Privacy Notice
Introduction / Scope of Notice
ESO is dedicated to improving community health and safety through the power of data. ESO provides industry-leading software solutions (the “services”) to fire departments, hospitals, and local and state Emergency Medical Services organizations. ESO’s site provides marketing and sales information on our services, support for our customers, and a broad range of training and information resources for our customers and the general public.
ESO Solutions, Inc. (together with its controlled affiliates “ESO”) is committed to protecting your privacy. We have prepared this Privacy Notice to describe to you our practices regarding the personal information we collect from:
- – Users of our website located at eso.com (the “site”).
- – Individuals who have purchased our services or have expressed interest in our services but have not yet made a purchase.
- – Individuals who work for us or apply to work with us (in addition to the separate applicant and employee privacy notices).
All references in this Privacy Notice to “we” or “us” shall be construed to mean ESO and all references to “you” or “your” shall be construed to mean users of our website or services (which includes employees and role applicants). Please note that any information collected from or about users may be stored on our servers in the United States of America.
In addition to this Privacy Notice, other privacy notices may be applicable to you based on your location (e.g., California) or your relationship with ESO (e.g., an employee or role applicant).
Table of Contents
-
ESO Privacy Notice
-
Introduction / Scope of Notice1
Glossary / Terms Used
| Term | Meaning |
|---|---|
| Data subject | A data subject is the natural person that a piece of information is about or linked to. In the context of this notice, users may be data subjects. |
| Data Controller or Controller | A data controller is the entity (usually a company) that has the responsibility of deciding how personal data is processed and protected from harm. |
| Data Processor or processor | A data processor is an entity that processes personal data on behalf of a controller. They must adhere to instructions passed on by the controller within a legal contract. |
| Personal Data / Personal Information | Personal data is information about who you are, where you live, what you do and more. In the context of this notice, personal data will be data that is provided either via technology or provided by you via feedback or a query, etc. For the purposes of this notice, personal data and personal information have the same meaning. |
Information We Collect
Information Users Provide to Us
We collect personal information that users who visit the site provide, such as:
- – Contact information, for example, your name, email address, address, title, job title, position, company, and telephone number.
- – Any information that you provide to us when you contact us, participate in one of our surveys, register for an event or training or contact us for any other purpose.
- – Information we may collect when we record meetings or calls to support quality assurance, training and for regulatory compliance purposes or to provide assistance for ESO services.
Information Collected via Technology
When you interact with our site, we obtain certain information via technology, such as through cookies, web server logs, web beacons, and other technologies. A “cookie” is a text file that websites send to a visitor’s computer or other internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. A “web beacon,” also known as an internet tag, pixel tag or clear GIF, links web pages to web servers and their cookies and may be used to transmit information collected through cookies back to a web server.
We use these automated technologies to collect information about your device, browsing actions, and usage patterns. The information we obtain in this manner may include your device Internet Protocol (IP) address, identifiers associated with your devices, types of devices connected to our services, web browser characteristics, device characteristics, language preferences, referring/exit pages, internet service provider, operating systems, clickstream data and dates and times of visits to our site. These technologies help us to remember your information so you will not have to re-enter it; and allows us to track and understand how you use and interact with our services.
For further information on our collection of information via tracking technologies and your rights related to cookies and other online tracking, please see the Cookie Notice here.
Information Collected from Third Parties
We may collect information about users from third parties such as:
- – Third parties who license, sell, or otherwise provide data they have collected; or
- – Information from publicly available sources such as the media or where the data subject has made information publicly available, like on social networks.
How We Use Your Information and Legal Bases for Processing
We will only use your personal information where we have a lawful basis. Any personal information you enter after this time will only be used for the purposes of carrying out your request, for example, if you ask to join a mailing list, you will be sent emails on a periodic basis, or where you have contacted us via the form, we will use your personal information to respond.
