Privacy Policy

2. WHO WE ARE

Field Risk Systems LLC is a Wisconsin limited liability company and the operator of the Field Risk OS™ platform and the fieldriskos.com website. Field Risk Systems LLC acts as a data processor with respect to Customer Data entered into the Platform, and as a data controller with respect to data collected through the Site. For privacy-related inquiries, contact us at info@fieldrisksystems.com.

3. DATA CONTROLLER AND DATA PROCESSOR

Field Risk OS is a business-to-business platform. Our customers are organizations - such as wilderness expedition programs, outdoor education programs, and similar operators - that enter into a Service Agreement with Field Risk Systems LLC to manage their expedition operations.

• Customer is the data controller. The Customer determines what personal information is collected, entered, used, and retained through the Platform.

• Field Risk Systems is the data processor. We process personal information on behalf of the Customer to provide, maintain, secure, support, troubleshoot, improve, and administer the Platform, to comply with applicable law, and as otherwise described in this Privacy Policy, the Terms of Service, or the applicable Service Agreement.

  Individuals whose personal information was entered into the Platform by a Customer organization should direct privacy requests - including requests to access, correct, or delete their information - to that Customer organization. Field Risk Systems will reasonably assist the Customer in responding to such requests as appropriate. If you are unable to reach the Customer organization, you may contact us at info@fieldrisksystems.com and we will make reasonable efforts to assist or direct your request.

If you have questions about how your personal data is used, contact the Customer organization that entered your information. We will assist Customers in responding to data requests as appropriate.

4. WHAT DATA WE COLLECT

The data collected through the Platform and the Site falls into the following categories. Unless otherwise noted, data in the Platform is entered by Customer organizations and their authorized staff - not collected directly by Field Risk Systems.

Customers and their authorized staff enter personal and organizational data into the Platform, such as:

4.1 Account and User Data

Platform user accounts store the name, email address, and role of each authorized staff member. User accounts are created by invitation only; no self-service signup is available. All user accounts are associated with a person record within the Platform.

4.2 Customer Organization Data

We collect and store information about Customer organizations, including organization name, contact information, and account configuration. This information is provided by the Customer at the time of onboarding and maintained throughout the Service Agreement.

4.3 Personnel and Participant Data

Customer organizations enter personnel records for staff and participants. These records may include name, email address, phone number, date of birth, mailing address, sex or gender, dietary restrictions, and a boolean medical indicator flag. If enabled by the Platform, personnel records may also include limited safety-critical health indicators such as allergy information entered for operational purposes. Personnel records do not store diagnoses, medical conditions, prescriptions, medication lists, treatment plans, or detailed medical profiles. Where Customer organizations enter data about minor participants, all such information is entered solely by authorized adult staff on the Customer's behalf. Field Risk Systems does not request or collect personal information directly from minors through the Platform.

4.4 Trip and Operational Data

Customer organizations enter trip planning and operational data into the Platform, including trip names, dates, routes (including GPS and geographic data), itineraries, staff and participant assignments, pre-departure briefing records, field checkouts, and post-trip debrief records.

4.5 Incident and Communication Data

Incident reports entered by Customer staff may include incident narratives, descriptions of injuries sustained, illnesses observed, treatment provided, medications administered during an incident, evacuation details, medical consultation records, parent or guardian notification records, emergency services contact information, contributing factors, severity indicators, and witness statements. Communication logs may include field communications and structured fields for communication type and, where applicable, medical or incident information. This information is entered by authorized Customer staff as part of their own program operations and constitutes operational incident event documentation. It is not reviewed or verified by Field Risk Systems.

4.6 Emergency Contact Data

Customer organizations may enter emergency contact information for staff and participants. This information may include the contact's name, relationship to the individual, phone number, and email address. Emergency contacts are third parties who are not Platform users, participants, or authorized staff. Customer organizations are responsible for ensuring they have appropriate notice, consent, permission, or other legal basis to provide this information.

4.7 Uploaded Documents and Files

Customer staff may upload documents and files to the Platform. The content of uploaded files is determined entirely by the Customer organization. Field Risk Systems does not review, process, or analyze the content of uploaded files except as necessary to store and deliver them as part of Platform functionality.

