Skip to content

Privacy Policy

Effective as of April  20, 2026, Field1st and its affiliates (collectively, the “Field1st Group” or “we” or “us” or “our”) have updated our Privacy Policy.

At a Glance: At a Glance: We do not sell your personal data. We use industry-standard AES-256 encryption to protect your data at rest and TLS 1.2+ for data in transit, and we only retain data as long as necessary to provide our safety management services.

1. Our Commitment to Your Privacy

Field1st and its affiliates (“Field1st Group,” “we,” “us”) respect your privacy. This policy outlines how we collect, use, and protect your personal information across our website and services.

This policy (together with our terms of service and any other documents referred to in it) sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed.

This policy applies globally and includes jurisdiction-specific disclosures for users in the European Union, the United Kingdom, the United States (including California, Virginia, and Colorado), and Canada (including Quebec). Where the laws of your jurisdiction provide additional rights, those rights are described in Sections 5 and 8.

2. Information We Collect & Why

To provide our predictive safety platform, we collect the following categories of data:

Category Examples Purpose Legal Basis (GDPR)
Identifiers Name, email, phone, work address Service delivery & account mgmt Contractual Necessity
Professional Info Job title, safety certifications Safety workflow optimization Legitimate Interest
Sensitive Info Precise Geo-location Real-time field safety alerts Consent
Usage Data IP address, browser type, logs Security & platform analytics Legitimate Interest

For individuals in Canada, we collect, use, and disclose personal information only for purposes that a reasonable person would consider appropriate in the circumstances, and we identify those purposes to you at or before the time of collection, as required by PIPEDA and applicable provincial laws. See Section 8 for Canada-specific details.

3. Artificial Intelligence & Automated Processing

Field1st utilizes machine learning to provide predictive safety insights.

  • Model Training: We may use de-identified, aggregated data to improve our safety algorithms.
  • Opt-Out: You have the right to opt-out of significant decisions made solely by automated processing.

For users in Quebec, where a decision that produces legal effects or significantly affects you is based exclusively on automated processing of your personal information, we will notify you of that fact at or before the decision, and on request we will inform you of (a) the personal information used, (b) the reasons and principal factors that led to the decision, and (c) your right to have the information corrected. You also have the right to submit observations to a member of our personnel who is in a position to review the decision.

4. How We Protect & Store Data

We employ a “Security by Design” framework, including:

  • Encryption: Data is encrypted at rest (AES-256) and in transit (TLS 1.2+).
  • Retention: We typically retain active account data for the duration of your contract. Inactive leads / marketing data are purged after 24 months of non-interaction. For Canadian users, we apply the same retention limits and, consistent with Quebec Law 25, destroy or anonymize personal information once the purposes for which it was collected have been achieved, subject to legal retention obligations.
  • Data Transfers (EU / UK): For EU and UK users, we utilize Standard Contractual Clauses (SCCs) and, where applicable, the UK International Data Transfer Addendum, and adhere to the EU-U.S. Data Privacy Framework to ensure your data receives an equivalent level of protection abroad.
  • Data Transfers (Canada): Field1st is headquartered in the United States, and personal information of Canadian users is stored and processed in the United States and may be accessed by service providers located in other countries. While in another jurisdiction, personal information is subject to the laws of that jurisdiction and may be disclosed to courts, law-enforcement, and governmental authorities in accordance with those laws. We use contractual and technical safeguards — including written agreements that impose privacy and security obligations comparable to our own — to protect personal information that is transferred outside of Canada. Canadian users can obtain information about our cross-border transfer practices, including how to contact the relevant Canadian privacy regulator, please contact the Field1st Support Team.
  • Breach Response: In the event of a breach of security safeguards involving personal information that creates a real risk of significant harm (PIPEDA) or a confidentiality incident that presents a risk of serious injury (Quebec Law 25), we will notify affected individuals and the applicable regulator as required by law, and we maintain a record of such incidents.

5. Your Privacy Rights & Verification

Depending on your location (e.g., EU, UK, California, Virginia, Colorado, or Canada), you have the right to Access, Correct, Delete, or Port your data. Canadian-specific rights are described in Section 8.

How to Submit a Request: You may request access to your information, or to have your information changed or removed. We respond to verified requests as soon as reasonably possible, and in all cases within 30 days, consistent with PIPEDA and Quebec Law 25. Where we are permitted to extend this period under applicable law, we will notify you of the extension and the reasons for it.

We will not discriminate or retaliate against you for exercising your privacy rights.

6. Cookie & Tracking Policy

We use cookies to improve performance and functionality.

  • Global Privacy Control (GPC): Our website honors GPC signals. If your browser sends a “Do Not Track” or GPC signal, we automatically opt you out of non-essential targeting cookies.
  • Canadian Users: We obtain consent for cookies and similar technologies that are not strictly necessary to deliver our website and services. Quebec users will see a cookie banner that permits you to accept, refuse, or manage non-essential cookies before any such technology is activated, and tracking technologies that identify you are disabled by default on first visit, consistent with Quebec Law 25.

  • Third Parties: We use Google Analytics and HubSpot. You can manage these preferences anytime.

