Skip to content

See Safetyhub's new bite-size microlearning safety videos. Training in under 4 minutes! Read More

Background

This General Data Protection Regulation Privacy Policy (“GDPR Privacy Policy”) sets out how Safetycare (UK) Limited Company number  02622187 (“Safetycare”) protects the privacy of your personal information.

Safetycare is a company that provides organisations with access to safety training video content streamed over the internet. Our online delivery platform ‘Safetyhub’ provides our clients access to the videos as well as a Learning Management System (LMS) where customers can add training participants into the system to complete online safety training assessments. We refer to this platform as well as the services required to support the platform as the “Platform” within this document.

Safetycare needs to collect, use and disclose personal information in order to perform our business functions and activities in delivery of the Platform in accordance with our Terms and Conditions.

We are firmly committed to protecting the privacy and confidentiality of personal information and to maintaining various physical, electronic and procedural safeguards to protect personal information in our care.

For the purposes of the General Data Protection Regulation 2016/679 (“GDPR”) Safetycare will be the data controller as we determine how and why your personal information is processed.

By providing personal information to us, you agree that this GDPR Privacy Policy will apply to how we handle your personal information and you consent to us collecting, using and disclosing your personal information as detailed in this GDPR Privacy Policy to enable provision of the services of the Platform.

If you do not agree with any part of this GDPR Privacy Policy, you must not provide your personal information to us or utilise the Platform.

If you do not provide us with your personal information, or if you withdraw a consent that you have given under this GDPR Privacy Policy, the features available to you and or your company within the Platform may be reduced or withheld. This may affect our ability to provide services to you or negatively impact the services we can provide to you.

1.  What personal information do we collect?

Personal information has the meaning given under your local data protection law, and, where the GDPR applies, the meaning of personal data given under the GDPR. Personal information generally means information which relates to a living individual who can be identified from that information, or from that information and other information in a person’s possession, including any expression of opinion, whether true or not, and whether recorded in material form or not, about an identified or reasonably identifiable individual, and any indication of intention in respect of an individual.

Generally, the type of personal information we collect about you is the information that is needed to facilitate your use of the Platform.

We therefore typically process the following types of personal information about you.

Account and Profile Information

When you first register with the Platform we gather profile information to setup a tailored instance of the Platform. This information includes:

First name
Last name
Your business email address
Your business location

The ability to add the following data is available in the Platform at the discretion of each individual company administrator and / or manager:

Mobile phone number
Social media profile name
Image
Employee ID number
Employee Department

Content provided through the use of the Platform 

The Platform facilitates individual organisations to upload customised training resources for assignment to participants. These resources can contain text, powerpoint, pdf and other document types that may include information or images of employees of the company.

An organization can upload participant data as required to facilitate assigning of training to individual participants within the organisation. This includes participant names and business contact details as outlined in Account and Profile Information above.

Participants can complete assigned training and submit results to the Platform. Where required by a participants’ organisation the participant may be required to upload documentation as evidence of their competence in assigned training.

Information provided to support channels

When Safetycare’s support channels are contacted they may require participant information to  replicate a support issue and help rectify any Platform related problems.

IP Addresses

When you access the Platform our servers may record data regarding your device and the network you are using to connect with us, including your IP address. An IP address is a series of numbers which identify your computer, and which are generally assigned when you access the internet.

We may use IP addresses for system administration, investigation of security issues and compiling anonymised data regarding usage of the Platform.

2.  How do we collect personal information?

We will only collect personal information in compliance with your local data protection laws. We usually collect your personal information from the information you submit during the course of your or your companies relationship with us. We will collect this information directly from you unless it is unreasonable or impracticable to do so.

Generally, this collection will occur:

  • When you undertake a trial review of the Platform;
  • When you add participants (staff) into the Platform;
  • When you deal with us either in person, by telephone, letter or email;
  • When you visit any of our

You should let us know immediately if you become aware that your personal information has been provided to us by another person without your consent or if you did not obtain consent before providing another person’s personal information to us.

We make every effort to maintain the accuracy and completeness of your personal information which we store and to ensure all of your personal information is up to date. However, you can assist us with this considerably by promptly contacting us if there are any changes to your personal information or if you become aware that we have inaccurate personal information relating to you. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal information that you, or a person acting on your behalf, provide to us.

3.  How do we use your personal information?

Safetycare does not use any collected personal information for use in direct or indirect marketing campaigns.