4.8 System, Audit, and Security Data

The Platform automatically generates audit records of changes to data, including before-and-after snapshots of modified records. These records are created by the Platform as part of its immutable audit trail functionality and may contain copies of Customer Data, including personal and operational information. We also collect technical and security data through our hosting and infrastructure providers, such as IP addresses, access logs, and error reports, as part of standard service delivery and security monitoring.

4.9 Website Contact Form Data

The contact form on the Site collects information submitted voluntarily by Site Visitors, such as name, email address, organization name, and message content. This information is used to respond to inquiries and is not used to create Platform accounts.

4.10 Cookies and Technical Data

The Platform uses cookies and similar technologies for authentication, session management, and Platform functionality. We may use analytics tools to understand how the Platform and the Site are used. We do not sell data collected through cookies or analytics. The Platform does not respond to Do Not Track signals.

The categories above are illustrative. A full inventory of data categories is available on request.

4.11 Data We Do Not Collect

Field Risk Systems does not knowingly collect personal information directly from minors. Minors may not create user accounts or directly access the Platform. Where Customer organizations enter data about minor participants, all such data is entered by authorized adult staff on the Customer's behalf.

We do not collect payment-card numbers, financial account information, or other payment instrument data through the Platform.

We do not collect biometric data.

5. HOW WE USE DATA

Field Risk Systems uses personal and organizational data for the following purposes. Unless otherwise noted, data in the Platform is processed on behalf of Customer organizations.

• Platform operations: Providing, operating, maintaining, securing, supporting, troubleshooting, improving, and administering the Platform and its underlying infrastructure on behalf of Customer organizations.
• User account management: Creating and managing user accounts, processing invitations, and maintaining the person-first data model on behalf of Customer organizations.
• Records and data exports: Maintaining the Platform's immutable audit trail of operational records, and preparing and delivering Customer Data exports upon request or upon termination of a Service Agreement.
• Customer communication: Communicating with Customer organizations and Platform Users regarding their accounts, service updates, support matters, and other operational information related to the Platform.
• Platform improvement: Analyzing usage patterns and feedback to improve Platform functionality, reliability, and user experience. This data is not used for advertising or unrelated marketing purposes.

• Aggregated and de-identified data: Field Risk Systems may use aggregated or de-identified data derived from Customer Data for internal purposes, including internal analytics, product improvement, research, and Platform development, provided that such data does not reasonably identify any Customer organization, individual, participant, staff member, or emergency contact, whether alone or in combination with other reasonably available information.

  For external purposes - including publication, benchmarking reports, or industry research - Field Risk Systems may use aggregated or de-identified data only where such data is aggregated across a sufficient number of Customer organizations or records so that no Customer organization, individual, participant, staff member, or emergency contact can reasonably be identified from the published or shared data. Field Risk Systems will not externally publish or share data derived solely or primarily from a single Customer's use of the Platform in a manner that would permit identification of that Customer or any individual associated with that Customer's programs.

  Notwithstanding the foregoing, Field Risk Systems will not publish, share, or otherwise externally disclose customer-specific case studies, detailed operational narratives, incident records, communication logs, briefing records, or other customer-specific operational content without prior written approval from the relevant Customer organization, even if Field Risk Systems believes such content to be de-identified.

• Legal compliance: Fulfilling applicable legal obligations, responding to lawful governmental or regulatory requests, and enforcing our rights under the Terms of Service and applicable Service Agreement.
• Security: Monitoring for, investigating, and responding to actual or potential security threats, vulnerabilities, and data incidents affecting the Platform or Customer Data.
• Inquiries: Responding to questions, feedback, and contact form submissions from Site Visitors and prospective customers.

6. MEDICAL AND HEALTH-RELATED INFORMATION

The Platform is not a medical records system and is not designed or intended to store comprehensive medical histories, diagnoses, medical conditions, prescriptions, medication lists, treatment plans, or medical profiles of any individual. Customers must not use the Platform to create or maintain records of that nature.

