360.306.2240 info@firstlightweb.com

Privacy Policy

FIRST LIGHT General Privacy Policy

Last Updated: January 17, 2024

We at FIRST LIGHT WEB SERVICES (“FIRST LIGHT,” “we,” “us,” “our”) respect your privacy. We take your privacy seriously and are committed to creating a secure environment for all users. This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

This privacy statement explains how First Light handles personal data collected by us as a data manager during the normal course of business (sales, marketing, and support) (“Business Data”), as well as how First Light as a data manager handles all information input into the First Light software or generated on behalf of Clients in connection with the services (“Client Data”). Client Data includes data collected from cases (“Cases”).

By using any of FIRST LIGHT’s Services or Software, you confirm you have agreed to the Terms and Conditions available at http://www.firstlightweb.com/terms and read and understood this Privacy Policy which also contains our Cookie Policy. This Privacy Policy applies to all websites and apps owned and operated by FIRST LIGHT WEB SERVICES.


First Light Web Services is the premier provider of cloud-based survey and feedback platforms for education and healthcare markets. This Policy applies to all FIRST LIGHT software, services, and website (collectively the “Service”). This Policy describes how FIRST LIGHT collects, uses and discloses the information it collects via the Service. In some instances, our Service may be accessible via a third party website, including that of an Authorized Entity (defined below). This Policy does not apply to how a third party or an Authorized Entity uses or releases any data related to Service users.


First Light produces software for universities, and other organizations. The software is accessed using a web browser via the Internet. IMPACT Feedback software is self-service; Clients determine and are solely responsible for what and how Client Data is collected. Client Data includes data collected from cases (“Cases”).

Client Data is stored in multiple geographical regions. Client Data may be collected in numerous ways, including via email, a web link, or offline mobile app.

First Light acts as a data manager with respect to Client Data and processes this data as instructed by clients, who are the data governors.


In the course of normal business operations, First Light collects data such as contact information (e.g. name, address, phone number, e-mail address, and employer) and payment details for clients. We may also collect browsing data from individuals who visit the First Light information website. In these cases, First Light acts as a data governor. First Light also acts as a data governor with respect to client relationship management data. This is data that First Light needs in order to provide services to Clients, including performing contractual obligations, engaging in marketing activities, and providing support services (e.g. responding to Client inquiries and requests).


FIRST LIGHT generally uses the information we collect as follows:

  • To improve our website, Services, and Software in order to better serve you.
  • To follow up with them after correspondence (live chat, email or phone inquiries).
  • To ensure the security and integrity of our Services and Software.
  • To ensure enforcement of our Terms of Services, EULA, and other legal terms and policies with you.
  • To communicate with you about your use of the Service; to respond to your inquiries; to send you surveys; to fulfill your requests; and for other Client service purposes.
  • To troubleshoot any technical issues you might experience while using our Service.
  • To send you communications about additional services and other information we think may interest you where we have appropriate permissions.
  • To better understand how user’s access and use our Service, in order to improve our Service, to respond to user desires and preferences, and for other research and analytical purposes.
  • To develop aggregated reports and related analysis regarding user activities.
  • To tailor the survey content and information that we may send or display to you, to offer personalized help and instructions.
  • To comply with applicable legal requirements, such as tax and other government regulations and industry standards, contracts and law enforcement requests.
  • To inform you of other products or services offered by us.


While no service or software is completely secure, we do make security of our user’s data, our products, Services, and Software one of our top priorities. Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We also employ security measures such as firewalls to protect against intruders, automated monitoring and reporting services and agents to detect suspicious activities, redundancies throughout our network (so that if one server goes down, another can cover for it), encryption where at all possible or appropriate or required by law, testing for and protecting against network vulnerabilities, and regular Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user places an order, enters, submits, or accesses their information to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers.

However, with the above in mind, no security system is 100% secure, and therefore we cannot guarantee the security of your information or assume liability for improper access to it. It is the user’s responsibility to keep their password for accessing our sites and Services confidential, change the password frequently and use a strong password. We also recommend that you use the Two-Factor Authentication methods where available to better help protect your accounts from unauthorized access. We strongly recommend that you do not share your password with anyone.


Cookies are small files that a site or its service provider transfers to your computer’s hard drive, smartphone or other device through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. Using Do Not Track signals will affect and restrict the user experience on our websites, Services, and Software.


We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information except where noted below. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.

Exceptions where we may share the information we collect:

Legal Disclosures. We may disclose a Service user’s information where we believe that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, or other valid legal processes. We may also disclose personal information where we believe it is necessary to identify, contact or bring legal action against someone who may be violating the Terms of Service for our Service, to detect fraud, for assistance with a delinquent account, as evidence in litigation in which we are involved, or protect ours or others’ rights, property or safety.