We will only process your information, where:

  • you have given your consent to such processing (which you may withdraw at any time, as detailed in a section below);
  • the processing is necessary to provide our services to you;
  • the processing is necessary for compliance with our legal obligations; and/or
  • the processing is necessary for our legitimate interests

In detail: Where you contact us in relation to a sales query or Safetyhub support, the purpose for which we collect your personal information is generally to provide you with advice and/or to assist you with training and/or training related products and services. The purposes for which we collect personal information further include:

  • developing and improving our products and services;
  • servicing our relationship with you by, among other things, creating and maintaining a customer profile to enable us to service you better;
  • involving you in survey requests to gauge customer satisfaction and seeking feedback regarding our relationship with you and/or the service we have provided;
  • internal accounting and administration;
  • other purposes as authorised or required by law (e.g. to prevent a threat to life, health or safety, or to enforce our legal rights).

The Platform will send email notifications to individuals where required for the following purposes:

  • Initial ‘Welcome to the platform’ notification
  • Notification of assignment of training
  • Notification of training due dates
  • Training reminder notifications where a customer administrator has determined a training course requires notifications sent periodically as determined by them
  • Password reset request notifications

4.  Is personal information disclosed to third parties?

We do not and will not sell, rent out or trade your personal information. We will only disclose your personal information to third parties in the ways set out in this GDPR Privacy Policy and, in particular, as set out below, and in accordance with your local data protection laws.

Note that, in this GDPR Privacy Policy, where we say “disclose”, this includes to transfer, share (including verbally and in writing), send, or otherwise make available or accessible your personal information to another person or entity. This includes storage of personal data on hosted IT infrastructure.

Your personal information may be disclosed to our contractors, suppliers and service providers, including without limitation:

  • in each of the circumstances set out in the section “How do we use your personal information?”;
  • suppliers of IT based solutions that assist us in providing products and services to you (such as any external data hosting providers we may use, including Amazon Web Services);
  • external business advisers (such as lawyers, accountants and auditors);
  • your employer, where you are an employee of one of our corporate, business or government clients and you are participating in training for work purposes;
  • as required or authorised by applicable law, and to comply with our legal obligations;
  • government agencies and public authorities to comply with a valid and authorised request, including a court order or other valid legal process;
  • various regulatory bodies and law enforcement officials and agencies, including to protect against fraud and for related security purposes; and
  • enforcement agencies where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter.

Other than the above, we will not disclose your personal information without your consent unless we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, health or safety of an individual or to public health or safety or for certain action to be undertaken by an enforcement body (e.g. prevention, detection, investigation, prosecution or punishment of criminal offences), or where such disclosure is authorised or required by law (including applicable privacy / data protection laws).

Where we are required to disclose your personal information, we will take appropriate security measures to ensure your personal information is protected including entering into confidentiality agreements with the third parties.

5.  Is personal information transferred overseas?

Safetycare operates a global business, including operations in Australia, Canada, United States, United Kingdom, with agencies in Singapore and Spain.

Your personal information may be disclosed to our overseas entities in connection with facilitation of your training and/or to enable the performance of administrative, advisory and technical services, including the storage and processing of such information.

We may also disclose your personal information to third parties located in Australia for the purpose of performing services for us, including the storage and processing of such information. Generally, we will only disclose your personal information to these recipients in connection with facilitation of your training services and/or to enable the performance of administrative, Platform support and technical services by them on our behalf.

While we endeavour to ensure that personal information is adequately protected, the overseas recipient may have laws which are different and potentially not as protective as the laws of your own country. In the circumstances, we will assess the technical and organisational measures our processors have in place and will maintain when operating the Platform to satisfy ourself that personal information is protected in such circumstances.

Some of the countries above including Australia, United States and Singapore are not subject to an adequacy decision under Article 45 of the GDPR. When transferring your personal information overseas where there is no adequacy decision, we will take appropriate security measures to ensure your personal information is protected  including entering into standard contractual clauses with our data processors as required under Article 46 of the GDPR. You may request a copy of the standard contractual clauses by contacting us below.

We will ensure that any such international transfers are made subject to appropriate or suitable safeguards as required under the GDPR. We are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose your personal information to in accordance with this policy or any applicable laws).  The collection and use of your information by such third parties may be subject to separate privacy and security policies. We are not liable for any loss, damage or claim arising out of another person’s use of the personal information where we were authorised to provide that person with the personal information. We will not be liable for any mishandling of your information in such circumstances.

6.  Security of information

We are committed to safeguarding and protecting personal information and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect any personal information provided to us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal information transmitted, stored or otherwise processed.

Safetycare has implemented various physical, electronic and managerial security procedures in order to protect the personal information it holds from loss and misuse, and from unauthorised access, modification, disclosure and interference.

Safetycare regularly reviews security technologies and will strive to protect your personal information as fully as we protect our own confidential information. We will destroy or de- identify personal information once we no longer require it for our business purposes, or as required by law and all data is encrypted at rest.

We will notify you within 72 hours and without undue delay of any:

  • actual breach of security, which when reasonably suspected poses a risk to the security, confidentiality or integrity of your personal information; or
  • actual unauthorised access of any personal information;

which is likely to result in a high risk to your rights and freedoms.