If enabled by the Platform, Customers may enter limited safety-critical health indicators - such as allergy information or dietary restrictions - for operational purposes only and only to the extent reasonably necessary for their own program operations and participant safety. Such information must be limited to brief operational indicators (for example, identifying a known allergy and any associated emergency response) and must not constitute a comprehensive medical record or health profile. It must not include comprehensive medical histories, diagnoses, prescriptions, treatment plans, or medication lists. Customers are responsible for deciding what information to enter into these fields, obtaining any required consents or permissions before doing so, and ensuring the accuracy and appropriate use of all safety-critical information entered on behalf of participants.

The Platform may contain limited health-related operational information entered by Customer organizations, including safety-critical indicators and event-specific incident documentation. Incident reports and communication logs may include event-specific descriptions of injuries sustained, illnesses observed, treatment provided, medications administered during an incident, evacuation details, medical consultation records, parent or guardian notification records, emergency services contact information, severity indicators, and similar incident-response documentation that outdoor programs routinely record as part of their operational recordkeeping. This information is entered and controlled by the Customer organization as part of its own program operations. It describes what occurred during a specific incident event and does not constitute a comprehensive medical record, diagnosis, or treatment plan. FieldRiskOS is a documentation platform and does not provide medical advice, medical records services, or medical judgment of any kind.

Customer is solely responsible for the accuracy, completeness, legality, consent, and appropriate use of all health-related information entered into or generated through the Platform. Customer is responsible for determining what health-related information it is legally permitted to collect, enter, store, and use in connection with its programs, and for complying with all applicable laws and regulations governing that information. Field Risk Systems does not review, verify, or screen health-related information entered by Customers and makes no representation regarding Customer's compliance with any applicable law governing health information.

The Platform is not intended to be used as a HIPAA-compliant medical records system. Unless Field Risk Systems and Customer have executed a separate written Business Associate Agreement or equivalent written agreement expressly authorizing Field Risk Systems to receive, maintain, or process protected health information ("PHI") as defined under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA"), or other applicable health-record laws or regulations, Customer must not submit, upload, or enter into the Platform any information that constitutes PHI or is otherwise subject to specialized health-record obligations under applicable law. Field Risk Systems is not acting as a HIPAA Business Associate under this Policy, and no business associate relationship is created by this Policy alone. If Customer is a HIPAA covered entity or business associate and requires Field Risk Systems to receive or process PHI on Customer's behalf, Customer must contact Field Risk Systems prior to submitting any such information. Customer is solely responsible for determining whether it is a covered entity or business associate under HIPAA and for ensuring that its use of the Platform complies with all applicable requirements of HIPAA and its implementing regulations.

The Platform is not a substitute for Customer's own emergency procedures, medical protocols, or professional medical judgment.

7. CHILDREN AND MINORS

The Platform is a business-to-business tool designed for use by authorized adult personnel of Customer organizations. It is not directed to children under 13 and does not contain public-facing child-directed content. Minors may not create user accounts, receive invitations, log in, or directly access or interact with the Platform. Parents and guardians do not access the Platform directly.

Customer organizations may enter information about minor participants into the Platform as part of their own program operations. All such information is entered solely by Customer's authorized adult personnel acting within the scope of their responsibilities for Customer's programs. Field Risk Systems does not request or collect personal information directly from children through the Platform.

Customer organizations are solely responsible for obtaining any required parent or guardian consents, providing any required notices, securing any necessary permissions, and ensuring they have appropriate legal authority for their collection, entry, use, and retention of personal information about minor participants in connection with their programs. Field Risk Systems does not verify and makes no representation that Customer's collection or use of minor participant information complies with applicable law, including the Children's Online Privacy Protection Act or any comparable state law.

8. THIRD-PARTY SERVICES

Field Risk Systems uses third-party service providers to host, operate, secure, monitor, support, analyze, and maintain the Platform and Site, including providers that deliver database infrastructure, application hosting, map display, weather data, transactional email, analytics, error monitoring, and contact form processing. These providers may process personal and organizational data on Field Risk Systems’ behalf as part of service delivery.

A current list or description of third-party service providers is available on request by contacting us at info@fieldrisksystems.com.

Field Risk Systems may add or change third-party service providers as reasonably necessary for the operation, maintenance, and improvement of the Platform and Site.

