Privacy Policy

Last updated: April 2026

This Privacy Policy describes how WildFireVantage ("WFV," "we," "us," or "our") collects, uses, shares, and protects your personal information when you use our website at wildfirevantage.com, our mobile applications, and related services (collectively, the "Service"). WildFireVantage is operated from the State of Colorado.

By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.

1. Information We Collect

A. Information You Provide

  • Account information — name, email address, and password when you create an account
  • Waitlist information — email address when you join our waitlist
  • Payment information — billing address and payment method details (processed by our third-party payment processor; we do not store full payment card numbers)
  • Alert zone locations — property addresses, geographic coordinates, and custom-named locations you configure for wildfire monitoring
  • Community reports — fire sightings, conditions, photos, and other information you voluntarily submit
  • Communications — messages you send to us via email or support channels

B. Information Collected Automatically

  • Device information — device type, operating system, browser type, unique device identifiers, and mobile advertising identifiers (e.g., IDFA on iOS)
  • Usage data — pages visited, features used, interaction patterns, timestamps, and referring URLs
  • Precise geolocation data — with your explicit consent, we collect precise location data from your device to provide location-based alerts. On mobile devices, this may include background location data if you enable that permission. You can revoke location permissions at any time through your device settings.
  • Push notification tokens — device tokens used to deliver alert notifications
  • Log data — IP address, access times, error logs, and system activity
  • Cookies and similar technologies — see our Cookie Policy for details

C. Information from Third-Party Sources

  • Government and satellite data — we aggregate publicly available wildfire data from sources including NIFC (National Interagency Fire Center), NOAA, NASA FIRMS, USGS, and state/local fire agencies. This data is used to power the Service and is not linked to your personal information.
  • Authentication providers — if you sign in via a third-party service (e.g., Google, Apple), we receive your name and email as authorized by you

2. Sensitive Personal Information

Under applicable privacy laws (including the Colorado Privacy Act and California Consumer Privacy Rights Act), precise geolocation data is classified as sensitive personal information. We collect precise geolocation data only with your explicit, affirmative consent. You may withdraw consent at any time by disabling location permissions in your device settings or by removing alert zones from your account.

3. How We Use Your Information

We use your information for the following purposes:

  • Provide the Service — deliver wildfire monitoring, risk assessments, and alert notifications for your configured locations
  • Safety notifications — send you time-sensitive alerts about fire activity near your alert zones via push notification, email, or SMS
  • Improve the Service — analyze usage patterns, diagnose technical issues, and develop new features
  • Communications — send product updates, safety bulletins, and respond to your inquiries
  • Security — detect and prevent fraud, abuse, and unauthorized access
  • Legal compliance — comply with applicable laws, regulations, and legal processes

4. AI and Machine Learning

WildFireVantage uses artificial intelligence and machine learning to generate wildfire risk assessments, alert prioritization, and predictive models. You should be aware of the following:

  • AI-generated risk scores and assessments are probabilistic and informational only — they are not guarantees and should never be your sole basis for safety decisions
  • Aggregated, de-identified usage data (such as which alert thresholds are most useful) may be used to improve our AI models. Your personal information and specific location data are not used to train AI models without your explicit consent.
  • You may opt out of any AI-related data processing beyond what is necessary to deliver the core Service by contacting us at privacy@layavantagesystems.com
  • In accordance with the Colorado AI Act, we disclose that our wildfire risk intelligence features use automated systems to assess risk levels. These assessments supplement — but do not replace — official emergency information. If you believe an AI-generated assessment was inaccurate, you may contact us for a review.

