Privacy Policy
Privacy Notice#privacy-notice
Effective Date: March 10, 2026
Version: 1.2
FireHydrant, Inc. ("FireHydrant," "we," "us," or "our") is committed to the protection of personal data and the maintenance of your privacy. This Privacy Notice (hereinafter referred to as the "Notice") details the procedures by which we process Personal Data in the context of our business operations, including the provision of our public website and our FireHydrant incident management services (the "Services").
1. SCOPE AND APPLICATION OF THIS NOTICE#1-scope-and-application-of-this-notice
This Notice governs the processing of Personal Data where FireHydrant acts as a Controller, meaning we determine the purposes and means of the processing. This includes data pertaining to:
- Visitors to our website.
- Customers who have executed a subscription agreement for our Services.
- Registered users of the FireHydrant platform.
- Individuals whose personal data is processed for FireHydrant's internal business purposes (e.g., support, marketing, administration).
This Notice does not apply to Personal Data that we process, store, or host in our capacity as a Processor on behalf of our Customers during the provision of the Services. In such instances, the processing is governed solely by the applicable data processing agreement and the Customer's own privacy notice.
2. FireHydrant as DATA CONTROLLER#2-firehydrant-as-data-controller
FireHydrant Inc., a company domiciled in the United States, operates as the Data Controller for Personal Data processed for its own defined purposes. We act as a Data Processor when processing customer incident data solely on behalf of, and under the instructions of, our Customers.
Location of Data Controller: United States
Contact Entity: FireHydrant, Inc. 224 W 35th St Ste 500 New York, NY 10001 United States
3. CATEGORIES OF PERSONAL DATA COLLECTED#3-categories-of-personal-data-collected
We collect, process, and retain Personal Data concerning various individuals, as outlined below:
| Category of Data Subject | Examples of Personal Data Collected |
|---|---|
| Website Visitors & Users of our Services | Contact information (name, email address, phone number), Account information (username, account ID), Usage data, Technical information (IP address, device information). |
| Through Integrations | Messages, interactions, User IDs and identifiers from integrated third-party platforms (e.g., collaboration and communication tools). |
| From Third Parties | Personal Data received from identity providers, customer systems, or business partners where such sharing has been consented to or otherwise permitted by the data subject. |
4. PURPOSES OF PROCESSING AND LEGAL BASIS#4-purposes-of-processing-and-legal-basis
| Purpose of Processing | Categories of Personal Data Used | Legal Basis (GDPR) |
|---|---|---|
| Provision and Maintenance of Services | Contact, Account, Usage, Technical, Integration Data. | Performance of a contract |
| Coordination of Incident Management Workflows | Contact, Account, Integration Data. | Performance of a contract |
| Customer Support and Communication | Contact, Account, Content of communications. | Performance of a contract |
| Security and Reliability (Fraud Detection/Prevention) | Technical, Usage, Account Data. | Legitimate interests |
| Marketing of our Services | Contact, Usage Data. | Consent or legitimate interests |
| Personalisation of User Experiences | Usage, Technical Data. | Legitimate interests |
| Compliance with Legal Obligations | Any relevant Personal Data. | Legal obligation |
5. COOKIES AND SIMILAR TECHNOLOGIES#5-cookies-and-similar-technologies
FireHydrant uses cookies and similar tracking technologies on our website and Services to provide functionality, enhance user experience, analyze usage patterns, and maintain the security and reliability of our platform.
Cookies are small text files stored on your device when you visit a website. They allow the website to recognize your device, remember your preferences, and collect information about how you interact with our Services.
Managing Cookie Preferences#managing-cookie-preferences
You may manage or withdraw your cookie preferences at any time through:
- Our cookie consent manager available on the website.
Please note that disabling certain cookies may affect the availability or functionality of parts of our website or Services.
Additional Information#additional-information
For more details regarding the specific cookies used on our website, including their purpose and duration, please refer to our Cookie Notice or the cookie settings panel available on our website.
6. DISCLOSURE AND SHARING OF PERSONAL DATA#6-disclosure-and-sharing-of-personal-data
We may share Personal Data with the following entities for the purposes described herein:
- Service Providers: Third-party entities contracted to perform business functions on our behalf, including but not limited to cloud hosting, analytics, and security services.
- Sub-Processors: Entities providing essential services such as cloud hosting, analytics, integrations, or support. All Sub-Processors are contractually bound to process data in strict compliance with our instructions and applicable data protection laws.