9. EMERGENCY CONTACT DATA

Emergency contact information entered into the Platform constitutes personal information of third parties who are not Platform users, participants, or authorized staff, and who may never interact directly with Field Risk Systems. Customer organizations provide and control emergency contact information entered into the Platform and are responsible for ensuring they have appropriate notice, consent, permission, or other legal basis to submit that information. Field Risk Systems processes emergency contact information solely on behalf of the Customer as part of providing Platform functionality and does not provide emergency notification, emergency response, or real-time field monitoring services.

10. DATA SECURITY

Field Risk Systems implements and maintains reasonable administrative, technical, and organizational safeguards appropriate to the nature of the Platform, the sensitivity of Customer Data, and the size and nature of Field Risk Systems’ operations, designed to protect personal and organizational data from unauthorized access, disclosure, alteration, and destruction. These safeguards may include encryption, access controls, audit logging, monitoring, and other measures appropriate to the nature of the data and the Platform.

Field Risk Systems maintains administrative access to the Platform infrastructure for the purposes of customer support, system maintenance, security monitoring, and data export processing.

If Field Risk Systems becomes aware of and confirms, or reasonably believes based on available information, that a security incident has resulted in unauthorized access to Customer Data, Field Risk Systems will notify affected Customers without undue delay and, where feasible, within ninety-six (96) hours of forming that belief. Notice may be delayed to the extent required by applicable law, legal process, or a law enforcement agency request in connection with an investigation, for the duration of such requirement or request. Notice may include information reasonably available to Field Risk Systems at the time of notification and may be supplemented as additional information becomes available. Field Risk Systems does not guarantee that every security event will be identified within any specific time period.

No method of electronic transmission or storage is completely secure. Field Risk Systems does not guarantee absolute security and does not warrant that the Platform or Customer Data will be free from unauthorized access, security incidents, or data loss. Field Risk Systems uses commercially reasonable measures to protect data but cannot guarantee complete security.

11. DATA RETENTION

11.1 Retention During Active Service Agreement

Field Risk Systems retains Customer Data during the active Service Agreement as needed to provide the Platform. Finalized operational records are treated as immutable within the Platform and cannot be edited or deleted through ordinary application functionality by any Authorized User. This immutability is a Platform feature designed to support operational record integrity and audit trail consistency. It is not a legal record-retention service, a compliance guarantee, or a substitute for Customer's own recordkeeping obligations.

11.2 Retention After Termination

Following termination or expiration of a Service Agreement, Customer Data is retained according to the applicable data class:

• Class A Data (Operational Data): Retained for up to ninety (90) days following export delivery or termination, then deleted or scheduled for deletion, subject to any longer retention required by applicable law, backup retention cycles, security requirements, or technical limitations. Deletion of a standalone Class A record does not affect information from that record already incorporated into a finalized Class B operational record.
• Class B Data (Operational Records): Finalized operational records may be retained for up to three (3) years following termination, subject to Field Risk Systems' continued operation and applicable legal or operational needs. Field Risk Systems may delete Class B Data within that period in its reasonable discretion, subject to any applicable legal hold, backup retention cycle, security requirement, or technical limitation.
• Class C Data (De-identified Aggregates): Aggregated or de-identified data that does not reasonably identify any Customer organization, staff member, or participant may be retained indefinitely.

11.3 Classification

Class A Data includes standalone personnel records, trip planning data, organizational settings, document uploads, user account information, and non-finalized trip instances. Standalone personnel records are generally Class A Data unless and until information from those records is incorporated into a finalized operational record within the Platform.

Class B Data includes completed trip briefings, incident reports, communication logs, equipment checkout records, post-trip debriefs, and system audit logs. Information from a personnel record or other Class A Data that is incorporated into a finalized trip briefing, incident report, communication log, debrief, equipment checkout, or other completed operational record at the time of its completion becomes part of that Class B record and is governed by the Class B retention provisions, regardless of any subsequent modification, deletion, or expiration of the underlying standalone Class A record.

Deletion or correction of a standalone personnel record does not necessarily remove historical references to that information contained within finalized Class B operational records. Customers should not assume that deletion of a standalone personnel record will result in the removal of that individual's information from previously completed operational records.