7.  Your rights in relation to the personal information we collect

Chapter 3 of the GDPR indicates that each individual has eight (8) rights. These are:

  1. The right to be informed – This means anyone processing your personal data must make clear what they are processing, who is processing the data and why they are processing They must use easily understandable language.
  2. The right of access – This means you have the right to see the data that is gathered and held about you.
  3. The right to rectification – This means you have the right to ensure that the data held about you is correct and can be corrected if it is not already
  4. The right to erasure – This means that under certain circumstances you can ask for your personal data to be deleted. This is also called ‘the Right to be Forgotten’. This would apply if the personal data is no longer required for the purposes it was collected for, or your consent for the processing of that data has been withdrawn, or the personal data has been unlawfully processed.
  5. The right to restrict processing – This gives you the right to ask for a temporary halt to processing of personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
  6. The right to data portability – This means you have the right to ask for any data supplied directly to the Data Controller by him or her, to be provided in a structured, commonly used, and machine-readable format.
  7. The right to object – This means you have the right to object to further processing of personally identifying data which is inconsistent with the primary purpose for which it was collected, including profiling, automation, and direct marketing.
  8. Rights in relation to automated decision making and profiling – This means you have the right not to be subject to a decision based solely on automated processing.

If you wish to act on any of your rights in relation to the personal information that Safetycare stores you can request this by emailing us at the address set out in a section below. You will receive acknowledgement of your request and we will advise you of the timeframe within which you  will receive your information.

We endeavour to respond to such requests within a month or less. We reserve the right to deny you access for any reason permitted under applicable laws. Such exemptions may include national security, corporate finance and confidential references. If we deny access or correction, we will provide you with written reasons for such denial unless it is unreasonable to do so and, where required by local data protection laws, will note your request and the denial of same in our records.

8.    You have the right to lodge a complaint with a relevant supervisory authority.

Further correspondence regarding your request should only be made in writing to the Data Protection Officer at the address set out in the section below.

You must always provide accurate information and you agree to update it whenever necessary. You also agree that, in the absence of any update, we can assume that the information submitted to us is correct, unless we subsequently become aware that it is not correct.

In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of personal information.

We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal information, and for any additional copies of the personal information you request from us.

9.  Social Media Integrations

Our websites and mobile applications may use social media features and widgets (such as Single Sign On using a social platform) (“SM Features”). These are provided and operated by third party companies (e.g. Facebook) and either hosted by a third party or hosted directly on our website or mobile application. SM Features may collect information such as the page you are visiting on our website/mobile application, your IP address, and may set cookies to enable the SM Feature to function properly.

If you are logged into your account with the third-party company, then the third party may be able to link information about your visit to and use of our website or mobile application to your social media account with them.

Similarly, your interactions with the SM Features may be recorded by the third party. In addition, the third party company may send us information in line with their policies, such as your name, profile picture, gender, friend lists and any other information you have chosen to make available, and we may share information with the third party company for the purposes of serving targeted marketing to you via the third party social media platform. You can manage the sharing of information and opt out from targeted marketing via your privacy settings for the third-party social media platform.

Your interactions with these SM Features are governed by the privacy policy of the third-party company providing them. For more information about the data practices of these third-party companies, and to find out more about what personal information is collected about you and how the third party uses such personal information, please refer to their privacy policy directly.

10.  Tracking Technologies / Cookies

We may use third-party web analytics services on the Platform, such as Google Analytics. The analytics providers that administer these services use technologies such as cookies and web beacons to help us analyse how visitors use our websites and apps.

For information regarding our use of cookies and tracking technologies, refer to our Cookies Policy at www.safetyhub.com/en-gb/cookies.

11.  Feedback / Complaints / Contact

We will respond to these requests within a month of receipt.

If you have any enquiries, comments or complaints about this GDPR Privacy Policy or our handling of your personal information, please contact your consultant or the Data Protection Officer using the  details set out below and we will respond as soon as practicable.

Email: safety@safetycare.co.uk

Post:  Data Protection Officer Safetycare (UK) Ltd

Parkgate House
11 Hampton Court Road Hampton Wick
Surrey KT1 4AE United Kingdom

Email: safety@safetycare.co.uk

Telephone: + 44 20 8977 8900

12.  Changes to Our GDPR Privacy Policy

We may amend this GDPR Privacy Policy from time to time. If we make a change to the GDPR Privacy Policy, the revised version will be posted on our website. We will post a notice on our website and Platform to notify you of any significant changes to our GDPR Privacy Policy and indicate at the end of the GDPR Privacy Policy when  it was most recently updated. It is your responsibility, and we encourage you, to check the website and Platform from time to time in order to determine whether there have been any changes.

This GDPR Privacy Policy was last updated on 23 April 2021.

START TRIAL
Back To Top
Search