Effective Date: May 13, 2026
Simplify i3® | EPIC Engineering & Consulting Group, LLC

1. Scope and Our Role

This Privacy Policy describes how EPIC Engineering & Consulting Group, LLC (“EPIC,” “Simplify i3®,” “we,” “us,” or “our”) collects, uses, discloses, and protects information through simplifyi3.com, the Simplify i3® web platform, mobile applications, related services, support channels, and communications (collectively, the “Services”).

Simplify i3® is designed for public agencies, governmental entities, utilities, contractors, employees, representatives, and members of the public who interact with agency projects, tickets, assets, inspections, communications, or records. When we process information on behalf of a public-agency or enterprise customer (“Customer”), we generally act as a service provider or processor. The Customer controls what information is submitted, the purposes for processing, user access, retention requirements, and whether records are subject to public-records, freedom-of-information, procurement, records-retention, or similar laws.

This Policy does not replace any contract, data processing addendum, agency terms, service order, or written Customer instructions. If those terms provide stronger privacy, security, confidentiality, retention, audit, or breach-notice obligations, those terms control for that Customer to the extent permitted by law.

2. Customer Data, DPA, and Supplemental Terms

“Customer Data” means content, records, files, forms, messages, photos, documents, signatures, project or ticket information, asset records, inspection details, service requests, and similar information submitted to or generated in the Services by or for a Customer.

For enterprise and public-agency Customers, EPIC may make available supplemental contractual privacy terms, such as a Data Processing Addendum (DPA), security exhibit, subprocessor information, or agency-specific terms. These materials are intended to document Customer instructions, confidentiality obligations, permitted processing, assistance with privacy requests, deletion/return of Customer Data, security commitments, and legally required transfer or breach-notice terms.

Except as permitted by Customer instructions, applicable contract, or law, we process Customer Data only to provide, secure, support, maintain, improve, and administer the Services; prevent fraud or abuse; comply with legal obligations; and perform related business operations for the Customer.

3. Information We Collect

We collect only information reasonably needed to provide, secure, improve, and support the Services. The categories of information may include:

  • Account and contact information: name, work title, employer or agency, email address, phone number, username, authentication details, role, permissions, and account preferences.
  • Customer Data: information submitted to or generated in the Services by Customers or authorized users, including public-facing submissions configured by the Customer.
  • Device, usage, and technical information: IP address, browser type, operating system, device identifiers, log files, application events, error reports, diagnostics, security events, pages viewed, referring URLs, and date/time stamps.
  • Location information: approximate location from IP address and, when enabled in a mobile device or browser, precise GPS/location data used for maps, routing, field work, asset verification, time-sensitive workflow, and similar operational functions.
  • Communications and support information: emails, calls, chat messages, support tickets, survey responses, feedback, training information, and other information you choose to provide.
  • Cookies and similar technologies: cookies, pixels, SDKs, local storage, and analytics tools that help operate the Website, maintain sessions, remember preferences, measure performance, and improve security.

We do not intentionally collect sensitive personal information unless a Customer or user provides it for an authorized Services purpose. Users should not submit Social Security numbers, payment-card numbers, health information, criminal-justice information, student records, or other regulated information unless the Customer has authorized that use and appropriate contractual controls are in place.

4. How We Use Information

We use information for business and operational purposes, including to:

  • Provide, operate, maintain, configure, and improve the Services;
  • Create and manage accounts, roles, permissions, authentication, and user preferences;
  • Process Customer Data according to Customer instructions and applicable contracts;
  • Enable maps, routing, field workflows, notifications, ticket/project updates, inspections, reporting, integrations, and other Services features;
  • Provide customer support, training, troubleshooting, maintenance, and service communications;
  • Monitor performance, diagnose errors, analyze usage, prevent abuse, and improve reliability;
  • Protect the security, integrity, and availability of the Services, accounts, systems, and data;
  • Comply with law, legal process, audits, public-agency obligations, records requests, and enforceable contracts; and
  • Create aggregated or de-identified information that does not reasonably identify an individual or Customer.

We do not sell personal information. We do not use Customer Data for targeted advertising. We do not use Customer Data to train artificial-intelligence or machine-learning models except as expressly authorized by the Customer in writing or where data has been de-identified and aggregated so it does not identify a person or Customer.

5. How We Disclose Information

We may disclose information only as described below or as otherwise directed by the Customer or authorized by law:

  • To Customers and authorized users, based on account roles, permissions, workflows, public-facing portals, and Customer configuration;
  • To service providers and subprocessors that host, secure, support, analyze, communicate, or deliver the Services, subject to confidentiality and data-protection obligations;
  • To mapping, GIS, communications, identity, analytics, payment, hosting, cloud infrastructure, SMS, email, crash-reporting, or support providers to the extent needed to provide the Services;
  • To comply with subpoenas, court orders, public-records requests, law-enforcement requests, regulatory requirements, audits, or other legal obligations;
  • To protect rights, safety, security, property, users, Customers, EPIC, or the public;
  • In connection with a merger, acquisition, financing, reorganization, or transfer of assets, subject to appropriate protections; and
  • With consent or at the direction of the relevant user or Customer.

For Customer Data, public agencies may be legally required to disclose certain records. EPIC will not independently determine whether Customer Data is a public record unless required by law or contract; we generally refer requests to the applicable Customer or process them under the Customer’s instructions.

