Privacy Policy of SiteGrip

1. Who we are and legal framework

Digital Solutions Hub Limited (trading as SiteGrip) is the data controller for personal data processed through our platform, except where a customer organisation acts as an independent controller for its own workforce and site records.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), and relevant UK construction law obligations including the Building Safety Act 2022.

2. Data we collect

Depending on your role, we may collect:

• Account data (name, email, organisation, role, authentication identifiers).
• Operational data (permits, RAMS acknowledgements, toolbox talk attendance, audit actions).
• Safety data (incident reports, training records, certifications, compliance evidence).
• Technical data (device, logs, IP address, usage and performance telemetry).

3. Why we use your data

• To provide and secure the SiteGrip platform.
• To manage contractor and site compliance workflows.
• To meet legal and regulatory obligations in construction safety.
• To support, improve, and monitor system performance.

Our legal bases include contract performance, legitimate interests, and legal obligations, with consent used where required.

4. Wallet clause: multi-organisation data sharing

SiteGrip supports multi-tenant construction delivery where workers and subcontractors may work across multiple contractor organisations and projects.

To reduce duplicate onboarding and improve safety outcomes, limited profile and compliance credentials may be shared between authorised contractor organisations through a workforce "wallet" model. This allows approved organisations to verify that a worker holds required competency and compliance status without requiring repeated manual submissions.

Access controls, tenancy boundaries, and role permissions are applied so organisations can only view data needed for lawful project and safety management purposes.

5. Account deletion and your rights

You can request account deletion at any time using either of the following methods (easy-to-find deletion path):

• In-app path: Settings → Account → Delete Account.
• Email request: send your deletion request to info@sitegrip.co.uk.

This deletion process is provided to satisfy app marketplace user-rights expectations, including Apple and Google account deletion discoverability requirements.

You may also request access, correction, restriction, objection, portability, and complaint escalation to the UK Information Commissioner's Office (ICO).

6. Safety retention warning

Some safety and compliance records cannot be erased immediately after an account deletion request. UK statutory obligations may require retention of site safety records, incident history, permit trails, and audit evidence for defined periods.

Where deletion is requested, we will remove or anonymise data that is no longer required and retain only what is necessary to meet legal duties under applicable UK safety and employment-related laws, including obligations tied to the Building Safety Act 2022 and associated regulatory frameworks.

7. International transfers, security, and contact

Where data is processed outside the UK, we use appropriate safeguards such as adequacy regulations or approved contractual mechanisms.

We maintain technical and organisational safeguards designed for confidentiality, integrity, and availability, including access control, encryption in transit, and audit logging.

For privacy questions, contact info@sitegrip.co.uk.