1. Our Commitment to Children's Privacy
MayDay-IC is committed to protecting the privacy and safety of children. We recognize the importance of safeguarding the personal information of minors and have implemented strict policies and procedures to ensure compliance with applicable children's privacy laws, including the Children's Online Privacy Protection Act (COPPA), the General Data Protection Regulation (GDPR), and other relevant state and international regulations.
This Children's Privacy Policy explains how MayDay-IC handles information related to children and our practices regarding the collection, use, and disclosure of personal information from individuals under the age of 18.
2. Age Restriction
MayDay-IC is a professional emergency incident command and response platform designed exclusively for use by authorized emergency personnel, first responders, incident commanders, and other qualified professionals. Our service is intended solely for individuals aged 18 and older.
Age Requirements by Jurisdiction
| Jurisdiction | Minimum Age | Applicable Law |
|---|---|---|
| United States (COPPA) | Under 13 — parental consent required | Children's Online Privacy Protection Act |
| European Union (GDPR) | Under 16 — parental consent required | General Data Protection Regulation, Article 8 |
| MayDay-IC Policy | Under 18 — not permitted to use the service | Internal Policy |
We do not knowingly collect, maintain, or use personal information from children under the age of 13 as defined by COPPA, under the age of 16 as defined by the GDPR, or under the age of 18 as required by our own service policies. Our registration process requires users to confirm that they are at least 18 years of age and are authorized emergency personnel affiliated with a recognized agency or organization.
3. Patient Data Involving Children
In the course of emergency response operations, MayDay-IC may process protected health information (PHI) relating to patients who are minors. It is important to understand how this data is treated:
- HIPAA Governs Patient Data: When children are patients in emergency incidents, their PHI is handled under the Health Insurance Portability and Accountability Act (HIPAA) and its implementing regulations, not under COPPA. HIPAA provides comprehensive protections for all patient health information regardless of the patient's age.
- Treatment Purposes Only: Any PHI related to minor patients is collected and processed solely for the purposes of emergency medical treatment, triage, transport coordination, and continuity of care. This data is never used for marketing, advertising, profiling, or any purpose unrelated to the patient's medical care.
- Minimum Necessary Standard: We apply the HIPAA minimum necessary standard to all patient data, including data involving minors. Only the minimum amount of information required to accomplish the intended purpose of the use, disclosure, or request is collected and shared.
- Access Controls: Access to patient data involving minors is restricted to authorized personnel directly involved in the patient's care and incident management, consistent with our role-based access control policies.
4. No Marketing to Children
MayDay-IC does not market to, target, or solicit children in any way. We do not:
- Direct any advertising or promotional materials toward children
- Design any features, content, or user experiences intended to appeal to children
- Use child-oriented themes, characters, or incentives in our platform
- Collect personal information from children for commercial or marketing purposes
- Share, sell, or disclose children's information to third parties for advertising or marketing
- Deploy behavioral advertising or interest-based advertising targeting minors
Our platform is a professional tool designed for emergency response operations, and all marketing activities are directed exclusively toward emergency service agencies, government entities, and adult professional personnel.
5. Parental Rights Under COPPA
If we inadvertently collect personal information from a child under the age of 13, parents and legal guardians have the following rights under COPPA:
- Right to Access: Parents may request to review any personal information we may have collected from their child. We will provide the requested information within a reasonable timeframe.
- Right to Deletion: Parents may request that we delete any personal information collected from their child. Upon verification of the parent's identity and relationship to the child, we will promptly delete the information and confirm the deletion.
- Right to Opt-Out: Parents may refuse to permit any further collection or use of their child's personal information. We will immediately cease any such collection upon receiving a verified request.
- Right to Consent: Parents may consent to the collection and use of a child's information without consenting to the disclosure of that information to third parties.
To exercise any of these rights, please contact us using the information provided in the Contact section below. We will verify the identity of the requesting parent or guardian before processing any request.
6. Discovery Procedure
If we discover or are notified that we have collected personal information from a child under the age of 13 (or under 16 for GDPR purposes, or under 18 per our policy), we will take the following immediate actions:
- Immediate Restriction: We will immediately restrict access to and processing of the child's personal information pending deletion.
- Prompt Deletion: We will delete all personal information associated with the child's account within 48 hours of discovery, or as soon as reasonably practicable.
- Account Deactivation: Any account associated with the child will be immediately deactivated and removed from our systems.
- Parent/Guardian Notification: If we have contact information for the child's parent or legal guardian, we will promptly notify them of the inadvertent collection and the steps we have taken to remediate the situation.
- Incident Documentation: We will document the incident in our compliance records, including the nature of the data collected, how it was discovered, and the remediation steps taken.
- Process Review: We will review and, if necessary, strengthen our age verification and registration processes to prevent recurrence.
7. School and Educational Use
MayDay-IC is not designed, intended, or marketed for use in schools, educational institutions, or by students in any educational capacity. Our platform is a professional emergency incident command system and is not appropriate for:
- K-12 school environments or classroom use
- College or university coursework (except professional emergency management training programs for adult students)
- After-school programs involving minors
- Youth organizations or camps
We do not participate in any school data collection programs and are not subject to the Family Educational Rights and Privacy Act (FERPA) in the context of our service delivery. Any use of MayDay-IC in training exercises involving educational institutions is limited to adult professional participants and does not involve the collection of student data.
8. FTC Compliance
Our practices are designed to comply with the Children's Online Privacy Protection Act (COPPA) as enforced by the Federal Trade Commission (FTC), codified at 16 CFR Part 312. Specifically:
- No Directed Collection: We do not operate a website or online service directed to children under 13, nor do we have actual knowledge that we are collecting personal information from children under 13 (16 CFR § 312.3).
- Notice Requirements: This policy serves as our notice regarding our practices with respect to children's personal information (16 CFR § 312.4).
- Verifiable Parental Consent: In the unlikely event that we would need to collect information from a child under 13, we would obtain verifiable parental consent before doing so, using methods approved by the FTC (16 CFR § 312.5).
- Data Minimization: We adhere to the COPPA principle that operators should collect only as much personal information as is reasonably necessary for the purpose for which it is collected (16 CFR § 312.7).
- Security: We maintain reasonable procedures to protect the confidentiality, security, and integrity of any personal information collected from children (16 CFR § 312.8).
- Data Retention: We retain personal information collected from children only for as long as is reasonably necessary to fulfill the purpose for which it was collected, after which we securely delete the information (16 CFR § 312.10).
9. Contact Us
If you have questions about this Children's Privacy Policy, believe that we may have inadvertently collected personal information from a child, or wish to exercise parental rights under COPPA, please contact us:
Email: info@maydayic.com
Blue Beard Solutions Inc.
Privacy Officer / Data Protection Officer
We will respond to all inquiries regarding children's privacy within 48 hours.