7. Changes to This Policy

If we make material changes to how we handle your data, we will notify you via the email address on file or through a prominent notice on our platform. The “Effective as of” date at the top of this policy indicates when it was last updated.

8. Additional Disclosures for Canadian Users

This section applies if you are located in Canada and supplements the rest of this policy. In the event of any conflict between this section and another section of the policy, this section controls with respect to Canadian users.

8.1 Who is responsible for your personal information

Field1st, a division of RTS Labs, with offices at 4951 Lake Brook Dr #225, Glen Allen, VA 23060, United States, is the organization responsible for the personal information under its control, including personal information that is transferred to third parties for processing on our behalf.

8.2 Our Privacy Officer

In accordance with PIPEDA and Quebec Law 25, we have designated a Privacy Officer who is responsible for our compliance with Canadian privacy laws. You may contact the Privacy Officer with questions, access requests, or complaints at:

Privacy Officer – Markus Groener
4951 Lake Brook Dr #225
Glen Allen, VA 23060, USA
Email: spo@field1st.com

8.3 Purposes for collecting, using, and disclosing personal information

We collect, use, and disclose personal information only for the purposes identified in Section 2 of this policy, including: providing and administering the Field1st platform; enabling real-time field safety workflows; improving our products and services through aggregated or de-identified analytics; communicating with you about your account; complying with legal obligations; and, where you have consented, sending marketing communications. We will not use or disclose your personal information for any new purpose without your consent, except where permitted or required by law.

8.4 Consent

We obtain your consent to collect, use, and disclose your personal information, except where the law permits otherwise. The form of consent we rely on (express or implied) depends on the sensitivity of the information and your reasonable expectations. We obtain express consent for the collection and use of sensitive personal information, including precise geolocation. You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice, by contacting our Privacy Officer. Withdrawing consent may affect our ability to provide certain services.

8.5 Your rights under Canadian privacy law Subject to limited exceptions under applicable law, Canadian users have the following rights:
  • Right of access: You may request confirmation that we hold personal information about you and obtain a copy of that information, along with information about how it has been used and the categories of third parties to which it has been disclosed.
  • Right to correction: You may request that we correct personal information about you that is inaccurate, incomplete, or out of date.
  • Right to withdraw consent: You may withdraw your consent to our continued collection, use, or disclosure of your personal information, subject to legal and contractual restrictions.
  • Right to data portability (Quebec): If you reside in Quebec, you may request that computerized personal information you have provided to us be disclosed to you, or transmitted to another organization you designate, in a structured, commonly used technological format.
  • Right to deindexation / cessation of dissemination (Quebec): If you reside in Quebec, you may request that we cease disseminating your personal information, or that a hyperlink to that information be de-indexed, where the dissemination contravenes the law or a court order, or causes you serious injury that outweighs the public interest in the information’s availability.
  • Rights regarding automated decision-making (Quebec): See Section 3.
  • Right to lodge a complaint: You may contact our Privacy Officer to raise a concern. If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada or, if you reside in Quebec, the Commission d’accès à l’information du Québec. Residents of Alberta may contact the Office of the Information and Privacy Commissioner of Alberta, and residents of British Columbia may contact the Office of the Information and Privacy Commissioner for British Columbia.
To exercise these rights, use the request link in Section 5 or contact our Privacy Officer. We will verify your identity before acting on your request and will respond within 30 days, unless an extension is permitted by law.

8.6 Storage and transfer of personal information outside Canada

As described in Section 4, personal information of Canadian users is stored and processed in the United States and may be processed by service providers located in other countries. By using our services, you acknowledge this transfer. We use contractual and technical safeguards to require our service providers to protect personal information to a standard comparable to the protections required under Canadian law. You may contact our Privacy Officer for more information about our cross-border data practices, including the countries in which your personal information may be stored.

8.7 Privacy Impact Assessments (Quebec)

Where required by Quebec Law 25, we conduct Privacy Impact Assessments before acquiring, developing, or overhauling information systems or electronic service delivery projects involving personal information, and before transferring personal information outside Quebec.

8.8 Anti-Spam (CASL)

 

Where we send commercial electronic messages (such as marketing emails) to recipients in Canada, we do so only with your express or implied consent, as permitted by Canada’s Anti-Spam Legislation (CASL). Every commercial electronic message we send identifies Field1st as the sender, provides valid contact information, and includes an unsubscribe mechanism that we will honor within 10 business days. You can withdraw consent to commercial electronic messages at any time by using the unsubscribe link in any message or by contacting our Privacy Officer.

8.9 Children

Our services are intended for workplace and commercial safety use by adult employees and contractors. We do not knowingly collect personal information from individuals under the age of majority in their province of residence without appropriate consent.

8.10 Language (Quebec)

A French-language version of this policy is available on request and will be published at [LINK] for users in Quebec.

Contact

Field1st
4951 Lake Brook Dr #225
Glen Allen, VA 23060, USA
Phone: +1 (804) 577-5522
Email: spo@field1st.com

If you have any questions about these Data Subject / Privacy Rights Request, please contact our Privacy Officer or the Field1st Support Team.