- Legal and Regulatory Authorities: Disclosure is made when mandated by law, or as necessary to defend our legal rights, property, or safety, or to protect the safety of others. Please refer the group entities of Freshworks
- Location: United States
Freshworks Inc. (company no: 4861858) is a company established under the laws of Delaware with its registered office at 16192 Coastal Highway, Lewes, Delaware 19958, USA and its principal business address can be found here. - Location: Germany
Freshworks GmbH (company no: HRB 176669 B) is a company established under the laws of Germany and its registered office address can be found here. - Location: Netherlands
Freshworks Technologies B.V. (company no: 73582166) is a company established under the laws of the Netherlands and its registered office address can be found here. - Location: France
Freshworks SAS (company no: 842815581) is a company established under the laws of France and its registered office address can be found here. - Location: United Kingdom
Freshworks Technologies UK Limited (company no: 09338697) is a company established under the laws of England and Wales and its registered office address can be found here. - Location: India
Freshworks Technologies Private Limited (company no: U72200TN2010PTC078458) is a company established under the laws of India with its registered office at Module - 1 & 2, 1st Floor, Block B, No 40, Global Infocity Park, MGR Salai, Perungudi Chennai – 600096, Tamil Nadu, India here.
- Location: United States
7. EEA, UK, AND SWISS SPECIFIC RIGHTS (DATA SUBJECT REQUESTS - DSR)#7-eea-uk-and-swiss-specific-rights-data-subject-requests-dsr
Pursuant to applicable law, individuals residing in the EEA, UK, and Switzerland are accorded the following data protection rights:
- Right of Access: To obtain confirmation as to whether Personal Data is being processed and, where that is the case, access to the Personal Data.
- Right to Rectification: To request the correction of inaccurate Personal Data.
- Right to Erasure (Right to be Forgotten): To request the deletion of Personal Data under certain conditions.
- Right to Restriction or Objection to Processing: To restrict or object to the processing of Personal Data under certain conditions.
- Right to Data Portability: To receive their Personal Data in a structured, commonly used, and machine-readable format.
- Right to Withdraw Consent: To withdraw consent at any time where processing is based on consent.
- Right to Lodge a Complaint: To lodge a complaint with a competent supervisory authority regarding our processing of their Personal Data.
We commit to responding to all legitimate requests to exercise data protection rights within the timeframe prescribed by applicable laws. The processing of any request is conditional upon the verification of the identity of the requesting individual. To exercise these rights, please communicate with us at support@firehydrant.com.
8. CALIFORNIA RESIDENTS' PRIVACY RIGHTS (CCPA/CPRA)#8-california-residents-privacy-rights-ccpa-cpra
If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you specific rights concerning your Personal Information:
- Right to Know: The right to request disclosure of the categories and specific pieces of Personal Information collected, the sources thereof, the purposes for its collection or "sale" (as defined under CCPA), and the categories of third parties with whom it is shared.
- Right to Delete: The right to request the deletion of Personal Information collected from you, subject to statutory exceptions.
- Right to Correct: The right to request the correction of inaccurate Personal Information maintained by us.
- Right to Opt-Out of Sale or Sharing: The right to instruct us not to "sell" or "share" your Personal Information, as these terms are defined under CCPA. FireHydrant does not "sell" or "share" Personal Information for cross-context behavioral advertising purposes.
- Right to Limit Use and Disclosure of Sensitive Personal Information (SPI): The right to limit the use and disclosure of your Sensitive Personal Information to that which is necessary to perform the Services or provide the goods reasonably expected, or for other permitted business purposes.
We affirm that we will not engage in discriminatory practices against any individual for exercising their CCPA rights. To formally exercise these rights, please contact us at support@firehydrant.com.
9. DATA RETENTION#9-data-retention
We shall retain Personal Data only for the duration necessary to fulfil the purposes for which it was collected, as specified in this Notice. Retention may also be necessary to comply with our legal obligations, for legal and litigation requirements, to maintain accurate financial and business records, to address complaints, and to enforce our agreements.
- Personal Data for Services: Generally, Personal Data processed in connection with the supply of our Services may be retained for a period of up to six (6) years from the date of supply of the relevant Services, in compliance with our data protection obligations. Such files may then be destroyed without further notice or liability.
- Other Personal Data: Personal Data processed in other contexts will generally be retained for a period of up to three (3) years from the date of our last interaction with you (and in compliance with our data protection obligations). Such files may then be destroyed without further notice or liability.
