Burnover

Privacy Policy

Last Updated: April 17, 2026

Burnover LLC ("Burnover," "we," "us," or "our") provides a situational-awareness mobile application and related services for fire, rescue, and other emergency-response agencies (collectively, the "Services"). This Privacy Policy describes how we collect, use, and disclose information when you use the Burnover mobile application, our website at https://burnover.app, and any related products or services that link to this Policy.

By downloading, installing, registering for, or using the Services, you agree to this Privacy Policy. If you do not agree with this Policy, do not use the Services.

1. Who This Policy Applies To

The Services are intended for use by adult members and administrators of emergency-response agencies ("Departments"), as well as, where applicable, designated guests (such as mutual-aid responders). The Services are not intended for children, as described in Section 9.

2. Information We Collect

2.1 Information You Provide to Us

We collect information you provide directly to us when you create an account, complete your profile, set up or join a Department, create or respond to an incident, or contact us for support. This includes:

• Account and profile information: first name, last name, email address, phone number, password, profile photo (if provided), and any other information you choose to add to your profile.
• Department information: Department name, location(s), membership, roles, permissions, settings, and any documents, notes, or operational data you or your Department choose to upload.
• Incident information: incident identifiers, incident locations, assignments, status updates, responder check-ins, notes, and any other data entered or generated during an incident.
• Communications: messages, feedback, bug reports, and other content you send to us or to other users through the Services.
• Billing information: if and when paid features are offered, billing contact details and payment-method information processed through our payment processor. We do not store full payment-card numbers on our servers.

2.2 Information Collected Automatically

When you use the Services, we automatically collect certain information about your device and your use of the Services, including:

• Device and app data: device model, operating system and version, app version, language settings, time zone, crash logs, and diagnostic information.
• Log and usage data: IP address, access times, features used, pages and screens viewed, actions taken, and referring URLs (for the website).
• Push-notification identifiers: device tokens used to deliver notifications through Apple Push Notification service (APNs) and Firebase Cloud Messaging (FCM).
• Analytics data: anonymized or pseudonymized usage events used to understand how the Services are used and to improve them.

2.3 Location Information

The Services use GPS and other location technologies to provide their core functionality, including showing responder positions on a map, tracking responder movement during an incident, and displaying Department-specific geographic information.

• On mobile devices, we request your permission before collecting precise location data.
• Location is collected while you are actively signed in and, depending on your choices, while location tracking is turned on or while an incident is active.
• You can disable location collection at any time by turning off location permissions in your device settings or by turning off tracking inside the app. If you disable location, significant parts of the Services will not function.

2.4 Cookies and Similar Technologies

Our website uses cookies, local storage, and similar technologies to remember your preferences, keep you signed in, and gather analytics. Most browsers allow you to control cookies through their settings. Disabling cookies may affect parts of the website.

2.5 Information From Third Parties

We may receive limited information from:

• Your Department or its administrators, who may add your contact details to the Services in order to invite you or configure your access.
• Third-party authentication providers and platforms you use to sign in (if applicable), which may send us basic profile information such as your email address.
• Analytics and crash-reporting providers that help us diagnose technical issues.

3. How We Use Information

We use the information we collect to:

• Provide, maintain, and operate the Services, including creating accounts, authenticating users, and delivering core functionality such as incident tracking, mapping, and situational-awareness features.
• Share your location, status, and identifying details with your Department and with any department or agency invited to respond to an incident (see Section 4).
• Send transactional and service-related communications (for example, password resets, account notices, incident notifications, and security alerts).
• Respond to your inquiries, requests, and support needs.
• Monitor, troubleshoot, and improve the performance, reliability, and security of the Services.
• Analyze usage trends and evaluate the effectiveness of features.
• Detect, investigate, and prevent fraud, abuse, unauthorized access, and violations of our Terms of Service.
• Process payments and manage billing for paid features, if applicable.
• Comply with legal obligations and enforce our agreements.

We do not use your personal information for targeted advertising, and we do not permit third-party advertising networks to collect personal information through the Services.

4. How We Share Information

We do not sell your personal information, and we do not share it for advertising or marketing purposes. We share information only as described below.

4.1 With Your Department and Responding Agencies

The Services are designed to share operational information among emergency responders. By using the Services, you understand that certain information about you—including your name, role, phone number, email, profile photo (if provided), current location (when tracking is on), response status, and any notes or data you enter during an incident—may be visible to:

• Administrators and members of any Department you belong to; and
• Any department, agency, or designated responders invited to respond to an incident you are participating in (for example, mutual-aid partners).

