Privacy Policy for TerraFort Platform

Last Updated: March 5th, 2026

Effective Date: March 5th, 2026

Introduction

Disasters Inc., a Delaware benefit corporation headquartered in California ("Disasters Inc.", "we", "us", or "our"), operates the TerraFort Platform. TerraFort is an enterprise disaster intelligence platform designed to help government agencies, utilities, and private corporations plan for, respond to, and recover from disasters.

This Privacy Policy explains how we collect, use, process, and protect information when authorized users access our web platform and mobile applications (collectively, the "Platform").

1. Our Role: Service Provider and Data Processor

TerraFort is strictly a Business-to-Business (B2B) and Business-to-Government (B2G) platform. We act as a Service Provider and Data Processor on behalf of the organizations (e.g., government agencies, utilities, corporations) that subscribe to our Platform (the "Customer" or "Data Controller").

  • The Customer retains complete ownership and control over their data.

  • We only process data in accordance with the Customer’s instructions, our Master Services Agreement (MSA), and applicable laws.

  • If you are an individual user, your use of the Platform is governed by your organization's internal policies.

2. Information We Collect

We collect information strictly to provide and secure the Platform.

  • Information Provided by You or Your Organization: First name, last name, business email address, business phone number, business address, optional profile pictures, and authentication data (including 2FA).

  • Information Collected via the Mobile App (Situational Awareness): Damage assessment content (photos, descriptions of damage) and precise geo-location data to accurately map infrastructure damage.

  • Automatically Collected Information: IP addresses, unique device identifiers, device operating systems, and diagnostic/usage data to ensure security and operational stability.

3. How We Use the Information

We use the collected information exclusively to provide services to your organization:

  • Delivering the Service: Enabling secure access, routing situational awareness data, and facilitating data sharing only as configured by your Organization's Admin.

  • Aggregated Data and Service Improvement (Machine Learning): Disasters Inc. may process anonymized, de-identified, and aggregated usage data and damage assessment inputs to maintain, secure, and improve the TerraFort Platform. This includes using de-identified telemetry and interaction data for reinforcement learning to enhance our proprietary damage assessment algorithms. Crucially, under no circumstances is Customer data or sensitive infrastructure information used to train third-party foundational AI models (such as Google Gemini), nor will any resulting improvements expose the identity, location, or proprietary infrastructure details of the Customer.

  • Security and Auditing: Monitoring for unauthorized access and maintaining the integrity of critical infrastructure data.

4. Data Sharing and Disclosure

We do not sell, rent, or monetize personal information. We only share data under the following circumstances:

  • With Sub-processors: We utilize Google Cloud Platform (GCP) for secure cloud hosting.

  • At the Direction of Your Organization: The Platform allows your Organization's Admin to grant visibility or share data with other authorized agencies.

  • Legal and Regulatory Requirements: We may disclose information if legally required. Whenever permissible, we will direct such requests to the Customer first, as Customer data may be subject to FOIA, Public Records Acts, or Critical Energy/Electric Infrastructure Information (CEII) regulations.

5. Data Retention and Deletion

  • Mobile App Account Deletion: In compliance with App Store and Google Play requirements, users may initiate an "Account Deletion Request" from within the mobile app. Note: Selecting this option routes your request to your Organization's Admin, who will evaluate and process the request in accordance with the Customer's legal data retention obligations (e.g., federal grant compliance, public records laws).

  • Platform Deletion: Disasters Inc. will securely delete or return all Customer data at the termination of the Customer's contract, as outlined in the MSA.

6. Children's Privacy

The Platform is intended strictly for enterprise and government use by adults. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have collected personal data from a minor, we will take immediate steps to delete it.

7. Security

The Platform is built entirely within the Google Cloud Platform environment, utilizing encryption in transit and at rest, mandatory strong passwords, and two-factor authentication (2FA) for all user accounts.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify the Customer (and your Organization's Admin) directly via email or through an explicit notice within the Platform.

9. Contact Us

  • Email: hello@terrafort.com

  • Company: Disasters Inc.

  • Address: 28 Geary St STE 650 #1703 San Francisco, CA 94108