- Short-Term Data: Personal Data useful for only a short period (e.g., a specific promotion) will not be retained beyond the period of its use by us.
- Marketing Opt-Outs: If you have opted out of receiving marketing communications, we will retain certain Personal Data on a suppression list indefinitely to prevent future unsolicited marketing, unless you subsequently opt back in.
10. SECURITY OF PERSONAL DATA#10-security-of-personal-data
We have implemented robust technical and organizational measures to safeguard the Personal Data we collect and process. These measures, including information security policies, rules, and technical controls, are designed to protect Personal Data from unauthorized access, improper use or disclosure, unauthorized modification, and unlawful destruction or accidental loss. All our employees and data processors are contractually obligated to maintain the confidentiality of the Personal Data. Our security measures are periodically reviewed as part of internal and external audits to ensure a level of security appropriate to the risk of processing your Personal Data. For inquiries regarding the security of your Personal Data, please contact us at support@firehydrant.com.
11. CHILDREN'S PERSONAL DATA#11-childrens-personal-data
Our Services are not directed at, and we do not knowingly collect personal information from, children.
- United States: We do not knowingly collect personal information from children under the age of thirteen (13). Should we ascertain that we have collected such information, we will promptly delete it and disable the associated account, consistent with the Children's Online Privacy Protection Act (COPPA).
- United Kingdom: For information society services offered directly to children, consent may be provided by children aged thirteen (13) and over. Below this age, verifiable parental authorization is required.
- European Union: The digital age of consent varies between thirteen (13) and sixteen (16) years across Member States. Where reliance on consent for information society services is necessary, we will obtain consent from the child only if they are at or above the applicable age; otherwise, verifiable parental authorization will be obtained.
We prohibit the use of children's data for targeted advertising and adhere to all local law requirements for additional protections involving minors.
12. OPT-OUT AND COMMUNICATION PREFERENCES#12-opt-out-and-communication-preferences
If consent was provided to receive marketing communications from FireHydrant, you maintain the right to opt-out at any time via the following methods:
- Clicking the "unsubscribe" link in emails.
- Contacting our support team at support@firehydrant.com
13. LINKS TO THIRD-PARTY SITES#13-links-to-third-party-sites
Our website and Services may incorporate links to third-party websites for which we assume no control or responsibility. This Notice does not extend to Personal Data collected by those third parties. We strongly advise that you review the privacy policies of any third-party sites you visit.
14. AMENDMENTS TO THIS NOTICE#14-amendments-to-this-notice
Any amendments to this Notice will be posted to this URL and shall become effective upon posting. In the event of any material change, we shall provide notification via a conspicuous notice on our Website, via email, or via in-product notification. You are encouraged to review this Notice periodically. Your continued utilization of our Websites or Services following the posting of any amendment constitutes your acceptance of such amendments. Should you not agree to the terms of this Notice, or any modified version thereof, your recourse is to discontinue the use of the Websites or Services.
15. CONTACT INFORMATION#15-contact-information
If you have any questions or comments about this Privacy Policy, our privacy practices, or if you would like to exercise your rights and choices, please contact us at support@firehydrant.com or dpo@freshworks.com by writing to us at:
FireHydrant, Inc. 224 W 35th St Ste 500 New York, NY 10001 United States and other listed group entities of Freshworks in section 6
16. TERMS AND DEFINITIONS#16-terms-and-definitions
| Term | Definition |
|---|---|
| Notice | This Privacy Notice, which explains how FireHydrant processes Personal Data. |
| FireHydrant, We, Us, Our | FireHydrant, Inc., a company located in the United States. |
| Services | The FireHydrant incident management services. |
| Personal Data | Data relating to an identified or identifiable natural person, including the examples listed in Section 3. |
| Controller | Refers to FireHydrant when it determines the purposes and means of processing Personal Data (e.g., for website visitors, users, and internal purposes). |
| Processor | Refers to FireHydrant when it processes, stores, or hosts Personal Data on behalf of its Customers in the course of providing Services. |
| Customer | An individual or entity that subscribes to FireHydrant’s Services. |
| EEA, UK, and Switzerland | The regions whose residents are granted specific Data Subject Requests (DSR) rights under Section 7. |
| CCPA/CPRA | The California Consumer Privacy Act, as amended by the California Privacy Rights Act, which grants specific privacy rights to California residents (Section 8). |
| Sensitive Personal Information (SPI) | A specific category of Personal Information afforded additional protections under the CCPA/CPRA. |