We Never Share:​

• Individual performance data outside your department
• Original recordings with any third party
• Personally identifiable information for marketing
• Department-specific incidents without permission

8. Data Security​

8.1 Technical Safeguards​

• End-to-end encryption for all data transmission
• Encryption at rest for stored data
• Multi-factor authentication available
• Regular security audits and penetration testing
• SOC 2 Type II compliance (in progress)

8.2 Infrastructure Security​

• Hosted on Cloudflare's global edge network
• Distributed denial-of-service (DDoS) protection
• Web Application Firewall (WAF) protection
• Regular security updates and patches
• Geographically distributed backups

8.3 Access Security​

• Role-based access controls
• Session timeout for inactive users
• Secure password requirements
• Account lockout after failed attempts
• IP-based restrictions available

9. Your Rights and Choices​

9.1 You Have the Right To:​

• Access your personal information
• Correct inaccurate information
• Request deletion of your account
• Export your training records
• Opt-out of non-essential communications
• Review recordings you've submitted (within 90-day window)

9.2 Department Administrators Can:​

• Manage department-wide privacy settings
• Request early deletion of recordings
• Export department training data
• Control content visibility settings
• Designate privacy officers

10. Data Retention​

10.1 Retention Periods​

• Recordings: 90 days maximum
• Anonymized Transcripts: Indefinitely
• Training Records: Duration of employment plus 7 years
• Account Information: Until account deletion requested
• Generated Content: Indefinitely (fully anonymized)

10.2 Post-Employment​

When a firefighter leaves a department:

• Personal account remains but department access is revoked
• Training records transferred to department archive
• Personal recordings already processed are retained as anonymized content
• Individual has right to request personal data deletion

11. Children's Privacy​

The Service is not intended for children under 18. We do not knowingly collect information from minors. Fire department explorers or cadets must have parental consent and department supervision.

12. State-Specific Rights​

12.1 California Residents (CCPA/CPRA)​

Additional rights include:

• Right to know categories of personal information collected
• Right to deletion
• Right to opt-out of sale (Note: We do not sell personal information)
• Right to non-discrimination

12.2 European Union (GDPR)​

For EU-based users:

• Right to data portability
• Right to restriction of processing
• Right to object to processing
• Right to lodge complaints with supervisory authorities

13. Legal Basis for Processing​

We process personal information based on:

• Contract Performance: To provide training services
• Legal Obligations: Compliance with applicable laws
• Legitimate Interests: Product improvement and safety advancement
• Consent: For optional features and communications

14. FOIA Exemption Details​

14.1 Why Recordings Are Not FOIA-Accessible​

First Pro recordings and generated content are exempt from FOIA disclosure under:

• Trade Secrets Exemption: Proprietary training methodologies
• Commercial Information Exemption: Licensed third-party content
• Privacy Exemption: Personnel training records
• Law Enforcement Training Exemption: Tactical training materials

14.2 What Remains Public Record​

• Original NFIRS/NERIS reports (as submitted to state/federal systems)
• Department policies and procedures (if publicly available)
• Aggregated, non-identifying statistics
• Budgetary information related to First Pro subscription

15. Changes to This Policy​

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify users of material changes through:

• In-app notifications
• Email to department administrators
• Prominent notice on our website
• Updated "Last Updated" date

Continued use of the Service after changes constitutes acceptance of the updated policy.

16. International Data Transfers​

If your department is located outside the United States:

• Data may be processed in the United States
• We implement appropriate safeguards for international transfers
• Standard contractual clauses are available upon request

17. Contact Information​

17.1 General Privacy Inquiries​

Email: privacy@first-pro.com
Mail: 60 Hazelwood Drive, Champaign, IL 61820 c/o Semiosis AI dba First Pro, Attn: Privacy Officer

17.2 Data Protection Officer​

Email: dpo@first-pro.com

17.3 Department Administrator Support​

Email: admins@first-pro.com

18. Dispute Resolution​

Any privacy disputes will be resolved through:

1. Direct communication with our Privacy Officer
2. Mediation if necessary
3. Binding arbitration as outlined in our Terms of Service

19. Accessibility​

This Privacy Policy is available in alternative formats upon request for users with disabilities.

20. Acknowledgment​

By using First Pro: Fire Fighter Edition, you acknowledge that you have read, understood, and agree to this Privacy Policy.

Appendix A: Summary for Firefighters​

Your Privacy at a Glance:

• ✅ Your recordings are deleted after 90 days
• ✅ Performance data stays within your department
• ✅ Recordings are NOT accessible via FOIA
• ✅ We anonymize all training content
• ✅ You control your personal information
• ✅ We never sell your data
• ✅ Training data cannot be used for discipline

Appendix B: Summary for Fire Chiefs​

Administrative Privacy Controls:

• Manage department-wide privacy settings
• Control data retention periods
• Designate privacy officers
• Request data exports
• Ensure FOIA compliance (NFIRS/NERIS only)
• Protect personnel from HR violations
• Maintain training confidentiality

This Privacy Policy is effective as of August 22, 2025, and supersedes all previous versions.

© 2025 First Pro, Inc. All rights reserved.