| Purpose | Legal Basis |
|---|---|
| To provide you with the services you have requested, e.g., responding to any inquiry, providing support services, managing your account and profile, hosting events, and managing the contractual relationship | Contractual necessity and legitimate interest |
| To provide improved administration of the site, improve quality, and correct or update information | Legitimate interest |
| To send you administrative email notifications, such as security or support; and maintenance advisories | Legitimate interest and legal requirement (dependent on the services signed up for) |
| To verify your identity / identify you in our system | Legal requirement and legitimate interest |
| To perform analytics (including market research, trend analysis, financial analysis) | Legitimate interest |
| To protect against, identify, and prevent fraud, abuse, and other criminal activity | Legal requirement and legitimate interest |
| To register and accept any payments for events or trainings | Legitimate interest and contractual necessity |
| To administer and protect our business and this website | Legitimate interest |
| To send emails, text messages, newsletters, surveys, offers and other promotional materials related to our services and for other marketing purposes of ESO | Consent |
| To provide customer support and to respond to enquiries or requests | Legitimate interest and contractual necessity |
| To comply with regulations, for training or for quality assurance, we may at times record meetings | Legitimate interest and legal requirement |
| For any other disclosed purpose when you provide the information. | Legitimate interest |
When we process your personal information for our legitimate interests, we will endeavor to ensure that your fundamental rights or freedoms are not compromised. We may also use more than one legal basis for processing your personal information where required.
Creation and Usage of De-Identified Data
To improve our services and enhance your experience, we may create and use de-identified data. This means that we remove any details that could identify you personally. This data would be used for purposes such as:
- – Analyzing patterns and trends to make our services more efficient and user friendly.
- – Improving the content we offer by understanding how our services are used.
- – Research and development – Please see Data and Research for more information.
Disclosure of Your Personal Information
We will not share, sell, rent, or provide access to your personal information to others, without your specific consent unless one of the following exceptions applies:
- – Necessary or critical messaging – We may share your personal information with third parties to contact you in the event of an emergency or system outage.
- – Affiliated entities – we may share your personal information and usage data to any of our affiliated entities, including our subsidiaries.
- – Data processors – We may share your personal information with third-party data processors to conduct quality assurance testing, provide technical support, or to deliver other services to or on behalf of ESO. For instance, we may contract with third parties to host our servers, provide security, to send out emergency communications, or for analytics or reporting services. Our service providers (if they are data processors) will be given access to your information only as is reasonably necessary to support our site or to provide other services with your consent. For a list of all our data processors, please email [email protected].
- – User feedback – We may share user feedback on our website using just a first name and last initial, after obtaining consent.
- – Corporate Restructuring – We may share some or all of your personal information in connection with or during the negotiation of any merger, financing, acquisition or dissolution, transaction or proceedings involving the sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of insolvency, bankruptcy, or receivership, personal information may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the personal information collected by us and will assume the rights and obligations regarding your personal information as described in this Privacy Notice.
- – Legal Process, Enforcement and Security Notice – ESO may disclose personal information if we believe in good faith that such disclosure is necessary. Examples include:
- – In connection with a legal investigation.
- – To comply with relevant laws or to respond to subpoenas, warrants or regulatory demands served on us.
- – To protect or defend the rights or property of ESO, or ESO’s employeesor customers (and their respective users); and/or
- – To investigate or assist in preventing any violation or potential violation of the law, this Privacy Notice, or our Terms of Service.
- – Consent – We may share your personal information for other purposes as directed by you or with your consent.
How Long Do We Keep Your Information?
We will only keep your personal information for as long as necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Transfer Mechanism for International Data Transfers
ESO complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. ESO has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit Data privacy framework website.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, ESO commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit JAMS for more information or to file a complaint. The services of JAMS are provided at no cost to you.
The Federal Trade Commission has jurisdiction over ESO’s compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.
Additionally, an individual may, under certain conditions, invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms; for additional information: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2
If ESO receives personal information under the DPF Principles and then transfers that personal information to a third party, ESO shall remain liable under the DPF Principles to the extent the third party’s actions are inconsistent with the DPF Principles, unless ESO provides information in support of ESO not having responsibility for the event.
Your Privacy Rights
Depending on where you reside and the local privacy or data regulations in place, data subjects may have rights in relation to the processing of their personal data. For example, you may have some or all of the following rights:
- – The right to be informed – individuals have the right to be informed about the collection and usage of their personal data.
- – The right of access – individuals have the right to access their personal data, including information about how it is being processed.
- – The right of rectification – individuals have the right to request rectification of inaccurate or incomplete personal data.
- – The right to be forgotten (also called the right to erasure) – individuals have the right to request that their personal data is deleted.
