1. Your Right Under California Law
The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives California consumers the right to opt out of the "sale" or "sharing" of their personal information. Under the CCPA/CPRA, a "sale" means making personal information available to a third party for monetary or other valuable consideration, and "sharing" means making personal information available to a third party for cross-context behavioral advertising purposes.
This page serves as our notice and mechanism for you to exercise your right to opt out of the sale or sharing of your personal information, as required by California Civil Code Section 1798.120.
2. Our Practice
MayDay-IC Does NOT Sell Your Personal Information
MayDay-IC does not sell personal information to third parties for monetary or other valuable consideration. We do not share personal information with third parties for cross-context behavioral advertising. We have not sold or shared personal information in the preceding 12 months.
Our business model is based on providing emergency incident command software to authorized emergency response agencies. We generate revenue through software subscriptions, not through the sale or monetization of personal data. We do not engage in data brokerage, targeted advertising, or any practice that would constitute a "sale" or "sharing" under the CCPA/CPRA.
3. Categories of Personal Information Collected
MayDay-IC collects the following categories of personal information in connection with providing our emergency incident command services:
| Category | Examples | Purpose |
|---|---|---|
| Identifiers | Name, email address, phone number, badge/ID number | Account management, authentication |
| Professional Information | Agency affiliation, rank, certifications, role | Role-based access control, incident management |
| Geolocation Data | GPS coordinates during active incidents | Responder safety, incident mapping |
| Protected Health Information (PHI) | Patient vitals, triage data, medical assessments | Emergency medical treatment (governed by HIPAA) |
| Internet Activity | Login timestamps, feature usage, device information | Security, service improvement |
| Financial Information | Billing address, payment method (processed by Stripe) | Subscription billing |
4. How We Use Personal Information
We use personal information exclusively for the following operational purposes:
- Emergency Response: Facilitating incident command, responder coordination, and patient triage during emergencies
- Incident Management: Recording incident data, generating after-action reports, and maintaining incident history
- Billing & Subscriptions: Processing payments and managing agency subscriptions through Stripe
- Security: Authentication, access control, audit logging, and fraud prevention
- Legal Compliance: Meeting HIPAA, state reporting, and other regulatory requirements
We never use personal information for advertising, marketing to third parties, data mining, or any purpose unrelated to emergency response services.
5. Third-Party Disclosures
We disclose personal information to the following categories of service providers. These disclosures are made under written contracts that restrict the service providers from using the data for any purpose other than performing services on our behalf. These are not "sales" or "sharing" under the CCPA/CPRA.
| Service Provider | Purpose | Data Disclosed | Relationship |
|---|---|---|---|
| OpenAI | AI-assisted analysis and recommendations | De-identified prompts (no raw PHI) | Service Provider under DPA |
| Stripe | Payment processing | Billing address, payment method | Service Provider under contract |
| Google (Maps Platform) | Geocoding, mapping, hospital search | Location data, search queries | Service Provider under contract |
| Neon (Database) | Data storage and persistence | All application data (encrypted) | Service Provider under DPA |
6. How to Submit a Request
Although MayDay-IC does not sell or share personal information, you may still submit an opt-out request or any privacy-related request through the following channels:
Submit a Do Not Sell/Share Request
You can submit your opt-out request using the form below, or by emailing info@maydayic.com with the subject line "Do Not Sell/Share Request."
We will acknowledge your request within 10 business days and respond substantively within 45 calendar days, as required by the CCPA/CPRA. If we need additional time, we will notify you of the extension (up to an additional 45 days) and the reason for it.
7. Verification
To protect your privacy and security, we must verify your identity before processing your request. We may verify your identity through one or more of the following methods:
- Matching information you provide with information we already have on file
- Account verification through your registered email address
- Government-issued photo identification (for sensitive requests)
- Signed declaration under penalty of perjury
The level of verification required depends on the sensitivity of the request and the risk of harm from unauthorized processing. We will not fulfill a request if we cannot verify your identity to a reasonable degree of certainty.
8. Authorized Agents
California residents may designate an authorized agent to submit a request on their behalf. To do so, you must:
- Provide the authorized agent with written, signed permission to act on your behalf
- Verify your own identity directly with us (unless the agent has a power of attorney under California Probate Code sections 4000–4465)
- Submit proof of the agent's authorization along with the request
We may deny a request from an agent who cannot provide sufficient proof of authorization.
9. Non-Discrimination
MayDay-IC will not discriminate against you for exercising any of your rights under the CCPA/CPRA. Specifically, we will not:
- Deny you goods or services
- Charge you different prices or rates for goods or services
- Provide you a different level or quality of goods or services
- Suggest that you will receive a different price or rate for goods or services, or a different level or quality of goods or services
10. Universal Opt-Out Mechanisms
MayDay-IC honors the Global Privacy Control (GPC) signal as a valid opt-out of sale/sharing request, as required by the CCPA/CPRA and the California Attorney General's regulations. When we detect a GPC signal from your browser, we will treat it as a request to opt out of the sale or sharing of your personal information associated with that browser.
We also honor the Do Not Track (DNT) browser signal. Since we do not engage in tracking, selling, or sharing personal information for advertising purposes, these signals do not change the behavior of our website, but we recognize and respect them as valid opt-out mechanisms.
For more information about GPC, visit globalprivacycontrol.org.
11. Sensitive Personal Information
Under the CCPA/CPRA, "sensitive personal information" includes certain categories of data such as government-issued identifiers, precise geolocation, health information, and biometric data. MayDay-IC collects some categories of sensitive personal information as necessary to provide emergency response services:
- Precise Geolocation: Used during active incidents for responder safety and coordination
- Health Information: Patient vitals and triage data collected for emergency medical treatment (governed by HIPAA)
- Government-Issued ID: Badge numbers and credentials for identity verification
We do not use or disclose sensitive personal information for purposes other than those authorized by CCPA/CPRA Section 1798.121, which include providing the services you request, ensuring security and integrity, and complying with legal obligations. You have the right to limit the use and disclosure of your sensitive personal information to these authorized purposes.
12. Contact Us
If you have questions about this notice or wish to exercise your privacy rights, please contact us:
Email: info@maydayic.com
Blue Beard Solutions Inc.
Data Protection Officer
You may also contact the California Attorney General's office at oag.ca.gov/privacy to learn more about your rights under the CCPA/CPRA.