6. Subprocessors and Vendor Management

We use a limited number of third-party service providers and subprocessors to help deliver the Services. We evaluate material providers based on the nature of the services they perform, the data they may access, and appropriate confidentiality, privacy, and security commitments. Upon request or as required by contract, EPIC may provide Customers with information about material subprocessors that support hosting, infrastructure, communications, mapping/GIS, analytics, support, and security operations.

We require service providers that process personal information or Customer Data on our behalf to use it only for authorized purposes and to maintain safeguards appropriate to their role. We do not permit service providers to sell Customer Data or use it for their own targeted advertising.

7. Cookies, Analytics, and Tracking

We may use essential cookies and similar technologies to operate the Website and Services, keep users signed in, maintain security, remember preferences, measure performance, and improve reliability. Analytics tools may collect information such as page views, feature usage, device type, errors, and referring pages. You may control cookies through browser settings, but disabling some cookies may affect Services functionality.

If we publish a separate cookie notice, cookie banner, or preference center, that notice will provide additional information about available choices and any non-essential cookies used on simplifyi3.com or within the Services.

8. Mobile App Permissions and Location Data

Simplify i3® mobile apps may request access to location, camera, photos, files, notifications, and other device features when needed for field operations, documentation, routing, verification, and workflow notifications. You may disable permissions through device settings, although some Services features may not function without the relevant permission. Precise location is collected only when enabled and used for Services-related purposes, such as viewing nearby assets, creating or updating field records, navigating to locations, or verifying work activity as configured by the Customer.

9. Data Retention, Return, and Deletion

We retain information for as long as reasonably necessary to provide the Services, comply with applicable contracts, meet legal and public-agency records requirements, resolve disputes, maintain security, and enforce agreements. Customer Data is retained, returned, exported, or deleted according to Customer instructions, applicable contracts, backup schedules, and legal obligations. Backup copies may persist for a limited period before deletion in the ordinary course.

Users seeking access, correction, export, or deletion of Customer Data should contact the relevant Customer first, because the Customer controls that data. EPIC will reasonably assist Customers with privacy and data-subject requests as required by applicable law or contract.

10. Security and Compliance Practices

We maintain administrative, technical, and physical safeguards designed to protect information against unauthorized access, disclosure, alteration, loss, or misuse. These safeguards may include:

  • Role-based access controls, authentication, account management, and least-privilege access practices;
  • Encryption in transit and, where supported by the applicable environment, encryption or equivalent safeguards for data at rest;
  • Logging, monitoring, backups, vulnerability management, change management, and incident-response procedures;
  • Personnel confidentiality obligations, security awareness, and vendor oversight; and
  • Reasonable business-continuity, disaster-recovery, and data-resilience practices appropriate for the Services.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security. Customers and users are responsible for maintaining the confidentiality of account credentials, configuring user permissions appropriately, and promptly notifying us of suspected unauthorized access.

Upon request and subject to appropriate confidentiality terms, EPIC may provide Customers with available security documentation, responses to reasonable security questionnaires, or summaries of relevant safeguards. Any certifications, audits, or formal compliance reports apply only if expressly stated by EPIC in writing.

11. Security Incidents and Breach Notice

If we become aware of a security incident involving Customer Data or personal information, we will investigate and provide notice to affected Customers or individuals as required by applicable law, contract, and our incident-response procedures. Customer contracts may specify additional notice timing, content, cooperation, mitigation, and documentation obligations.

12. Your Choices and Privacy Rights

Depending on your location and relationship to a Customer, you may have rights to request access, correction, deletion, portability, restriction, objection, opt-out of certain processing, or appeal of a privacy-rights decision. Some requests may need to be handled by the Customer that controls the relevant data, and legal exemptions may apply, including public-records, security, audit, legal-retention, and contractual requirements. To submit a request, contact us using the information below or contact the relevant Customer directly.

We do not sell personal information or share personal information for cross-context behavioral advertising. If our practices change, we will update this Policy and provide any legally required opt-out mechanisms.

13. Children’s Privacy

The Services are intended for business, public-agency, and civic-operational use and are not directed to children under 13. We do not knowingly collect personal information from children under 13 without appropriate authorization. If you believe a child has provided personal information to us in violation of this Policy, contact us and we will take appropriate steps consistent with applicable law and Customer instructions.

14. International Users

EPIC is based in the United States, and information may be processed and stored in the United States or other customer locations where we or our service providers operate. If information is transferred across borders where our customers are located, we will use appropriate contractual, technical, and organizational safeguards as required by applicable law or contract.

15. Third-Party Links and Integrations

The Services may contain links to third-party websites or integrate with third-party systems selected by EPIC, a Customer, or a user. We are not responsible for the privacy practices of third parties that are not acting on our behalf. Users should review the privacy policies of those third parties before providing information to them.

16. Testimonials, Public Forums, and User Content

We may display testimonials, case studies, or endorsements only with appropriate consent or Customer authorization. Publicly accessible forums, portals, comments, or submissions may be viewed by others depending on Customer configuration and applicable public-records laws. Do not post information you do not intend to make available to the relevant audience.

17. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on our Website with a revised effective date. If changes are material, we will provide notice as required by law or contract, which may include notice through the Services, email, or other reasonable means. Continued use of the Services after an update means the updated Policy applies, subject to any contract terms that control Customer Data.

18. Contact Us

EPIC Engineering & Consulting Group, LLC welcomes questions, comments, and privacy requests regarding this Policy. Please contact us at:

EPIC Engineering & Consulting Group, LLC
1049 Willa Springs Drive, Suite 1001
Winter Springs, FL 32708
Email: info@epicgroupllc.com
Support: help@simplifyi3.com