- – The right to restrict processing of your data – individuals have the right to request that processing of their personal data is restricted.
- – The right to data portability – individuals have the right to receive personal data they have provided to a controller in a structured format and to request that this data be transmitted directly to another controller
- – The right to object – individuals have the right to object to certain processing of their personal data including sale, targeted advertising, and some profiling
- – The right to object to automated processing – individuals have the right to object to solely automated processing
- – The right to withdraw consent where our processing of your personal data is based on consent
- – The right not to be discriminated against for exercising your privacy rights. If you are a California resident, please see California Privacy Notice for information on our privacy practices and your rights under the California Consumer Privacy Act.
Exercising Your Privacy Rights
If you or your authorized agent wish to exercise your privacy rights, please contact [email protected].
To respond to your inquiry, we may need additional information from you to help us confirm your identity. If you choose to use an authorized agent to submit your privacy rights request, we must ensure you have properly authorized the agent to act on your behalf and may require proof of written authorization. These are security measures to ensure that personal information is not shared with the incorrect individual.
If we are unable to confirm your identity or authorize a third party, we may not honor your request. Where we deny a privacy rights request, we will notify you of the reason for the denial and you may have the right to appeal the decision directly to us or file a complaint with your supervisory authority.
We may also ask you for further information where it will assist us in speeding up the response.
Should you be unhappy with our response, you have the right to lodge a complaint with your local supervisory authority:
- – In the UK, this is the Information Commissioner’s Office (ICO)
- – If you are located in the EEA or EU, you can find details of your local authority here.
- – If you are located in Canada, it is the Office of the Privacy Commissioner of Canada.
- – If you are located in Costa Rica, it is The Agency for the Protection of Personal Data (PRODHAB)
- – For the USA, please contact the Federal Trade Commission (FTC) or appropriate state authorities.
Your California Privacy Rights
If you are a California resident, please see our California Consumer Privacy Notice for more information about our privacy practices and your rights and choices.
Security of Your Personal Information
ESO is dedicated to safeguarding your personal information. We employ a range of industry-standard security technologies and procedures to protect your data from unauthorized access, use, or disclosure. While no method of transmission over the internet or electronic storage is completely secure, we continuously strive to enhance our security measures. Despite our best efforts, we cannot guarantee absolute security, but we remain committed to protecting your personal information to the fullest extent possible.
Artificial Intelligence (AI)
Artificial Intelligence or AI allows us to utilize computer systems to enhance services by streamlining processes and making them more efficient.
At ESO, AI may be included in our services offerings. AI may process your personal data to analyze usage patterns and preferences or to enhance service quality and performance, but it will never have full autonomy to make decisions independently.
Where AI is integrated into our services, we will ensure it is protected by the same robust security protocols that ESO uses for all other data.
Children – Site User Age Requirement
ESO does not target its offerings toward and does not knowingly collect any personal information from consumers or users under 18 years of age. If ESO learns that the user is a child under 18, we will attempt to delete the information as soon as possible. Occasionally, customers of ESO may have employees or volunteers who are 17 years old or younger. ESO does not aim to collect or keep their data. The customer is responsible for requesting permission for the collection and storage of their employee or volunteer data for those under 18 years of age.
If you believe that we might incorrectly have any user personal information from a child under 18, please contact us at [email protected].
Links to Other Sites
Throughout the site, there may be links that take you outside our website, including links to social media sites, video sharing sites, news or other information sites, or other third-party websites. Once you leave this website, this privacy notice no longer applies to the processing of your personal data. Please read the applicable website’s privacy terms carefully when using these links. These other sites may use cookies, collect data, or solicit personal information.
Changes to this Privacy Notice
This privacy notice (and any others published on eso.com) may be updated to reflect changing business or regulatory conditions. We will post a notice on our site to notify you of any significant changes to this privacy notice and include when the privacy notice was last updated.
How to Contact Us
To ask questions, complain or provide comments about this privacy notice or our privacy practices, including exercising your rights as a data subject, please contact ESO or our Data Protection Officer (DPO) Jonathan Cummings at [email protected] or by postal mail at:
ESO SOLUTIONS, Inc.
Legal Department
2803 Manor Rd,
Austin, TX 78722
Telephone 866.766.9471
Last Updated: 26 March 2025