ER-ITN Access Program Privacy Policy

This Privacy Policy is effective as of: 3/1/2013


Emergency Responder-ITN Privacy Policy

Thank you for visiting the Emergency-Responder ID Trust Network Internet web site located at the URL and (‘Site’). These sites (and related sites are provided and operated by ipsiti, inc. (“ipsiti”) in support of the Pegasus Program (“Pegasus”) and under the direction of the National and State Level Governance Boards operating in all adopting jurisdictions. This Privacy Policy details certain policies implemented throughout the system governing ipsiti's use of personally identifiable information about users of the Site(s), services and/or the ID Trust Network® identity (ITN) management solution. BY CLICKING THE ‘I AGREE’ BUTTON OR USING THE SITE AND/OR THE ITN, YOU AGREE TO BE BOUND BY THE TERMS OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS PRIVACY POLICY, DO NOT CLICK THE ‘I AGREE’ BUTTON AND DO NOT USE THE SITE OR THE ITN.

Information Collection and Use Through the Site

You can generally visit the Site without revealing any personally identifiable information about yourself. However, in certain sections of this Site, we may require you to complete a registration form. Through the registration process, we will collect personally identifiable information such as your password, user identification name, and email address and any other information that you voluntarily transmit with your communication to us. Additionally, ipsiti may collect personally identifiable information about a user through the login process, when the user provides data to our servers through the ID Trust Network (ITN) or that the user provides in communications initiated by us or the user via e-mail, phone or in-person. We also may collect the foregoing personally identifiable information about the user from our third party affiliate or partner companies.

We may use a user’s personally identifiable information to register you to use our services, contact you regarding certain services or information that you have requested, verify your authority to enter our Site and/or access and use the ITN, improve the content and general administration of the ITN, Site and our services. We will also use the personally identifiable information of users and their employees, as applicable, to validate the Abilities of a particular user or employee of a user.

Through the ID Trust Network (ITN)

To use the ITN, the user will have to register to use the service. Through the registration process, the user may provide personally identifiable information such as the user’s name and contact information (address, email, phone). In accessing the capabilities within the ITN, the user may optionally provide information on specific capabilities (Claims) they have including memberships (i.e. employment), roles (i.e. skills, certifications), credentials (i.e. Identification cards) and other personal information that can be used to validate the user. The foregoing information may be provided to ipsiti in tangible form (e.g., an excel spreadsheet) and/or electronically submitted by the user through the Site.  A user of the ITN is not required to provide any optional information, including, without limitation, any Claims, however, opting not to specify any optional information may limit the user from using specific functionality of the ITN (i.e. access that is granted via rules established by the jurisdictions.)

When collecting optional information, related to Claims, ipsiti and the ITN will only collect the minimum data required to validate the claim with an authorized third party and will store this information (Indexes) in a secure, non-accessible manner and only use this information for the explicit purpose of Claim validation. To be clear, data collected to support Claims is used solely to validate the Claim (via an authoritative source) and not shared, accessed, or exported to any party outside of ipsiti.

Ipsiti, and the ID Trust Network (ITN), does not store Personal Identity Information, other than to support management and access to the system (Account Information) and Claims verification.

In some cases, a user may submit information about its employees in connection with the user’s registration and use of the ITN. This information may include data to both establish Account information (Name, Contact Info) and to support specific Claims. (i.e. Employer, employee number, etc.) This Privacy Policy also applies to any employee information that we receive from a user of the ITN. If you are a user who is submitting information about your employees, you agree that you are responsible for notifying your employees of what information you have provided and how that information will be used and disclosed by ipsiti as described in this Privacy Policy, and you further acknowledge and agree that you have received consent from your applicable employees to provide such employee information to ipsiti.

The ITN uses the information about the user and/or its employees, as applicable, which has been provided during the registration process to validate the identity and abilities of a particular user or employee of a user. In response to a query to the ITN, a result is delivered to those companies, organizations, agencies and other entities and persons that the user has designated as being part of its network (each, an ‘ITN Recipient’). The result that is delivered to the ITN Recipient contains only that information that has been authorized (by configuration) by the user to be shared with the ITN Recipient.

Children's Privacy

ipsiti recognizes the privacy interests of children, and we encourage parents and guardians to take an active role in their children's online activities and interests. Per the Terms of Service, the ITN users must be 18 years of age or above to establish accounts. In support of specific user Claims, the users may optionally include information about dependents under the age of 18. This Privacy Policy applies equally to any information provided for individuals under the age of 18.

Aggregate Information

We may transparently collect your browser type and Internet protocol (IP) address without your active disclosure, which will be maintained, used and disclosed in aggregate form only and it will not contain personally identifiable information. We may use such aggregate information to analyze trends and statistics in the aggregate, administer the Site and gather broad demographic information for aggregate use.

Onward Transfer

We may provide your personally identifiable information collected through the Site and the data generated by cookies and the aggregate information to the vendors and service agencies that we may engage to assist us in providing our services to you. For example, we may provide your personally identifiable information to data storage or process facilities. ipsiti discloses your personal information to our third party vendors and service agencies subject to written confidentiality agreements and prohibits those vendors and service agencies from distributing your personal information or using your personal information for commercial purposes or as a means to contact you either directly or indirectly. ipsiti will disclose your personally identifiable information: (i) if we are required to do so by law, regulation or other government authority or otherwise in cooperation with an investigation of a governmental authority; (ii) to protect and defend the rights or property of Ipsiti (including the enforcement of our agreements); (iii) to enforce the Ipsiti/ER-ITN Terms of Use or to protect our rights; or (iv) to protect the safety of users of the ITN or our Site and services. We will not sell, or share, your personally identifiable information to any company or organization, except we may transfer your personally identifiable information to a successor entity upon a merger, consolidation or other corporate reorganization in which ipsiti participates or to a new provider to which the ITN or this Site relates.


We may employ procedural and technological measures that are reasonably designed to help protect your personally identifiable information from loss, unauthorized access, disclosure, alteration or destruction. Ipsiti may use encryption, data obfuscation through hashing, firewalls, password protection and secure socket layer to help prevent unauthorized access to your personally identifiable information.

Accessing, Updating and Deleting Your Personal Information

You may view and edit your personally identifiable information and/or employee information, if applicable, that you have provided to us by visiting the Site and logging into your account and editing your account information. Upon your written request and/or upon termination of your relationship with ER-ITN, we will delete the personally identifiable information that you have provided to us. To request deletion of your personally identifiable information, please contact us at:

Privacy Policy Updates

Due to the Internet's rapidly evolving nature, ipsiti may need to update this Privacy Policy from time to time. If so, the ER-ITN and/or ipsiti will post any updated Privacy Policy on the Site located at the following URL: and post notice of the change so it is visible when users log-on for the first time after the change is posted. ipsiti encourages you to review this Privacy Policy regularly for any changes. Your continued use of the Site and/or continued provision of personally identifiable information to us will be subject to the terms of the then-current Privacy Policy.

Processing of Personal Information

Our computer systems are currently based in the United States, so your personal data will be processed by us in the U.S. where data protection and privacy regulations may not offer the same level of protection as in other parts of the world, such as the European Union. If you create a user account with the Site as a visitor from outside the United States, by using the Site you agree to this Privacy Policy and you consent to the transfer of all such information to the United States, which may not offer an equivalent level of protection of that required in the European Union or certain other countries, and to the processing of that information as described in this Privacy Policy. If you have any questions regarding this Privacy Policy please contact us via email at