Site Sentinel Limited takes data privacy very seriously and this notice is designed to help you understand how we use your personal information. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection. We encourage you to read the whole notice.


1. Identity
We are Site Sentinel Solutions Limited (crn: 12628180, registered office: 87 Church Road, Hove, East Sussex BN3 2BB, United Kingdom); its subsidiaries and affiliates trading under the name of Site Sentinel.

2. Our use of personal information We provide construction site management solutions via hardware and software services and hardware supplies to our customers. In common with most construction site management solutions, we collect, use and share information, including personal information, in connection with providing our services and running our business. Your data is used to verify whether you can access a construction site using an automated process.

3. This privacy notice
This is our main general privacy notice that applies across our business, although we may publish additional privacy statements that apply to:

If an additional privacy statement is relevant to you because of the way in which you engage with us and there is a conflict between the information set out in this notice and the additional privacy statement, then the additional privacy statement will take precedence over the information set out in this notice.

4. Updating this privacy notice
This notice may be updated from time to time. This version is dated 9th December 2020.

5. What is personal information?
Personal information is information that relates to you or allows us to identify you. This includes obvious things like biometric data, your photographic likeness, name, address and telephone number but can also include less obvious things like your attendance at a particular location or analysis of your qualifications and clearances.

6. Our responsibility to you
We process your personal information in our capacity as a controller. This means that we are responsible for ensuring that we comply with relevant data protection laws when processing your personal information.

7. Data protection officer
We have a data protection officer whose job is to oversee our data protection compliance. You can contact our data protection officer by sending:


8. Why are we collecting personal information about you?
We only collect personal information about you in connection with providing our services and running our business. We will hold information about you if:

9. What personal information do we collect about you?
The types of information we process about you may include:
Individual details: Name and contact details (e.g. email and telephone numbers).
Identification details: all details and data contained within your Construction Skills Certification Scheme (CSCS) card.
Project details: Information about you which is relevant to a project or location at which we are supplying our goods and services to a customer.
Special categories of personal information: Information about your health limited to your temperature and biometric data.

10. Where do we collect your personal information from?
We collect your personal information from various sources, including:

Which of the sources apply to you will depend on why we are collecting your personal information. Where we obtain your information from a third party, in particular your employer or our customers, we may ask them to provide you with a copy of this privacy notice (or a shortened version of it) to ensure you know we are processing your information and the reasons why.


11. How do we use your personal information?
We will only use your personal data when the law allows us to do so. Most commonly we will use your personal data in the following circumstances:

Purpose/activity Type of data Lawful basis for processing
Registration and identification Name, email, mobile number and biometric data Consent
Performance of a contract with you
record data about your access to and from the construction site and the CSCS card data (name, qualifications, CSCS card details)
Performance of a contract with you
The creation of attendance reports to our customers and to any contractors to whom they have delegated management responsibilities relating to the construction site Name, CSCS card data
Performance of a contract with you
Temperature checks Temperature (health) Consent
Public Task
Approve/authorise your access to a construction site via identity verification Facial imagery Consent
Performance of a contract with you
To manage our relationship with you including notifying you of changes to any Services Identity
Marketing and Communications
Performance of a contract with you
Necessary for our legitimate interests (to keep records updated and to analyse how customers use our products/ Services)
Necessary to comply with legal obligations (to inform you of any changes to our terms and conditions)
To deliver content and advertisements to you
To make recommendations to you about goods or services which may interest you
To measure and analyse the effectiveness of the advertising we serve you
Marketing and Communications
Necessary for our legitimate interests (to develop our products/Services and grow our business)
We will only send you direct marketing communications by email or text if we have your consent. You have the right to withdraw that consent at any time by contacting us.
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
Purposes for which we will use your personal data

12. Consent
Where we process your personal information based on your consent only, you have the right to withdraw your consent at any time. To withdraw your consent please email us at dpo@secandi.associates or, to stop receiving our marketing emails or business news, please click on the unsubscribe link in the relevant email you receive from us.

13. Do we share your information with anyone else?
We do not sell your information nor make it generally available to others. But we do share your information in the following circumstances:

In each case where we share your information with one of our service providers, the service provider is required to keep it safe and secure. They are also not permitted to use your information for their own purposes.


14. Keeping your personal information safe
We take security issues seriously. We implement appropriate steps to help maintain the security of our information systems and processes and prevent the accidental destruction, loss or unauthorised disclosure of the personal information we process.

15. Profiling and automated decision making
We do not use profiling (where an electronic system uses personal information to try and predict something about you) but our systems do use automated decision making (where an electronic system uses personal information to make a decision about you without human intervention). Your access to a site is determined via an automated identity verification process.

16. How long do we keep your personal information?
We do not keep your personal information forever.
We keep your personal information in accordance with our global data retention policy which categorises all of the information held by us and specifies the appropriate retention period for each category of information. Those periods are based on the requirements of relevant data protection laws and the purpose for which the information is collected and used, taking into account legal, accountancy and regulatory requirements to retain the information for a minimum period, limitation periods for tax investigations, taking legal action, good practice and our business purposes.

17. Cross border transfers of your personal information
We are currently operating solely in England and Wales but in the future may become a global business that provides goods and services to our customers in diverse territories.
When and if relevant, the global nature of our business will mean that your personal information may well be transferred across national boundaries, including, potentially, to countries that do not require organisations by law to look after your personal information in the way in which you have come to expect in your own country.
Where we transfer your personal information across national boundaries, we will protect your personal information by ensuring that those transfers are made in compliance with all relevant data
protection laws. Generally, this means where we transfer your personal information to a third party that is located in a country which does not have adequate privacy protection, we will put in place a contract with the third party that includes the standard international data transfer contractual terms approved by the European Commission.
If you would like further details of how your personal information is protected when transferred from one country to another then please email us at dpo@secandi.associates

18. Local differences
Whilst this notice describes the data protection practices adopted by us in the United Kingdom, local data protection laws vary and some countries may place restrictions on our processing activities. Any country-specific differences in our data protection practices to help us comply with local requirements will be uploaded as and when relevant to our business.


19. Contacting us and your rights
If you have any questions in relation to our use of you personal information, please email us at dpo@secandi.associates
Under certain conditions, you may have the right to require us to:

In certain circumstances, we may need to restrict your rights in order to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege).
We are obliged to keep your personal information accurate and up to date. Please help us to do this by advising us of any changes to your personal information.

20. Your right to complain
If you are not satisfied with our use of your personal information or our response to any request by you to exercise your rights, or if you think that we have breached any relevant data protection laws, then you have the right to complain to the authority that supervises our processing of your personal information or, where you are based in the EU, the data protection authority in your country.
We view the UK data protection regulator, the Information Commissioner's Office (ICO), as our lead data protection supervisory authority. Details of the ICO can be found at https://ico.org.uk.
If you are unsure of the authority that supervises our processing of your personal information then please email us at dpo@secandi.associates