Business Assignments. In the event of a sale or merger of most or all assets of First Light, we reserve the right to transfer information to a third party. We may disclose information about the Service users to our associated companies. Our associate’s use of your personal information will be in accordance with the terms of this Privacy Policy.

Aggregate and De-Identified Information. We may also provide aggregate, anonymous or de-identified information about users and the Service for marketing and research purposes. For example, we might inform third parties regarding the number of unique users who visit the Service, the demographic breakdown of our registered users of the Service.

Google. Our sites may use third party services such as Google Analytics that collect, monitor and analyze information collected from you when visiting one or more of our sites. This may include, but not limited to, information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, operating system, geographic location, country, the pages of our sites that you visit, the time and date of your visit, the time spent on those pages and other statistics.

More information about Google Analytics can be found at https://www.google.com/analytics/.


Our Service may contain links to other websites not owned or operated by FIRST LIGHT, and may provide Service users with access to other websites and services. Please be aware that we are not responsible for the privacy practices of such third-party websites or services and any access to and use of such linked websites is not governed by this Policy. We encourage you to read the privacy policies or statements of each and every website you visit.


If you would like to amend your profile information, you may log in to your account and do so or email us at support@firstlightweb.com. You should understand that in some cases, we may retain copies of such information in our systems or databases where required or permitted by law.

If you wish to exercise rights in relation to Personal Data for which First Light acts a data governor, you should contact support@firstlightweb.com. Please note, however, that First Light can or will delete your Personal Data only if there is no statutory obligation or prevailing right of First Light to retain it. Note further that if you request that First Light deletes your Personal Data, you will not be able to continue to use any First Light service that requires First Light’ use of your Personal Data.


The California Online Privacy Protection Act (CalOPPA) is the first state law in the nation to require commercial websites and online services to post a privacy policy. The act’s scope is quite broad and goes well beyond California to require any person or company in the United States that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating the exact information collected and those individuals or companies with whom it is being shared.

In accordance with CalOPPA, we agree to the following:

  • Users can visit our site anonymously.
  • This privacy policy will be easily linked to from our home page or on the on the first substantial page after entering our website.
  • Our Privacy Policy link will include the word ‘Privacy’ and can easily be found on the page specified above.

You will be notified of any Privacy Policy changes:

  • On our Privacy Policy Page
  • Via email if this privacy policy changes in a way that warrants such an action

You can update your personal information:

  • By logging in to your account and making updates accordingly


We honor ‘Do Not Track’ signals and Do Not Track, store cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. Using DNT signals will affect and restrict the user experience on our websites, the Services, and Software.


Clients own, and are data governors of, Client Data. Depending on how the Client chooses to use the software, Client Data may include personal data or personal information. Clients manage all Client Data, as well as the users who create, manage, distribute, or report the Client Data. To the extent that First Light processes Client Data, First Light does so as a data manager on behalf of Clients.

First Light processes Client Data on behalf of Clients in a manner consistent with this Privacy Statement. Each Client, in its capacity as a data governor, may process Client Data in other ways. Cases should check the Client’s own privacy statement to learn how the Client intends to process Case-specific data that may be included in Client Data. If a Case submits queries to First Light or otherwise seeks to exercise rights under applicable data protection legislation, First Light will forward these requests to the relevant Client, as can be reasonably determined, in accordance with our contractual arrangements.

First Light treats all Client Data as highly confidential. All Client Data is safeguarded using industry-best security practices to prevent unlawful disclosure. First Light does not sell or make available Client Data except as requested by a valid court order, search warrant, subpoena, or otherwise as agreed by the parties or required by law.

The ownership rights of the client persist through acquisition, bankruptcy, or retirement of service by First Light. In the case of such an event, we provide 90 days for customers to remove and save their data.


FIRST LIGHT may amend this Privacy Policy from time to time to reflect changes in technology, law, our business operations or any other reason we determine is necessary or appropriate. When we make changes, additions, or updates, we’ll update the “Effective Date” at the top of the Privacy Policy and post it on our sites. We encourage you to check back periodically to review this Privacy Policy for any changes since your last visit.


If you have any questions about this Privacy Policy or our security measures at FIRST LIGHT, please contact us using the information below:

Mail: PO Box 755, Bellingham, WA 98227

Phone: (888) 253-6364

Email: info@firstlightweb.com


© 2022 FIRST LIGHT WEB SERVICES. All Rights Reserved.