Last Updated: June 25, 2026
The Emergency Preparedness Network and Paul Dutton (“Company,” “we,” “our,” or “us”) are committed to maintaining robust privacy and data security protections for our users. This Privacy Policy outlines how we collect, use, protect, and process data in strict accordance with the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and active 2026 California Privacy Protection Agency (CPPA) statutory enforcement.
1. Categories of Personal Information We Collect
In his capacity as an emergency management consultant for institutional systems, schools, and public safety entities, Paul Dutton handles highly specialized organizational and individual infrastructure data.
Over the past 12 months, we may have collected:
Identifiers: Full names, enterprise email addresses, physical corporate/institutional addresses, and phone numbers.
Commercial Information: Transaction histories, contractual service tiers, consulting agreements, and safety product specifications considered or purchased.
Internet or Electronic Network Activity: IP addresses, browser specifications, interactions with our digital portals, and device operational metadata.
Sensitive Personal Information (SPI): Pursuant to modern California statutory expansions, we may process specific categories of high-risk data during on-site school or agency security audits, including:
Precise Geolocation Data: Structural layout mapping coordinates of educational properties, staging areas, or facility access points.
Account Credentials: Secure login combinations for private disaster planning sub-portals or client dashboards.
Communications Metadata: The explicit contents of security intake questionnaires, disaster simulation responses, or operational queries (where the Company is the intended recipient).
2. How We Source and Retain Personal Information
Sources of Collection: We collect data directly from institutional representatives via web form registrations, digital consulting applications, secure intranet onboarding pipelines, and voluntary scheduling tools.
Extended Retention Parameters (2026 Rule): We store personal and institutional records strictly for the period necessary to deliver comprehensive crisis planning lifecycles, fulfill ongoing school board training cycles, or comply with California public record archiving baselines. In compliance with extended historical review laws, data metrics are securely cataloged back to January 1, 2022, and can be fully indexed upon verified data subject access request.
3. Permitted Uses of Information
We utilize collected information solely to execute business and operational requirements:
Formulating tailored Comprehensive School Safety Plans (CSSP) and first responder coordination charts.
Processing transactional consulting milestones and maintaining account security.
Delivering automated mobile text notifications strictly regarding administrative consulting schedules, workshop registration updates, and client portal account access keys.
No Profiling or Automated Decisions: We do not employ automated decision-making technology (ADMT) to replace human judgment regarding significant consumer or public safety outcomes.
4. Explicit Mobile Carrier & Third-Party Sharing Shield (A2P Compliance)
No Sale or Commercial Sharing: The Company has never sold, rented, or shared personal data with third-party data brokers or marketing affiliates for commercial cross-contextual behavioral advertising.
Strict SMS Privacy Isolation: > No mobile information will be shared with third parties or affiliates for marketing/promotional purposes. All categories of information outlined in this policy exclude text messaging originator opt-in data and consent; your explicit text messaging consent and phone records will not be shared with any third party under any circumstances.
5. Automated Consent Controls & Opt-Out Symmetries (2026 Layout Rules)
Our platform utilizes GoHighLevel (GHL) Cookie Consent V2 architecture alongside UserWay.org accessibility formatting.
Symmetry of Consent Choice: Our cookie acceptance pop-up features equal visual weight, color layout, and processing steps for both "Accept All" and "Reject All" selections. Closing or navigating away from our portal pop-up without selection defaults to an automatic rejection of non-essential tracking.
Real-Time GPC Automation: Our network natively detects and honors browser-level Global Privacy Control (GPC) opt-out signals. When a visitor's browser broadcasts a GPC signal, our system instantly triggers a visible dashboard badge or banner notification explicitly stating: "Opt-Out Request Honored," dynamically terminating all analytics or tracking scripts instantly.
6. California Consumer Privacy Rights
If you are a California resident, or an authorized representative of a California educational or municipal subdivision, you possess the following statutory protections:
Right to Know and Access: Request a comprehensive portable itemization of all personal and systemic tracking data compiled by the Company about you or your institution since January 1, 2022.
Right to Deletion: Request the permanent erasure of personal records across our core networks and automated downstream service providers.
Right to Correction: Require the immediate rectification of inaccurate or outdated contact, operational, or administrative data.
Right to Limit Sensitive Data: Restrict our processing of Sensitive Personal Information (such as precise structural asset geolocation) solely to the execution of your active consulting agreement.
Right to Non-Retaliation: The Company will never deny consulting resources, alter service packages, or discriminate against any client or consumer for exercising their legal privacy rights.
7. Methods for Submitting a Privacy Request
To exercise your rights under California law, you must submit a verifiable consumer request to our compliance management division using one of the methods below. We will verify your identity using a risk-calibrated verification matrix and issue a formal resolution within 45 days of receipt.
Primary Compliance Email Portal:
[INSERT COMPLIANCE EMAIL]
Toll-Free Privacy Direct Line:
[INSERT TOLL-FREE PHONE NUMBER]
Digital Portal Optimization: You may reopen and manually alter your data preferences at any time by clicking the "Cookie Settings" action link located in our global website footer.