The scope of sharing with outside departments may be adjusted before or after general release; please review the most current in-app settings and documentation for details.

4.2 With Service Providers

We share information with third-party vendors and service providers that help us operate the Services under contractual obligations to protect the information. These providers currently include or may include:

• Cloud infrastructure and database: Supabase and Google Cloud Platform (including Google Cloud Run).
• Mobile push notifications: Apple Push Notification service (APNs) and Firebase Cloud Messaging (Google).
• Maps and geolocation: Mapbox and related mapping providers.
• Product analytics: PostHog.
• Transactional email: Resend and similar email-delivery providers.
• App distribution and crash/usage reporting: Apple (App Store, TestFlight) and Google (Google Play, Google Play Beta), which may automatically collect crash logs, feedback, and usage data and share it with us.
• Payment processing: our payment processor(s), if you purchase a paid plan.
• Customer-support and productivity tools.

These providers may process information on our behalf, including in the United States and other countries.

4.3 For Legal and Safety Reasons

We may disclose information if we believe in good faith that disclosure is necessary to:

• comply with applicable law, regulation, subpoena, court order, or other legal process;
• enforce our Terms of Service or other agreements;
• protect the rights, property, or safety of Burnover, our users, emergency responders, or the public;
• investigate or prevent fraud, security incidents, or abuse of the Services.

4.4 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar transaction, your information may be transferred as part of that transaction, subject to this Privacy Policy or a successor policy at least as protective.

4.5 Aggregated and De-Identified Data

We may create aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you, and we may use and disclose such data for any lawful purpose.

5. Your Choices

• Profile information: You can view and edit most profile information inside the app at any time.
• Location: You can turn location permissions on or off from your device settings, and you can stop active tracking from within the app.
• Notifications: You can control push notifications through your device settings.
• Access, correction, and deletion: You may request access to, correction of, or deletion of your personal information by contacting us at support@burnover.app. We will respond consistent with applicable law. Some information may need to be retained for legal, safety, operational, or record-keeping reasons, and Department-owned records may be retained under the Department's direction.
• Account closure: You may request to close your account by contacting us. Department-owned data (such as incident records) may be retained by your Department after your account is closed.

6. Data Retention

We retain personal information for as long as your account is active, as needed to provide the Services, and as required to meet our legal, regulatory, accounting, or reporting obligations. Incident and audit records may be retained for extended periods to support Department record-keeping and legal requirements. When we no longer need personal information, we will delete, anonymize, or archive it using commercially reasonable measures.

7. Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. However, no system is perfectly secure, and we cannot guarantee the security of information transmitted over the Internet or stored in our systems. You are responsible for protecting your account credentials and for the security of the devices you use to access the Services.

8. Third-Party Services and Links

The Services may interact with or link to third-party services (for example, map providers, authentication providers, and platform app stores). We are not responsible for the privacy practices of those third parties. Their handling of your information is governed by their own privacy policies, and we encourage you to review them.

9. Children's Privacy

The Services are intended for adults and are not directed to children under 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information. If you believe a child has provided us with personal information, please contact us at support@burnover.app.

10. International Users

Burnover is based in the United States, and our Services are operated primarily from the United States. If you use the Services from outside the United States, your information will be transferred to and processed in the United States and other countries where we or our service providers operate. These countries may have data-protection laws that differ from those in your country. By using the Services, you consent to this transfer and processing.

11. Your Regional Rights

Depending on where you live, you may have additional rights under applicable privacy laws, which may include the right to:

• know what personal information we have collected about you;
• access and receive a copy of your personal information;
• correct inaccurate personal information;
• request deletion of your personal information;
• opt out of certain processing activities;
• not be discriminated against for exercising your rights.

To exercise these rights, contact us at support@burnover.app. We may need to verify your identity before responding. We do not sell personal information, and we do not "share" personal information for cross-context behavioral advertising.

12. Do-Not-Track

Some browsers offer a "Do Not Track" signal. Because there is no common industry standard for interpreting these signals, our website does not currently respond to them.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top of this Policy indicates when it was last revised. If we make material changes, we will provide notice through the Services or by other reasonable means. Your continued use of the Services after the effective date of an updated Privacy Policy constitutes your acceptance of the updated Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Burnover LLC Email: support@burnover.app General inquiries: info@burnover.app