11.4 Customer Responsibility

Customers are solely responsible for maintaining their own copies of all records for legal, regulatory, accreditation, insurance, and operational purposes. The Platform's record immutability feature does not satisfy, substitute for, or guarantee compliance with any recordkeeping obligation. Customers must not rely solely on the Platform as their system of record.

12. YOUR RIGHTS AND CHOICES

12.1 Customer Organizations

Because Customer organizations are the data controllers for data entered into the Platform, they have the primary rights with respect to that data. As the data controller, a Customer organization may: access its data through the Platform or by requesting a data export; correct inaccurate data directly within the Platform where the Platform allows, or by contacting us; request deletion of Class A operational data; and request information about how its data is processed. Field Risk Systems will reasonably assist Customer organizations in responding to data requests as appropriate in its role as data processor.

Rights available to Customer organizations may vary depending on applicable law and the nature of the data at issue. Some information entered into the Platform may not be editable or deletable through ordinary Platform functionality if it has been incorporated into a finalized Class B operational record, including completed trip briefings, incident reports, communication logs, or system audit logs. Deletion of such information may also be limited by applicable legal obligations, backup retention cycles, security requirements, or technical limitations. Such information is subject to the retention and immutability provisions described in Sections 11 and 12.1 of this Policy.

Record immutability is a Platform feature designed to support operational accountability and audit trail integrity for Customer's programs. Once a record is marked as complete within the Platform, it cannot be edited or deleted through ordinary application functionality by any Authorized User. This feature is intended to assist Customer in maintaining consistent operational documentation and is not a legal record-retention service, a compliance guarantee, or a substitute for Customer's own recordkeeping obligations.

Notwithstanding the foregoing, Field Risk Systems retains full administrative ability at the database or system level to delete, export, restrict, archive, or otherwise manage records where Field Risk Systems determines, in its reasonable discretion, that such action is necessary for: (a) legal compliance or response to a legal process or governmental request; (b) data retention management, including implementation of data retention schedules; (c) security incident response or threat mitigation; (d) customer support, troubleshooting, or technical maintenance; (e) system administration; or (f) cessation, wind-down, or transition of Platform operations. Field Risk Systems may exercise these administrative capabilities without prior notice to Customer where circumstances reasonably require prompt action.

Customer is solely responsible for satisfying all of its own legal, regulatory, accreditation, insurance, and program-specific recordkeeping obligations, including any obligation to retain, produce, or preserve records under applicable federal, state, or local law, accreditation standards, or insurance requirements. The Platform's record immutability feature does not satisfy, substitute for, or guarantee compliance with any such obligation. Customer must maintain its own independent copies of all records it is required to retain.

12.2 Individuals

Personal information about individuals entered into the Platform was entered by, and is controlled by, the Customer organization that manages that data. Because Customer organizations are the data controllers for that information, individuals seeking to access, correct, or request deletion of their personal information should contact the relevant Customer organization directly. Field Risk Systems will reasonably assist Customer organizations in responding to such requests as appropriate in its role as data processor.

The ability to edit or delete personal information may be limited where that information is contained in a finalized Class B operational record or system audit log, which cannot be edited or deleted through ordinary Platform functionality. Deletion of such information may also be limited by applicable legal obligations, backup retention cycles, security requirements, or technical limitations. Rights available to individuals may vary depending on applicable law.

If you are unable to reach the Customer organization, you may contact us at info@fieldrisksystems.com and we will make reasonable efforts to assist or direct your request.

12.3 Additional Privacy Rights

Depending on applicable law and your location, you may have rights to access, correct, delete, or receive a copy of, or information about, personal information that has been collected about you. Because Field Risk Systems primarily processes personal information on behalf of Customer organizations as a data processor, the relevant Customer organization is generally the appropriate point of contact for such requests. Field Risk Systems will assist Customer organizations in responding to requests as appropriate in its processor role. If you are unable to reach the relevant Customer organization, you may contact us at info@fieldrisksystems.com.

