Privacy Policy

Last updated: 2025-12-06 · This page is for demonstration only and is not legal advice.

Demo Notice: This sample policy is provided for development context. Replace with your organization’s real privacy policy before going live.

Who we are

FireSmart Hub provides online services that help communities become more wildfire resilient. The Hub may integrate with related applications (e.g., WCPD) using Single Sign-On (SSO).

What we collect

  • Account & profile information (e.g., name, email) when you sign in.
  • Authentication data from our identity provider (IdP), such as unique IDs and role claims, to authorize access.
  • Usage data (e.g., pages viewed, basic device info) for service performance and security.
  • Application data you submit in forms (e.g., WCPD-related information).

How we use information

  • To authenticate you and maintain your session across the Hub and connected apps.
  • To provide, secure, and improve the services (including troubleshooting and auditing).
  • To communicate about your account or application status (e.g., password reset emails).

Cookies & similar technologies

We use cookies to keep you signed in, remember preferences, and measure basic usage. Examples (names may differ in your environment):

Cookie Type Purpose (example)
.hub.auth Strictly necessary Keeps you signed in to the FireSmart Hub.
.wcpd.auth Strictly necessary Maintains your session in the WCPD app after SSO.
.hub.af, .wcpd.af Security Antiforgery tokens for secure form submissions.
AnonymousIdentity Functional Allows limited, anonymous progress before registration.
_ga, _ga_* Analytics Basic, aggregated usage metrics to improve the service.

You can control cookies in your browser settings; disabling strictly necessary cookies may break login.

Sharing & third parties

  • Identity provider (SSO): to authenticate and authorize access across connected apps.
  • Email service: to send account-related emails (e.g., verification, password reset).
  • Analytics: to understand aggregate usage and improve performance.

We do not sell personal information. Limited data may be processed by service providers under contract.

Data retention

We retain account and application data for as long as necessary to operate the service and meet legal/operational requirements. Anonymized or aggregated data may be retained longer for analytics and reporting.

Security

We use administrative, technical, and organizational measures (such as HTTPS, access controls, and monitoring) to protect data. No method of transmission or storage is 100% secure.

Your choices & rights

  • Access, correct, or delete your account information (subject to applicable law and system constraints).
  • Control cookies in your browser settings.
  • Contact us to exercise additional rights or ask questions.

Children’s privacy

Our services are intended for adult users. If you believe a child has provided personal information, please contact us to request deletion.

International use

Services and data may be hosted or processed in Canada and other locations where our providers operate. By using the service, you acknowledge such transfers.

Changes to this policy

We may update this page from time to time. The “Last updated” date above reflects the latest revision.

Contact

Questions about this demo policy? Email privacy@example.org.