5. How We Share Your Information

We do not sell your personal information. We share information only in the following circumstances:

  • Service providers — trusted third parties that process data on our behalf under written data processing agreements, including:
    • Supabase (database and authentication hosting)
    • Vercel (website hosting)
    • Analytics providers (to understand Service usage)
    • Email delivery services (for transactional and alert emails)
    • Payment processors (for subscription billing)
  • Aggregated/de-identified data — we may share anonymized, aggregated data for research, public safety analysis, or reporting purposes. This data cannot be used to identify you.
  • Legal requirements — we may disclose information in response to valid legal process (subpoena, court order, government request) or to protect the rights, safety, or property of WFV, our users, or the public
  • Business transfers — in connection with a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.
  • With your consent — we may share information for purposes you have specifically authorized

6. Data Retention

  • Account data — retained for as long as your account is active, plus 30 days after account deletion to allow for recovery
  • Alert zone locations — deleted within 30 days of account deletion or when you remove a zone
  • Waitlist data — retained for up to 24 months after submission, then automatically deleted unless you create an account
  • Usage and analytics data — retained in identifiable form for up to 12 months, then aggregated or deleted
  • Community reports — retained for as long as relevant to public safety; your authorship is anonymized upon account deletion
  • Backup copies — may persist in encrypted backups for up to 90 days after deletion from active systems
  • We may retain information longer if required by law or necessary to resolve disputes

7. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Access controls limiting employee access to personal data on a need-to-know basis
  • Regular security assessments and monitoring
  • Alert zone locations stored with encryption and accessible only to your authenticated account

No system is 100% secure. While we take reasonable precautions, we cannot guarantee the absolute security of your information.

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

All Users

  • Access — request a copy of the personal information we hold about you
  • Correction — request correction of inaccurate information
  • Deletion — request deletion of your personal information
  • Unsubscribe — opt out of marketing communications via the link in any email

Colorado Residents (Colorado Privacy Act)

  • Right to opt out of targeted advertising
  • Right to opt out of the sale of personal data (we do not sell data, but you have this right)
  • Right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects
  • Right to data portability (receive your data in a portable format)
  • We recognize and honor Universal Opt-Out Mechanisms, including Global Privacy Control (GPC)

California Residents (CCPA/CPRA)

  • Right to know what personal information is collected, used, shared, and sold
  • Right to delete personal information
  • Right to opt out of sale or sharing of personal information — we do not sell or share personal information for cross-context behavioral advertising
  • Right to limit use of sensitive personal information — we only use sensitive PI (precise geolocation) to provide the Service as requested by you
  • Right to non-discrimination — we will not penalize you for exercising your privacy rights
  • You may designate an authorized agent to make requests on your behalf

Other State Privacy Laws

Residents of Virginia, Connecticut, Texas, Oregon, Montana, Delaware, Iowa, Indiana, Tennessee, and other states with consumer privacy laws may have similar rights including access, correction, deletion, portability, and opt-out rights. Contact us to exercise any applicable rights.

Exercising Your Rights

To exercise any privacy right, contact us at privacy@layavantagesystems.com. We will verify your identity before processing requests. We respond to verifiable requests within 45 days (or as required by applicable law). If we need additional time, we will notify you.

If you are not satisfied with our response, you have the right to appeal. Colorado residents may contact the Colorado Attorney General. California residents may contact the California Privacy Protection Agency.

9. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at privacy@layavantagesystems.com.

10. International Data Transfers

Your information is processed and stored in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the U.S., where data protection laws may differ from those in your jurisdiction. By using the Service, you consent to this transfer.

11. Do Not Track Signals

We honor Global Privacy Control (GPC) signals as required by applicable law. Some browsers offer a "Do Not Track" (DNT) signal; there is no industry consensus on how to respond to DNT, so we do not currently respond to DNT signals separately from GPC.

12. Data Breach Notification

In the event of a data breach affecting your personal information, we will notify affected users and applicable regulatory authorities within the timeframes required by law (generally within 30 days). Notification will be sent via email to the address on file and, where appropriate, via in-app notification.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email (if you have an account) and by posting the updated policy with a new effective date. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

14. Contact Us

For privacy-related questions, requests, or complaints:

Email: privacy@layavantagesystems.com

See also our Terms of Service and Cookie Policy.