13. DATA SHARING

Field Risk Systems does not sell personal data. Field Risk Systems does not use Customer Data for cross-context behavioral advertising. Personal and organizational data is shared only in the following circumstances:

• Third-party service providers: With providers engaged to host, operate, secure, support, and maintain the Platform and Site, as described in Section 8 of this Policy. These providers process data on Field Risk Systems’ behalf and are not permitted to use it for their own purposes.
• Legal requirements: As required by applicable law, regulation, legal process, court order, or governmental or regulatory request.
• Business transfer:In connection with a merger, acquisition, reorganization, or sale of all or a material portion of Field Risk Systems’ assets. Field Risk Systems will provide reasonable advance notice to affected Customers of any such transfer that affects their data.
• Professional advisors:With attorneys, accountants, insurers, and other professional advisors, subject to confidentiality obligations, as necessary to operate Field Risk Systems’ business and manage legal risk.
• Customer direction: As directed or authorized by the Customer organization, consistent with the terms of the applicable Service Agreement.

14. COOKIES AND ANALYTICS

The Platform uses cookies and similar technologies that are essential to its operation, including for authentication, session management, security, and core Platform functionality. These technologies are necessary to provide the Platform and cannot be disabled without impairing Platform access.

Field Risk Systems may use analytics tools to understand how the Platform and Site are used, including how users navigate and interact with Platform features. Analytics data is used solely to maintain and improve the Platform and Site and is not used for advertising or unrelated marketing purposes.

Field Risk Systems does not use advertising cookies, retargeting pixels, or cross-site tracking technologies. Field Risk Systems does not sell data collected through cookies or analytics.

The Platform does not respond to Do Not Track signals.

15. DATA LOCATION

Customer Data is primarily stored and processed in the United States by Field Risk Systems and its third-party service providers. Field Risk Systems uses commercially reasonable efforts to ensure that Customer Data is not stored or transferred outside the United States, except as may be necessary in connection with authorized service providers.

16. CESSATION OF OPERATIONS

If Field Risk Systems LLC ceases operations, winds down, or transitions the Platform to another operator or successor, Field Risk Systems will use commercially reasonable efforts to take the steps described below. Field Risk Systems' ability to fulfill these commitments may be limited or prevented by circumstances beyond its reasonable control, including insolvency or bankruptcy proceedings, emergency shutdown, security incidents, loss of hosting infrastructure, regulatory action, or other events that impair orderly wind-down operations. Nothing in this Section creates an absolute obligation or guarantee of performance in those circumstances.

• Field Risk Systems will use commercially reasonable efforts to notify affected Customers in advance of the cessation or transition date, where practicable. Field Risk Systems will aim to provide at least sixty (60) days' advance notice, but cannot guarantee this timeline where circumstances prevent or impair orderly wind-down operations.
• Field Risk Systems will use commercially reasonable efforts to make Customer Data available for export in machine-readable format prior to or promptly following cessation, to the extent Field Risk Systems has the technical capacity and operational resources to do so at the time.
• Field Risk Systems will use commercially reasonable efforts to make available transition information where practicable, including information about the format and content of available Customer Data exports, to assist Customers in migrating or preserving their records.
• Customer is solely responsible for maintaining its own copies of all records at all times and must not rely on the Platform as its primary or only copy of any data, document, or record. Field Risk Systems' cessation-related commitments under this Section do not modify or substitute for Customer's independent legal, regulatory, accreditation, insurance, or operational recordkeeping obligations.

17. CHANGES TO THIS POLICY

Field Risk Systems may update this Policy from time to time. The effective date at the top of this Policy will be updated whenever changes are made.

Non-material updates - such as clarifications, editorial corrections, or changes that do not materially affect data practices or individual rights - will become effective upon posting. Continued use of the Platform or Site after the effective date of a non-material update constitutes acceptance of that update.

Material changes to data practices - such as changes to how personal or organizational data is collected, used, shared, or retained - will be communicated to affected Customers with reasonable advance notice by email or in-Platform notification where practicable, before taking effect. Field Risk Systems will not rely solely on continued use as acceptance of material changes to this Policy.

18. CONTACT

Field Risk Systems LLC - questions about this Privacy Policy or your data may be directed to us at info@fieldrisksystems.com.