We use cookies on our website to give you the best experience. By continuing to use our website, you are giving consent to cookies being used. You can block the cookies but the website may not work as expected.
Learn More

Privacy Policy

How we collect, use and protect your information when you use SafetyNet.

Privacy Policy

1. Introduction

This Privacy Policy describes how we collect, use, store, and protect your personal data when you use the HCS Safety mobile application (“App”) and related services (together, the “Services”). It also explains your rights and how to contact us.

By using the App you accept this Privacy Policy. If you do not agree, do not use the App.

2. Data We Collect

2.1 Account and profile data

  • Email address (sign-in and account recovery)
  • Password (stored and processed securely; if you enable biometric login, credentials may be stored in your device’s secure storage)
  • Name (e.g. first name, surname, display name)
  • Mobile number
  • Avatar/profile photo (if you upload one, processed via our third-party image provider)
  • Signatures and initials (captured in-app for forms and documents)
  • Organisation and role information

2.2 Data stored on your device

  • Session and auth-related information (e.g. identity ID, user details) may be persisted using local storage and, where you opt in, secure storage (e.g. Keychain) for biometric login
  • Session timestamps stored locally for session timeout (e.g. 60 minutes of inactivity)
  • Your choices for biometric login and biometric unlock are stored on your device

2.3 Usage and technical data

  • Device and app information (e.g. device type, OS, app version)
  • When API errors occur, limited diagnostic data may be sent to our logging service

2.4 Location data

GPS or network location is used when you use features that require location, including:

  • Safety alerts
  • Maps
  • What3Words address conversion
  • Client/site locations

Location may be collected when the app is in use and, if you grant permission, in the background.

You can revoke location permission in your device settings.

2.5 Push notifications

We use Firebase Cloud Messaging (FCM).

  • The app may request and send your FCM token to our servers
  • The FCM token and its association with your identity are stored on our systems

You can disable push notifications in device or app settings.

2.6 Error and diagnostic logging

When an API request fails, the app may send a log entry containing:

  • Platform (e.g. iOS/Android)
  • App version
  • Error type and message
  • HTTP status code
  • Sanitised request and error information (no passwords)
  • Client/organisation ID and identity ID (for support and debugging)

2.7 Content you submit

This may include:

  • Form responses
  • Completed forms
  • Documents, attachments, and images
  • Safety alert descriptions and locations
  • Training records and certificates

We do not use your data for marketing or advertising.

We do not sell your personal data.

Where applicable, we rely on the following legal bases:

  • Contract — processing necessary to provide the Services
  • Legitimate interests — security, fraud prevention, support, and improving reliability
  • Consent — where applicable (e.g. biometric login, push notifications, optional background location). You may withdraw consent at any time via device or app settings or by contacting us
  • Legal obligation — where we must retain or disclose data to comply with law

4. How We Use Your Data

We use your data to:

  • Create and manage your account and authenticate you
  • Provide the Services, including forms, training, safety alerts, document signing, news, organisations, and client locations
  • Send push notifications and, where applicable, SMS or email (e.g. verification, password reset)
  • Improve security, troubleshoot errors, and operate our systems
  • Comply with legal obligations and enforce our terms

5. Third-Party Services

We use third-party providers that may process your data, including:

  • Our backend/API (account, forms, training, safety alerts, documents, news, organisations, client locations)
  • Firebase (Google) for push notifications
  • Cloudinary for image and file upload and storage
  • What3Words for coordinate conversion
  • Twilio for SMS services (verification and password reset)
  • Our email provider for sending emails
  • Our logging service for diagnostic and error logs

We recommend reviewing each provider’s privacy policy.

We remain responsible for our use of your data.

6. Data Retention

We retain data as follows:

  • Account and profile data: for the duration of your account plus any legally required period
  • Session data on device: cleared on sign-out or expiry
  • FCM tokens: until sign-out or no longer required
  • Server and error logs: as needed for security and support
  • Submitted content: as needed to provide the Services and comply with legal obligations

We may anonymise or delete data earlier where possible.

7. Your Rights

Depending on your location, you may have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure (subject to legal exceptions)
  • Restrict processing
  • Receive your data in a portable format
  • Object to processing based on legitimate interests
  • Withdraw consent
  • Lodge a complaint with a supervisory authority

To exercise these rights, contact:

support@safetynet-web.com

8. International Transfers

Our backend and some third parties may be located outside your country.

Where data is transferred from the UK or EEA, we rely on:

  • Adequacy decisions
  • Standard contractual clauses
  • Other approved safeguards

Details are available on request.

9. Security

We use technical and organisational safeguards to protect your data.

You are responsible for keeping your password and device secure.

Biometric data is handled by your device operating system and is not sent to our servers.

10. Children

The Services are not directed at children under 16.

We do not knowingly collect data from children under 16.

If you believe we have done so, contact us and we will delete it.

11. Changes

We may update this Privacy Policy.

Updated versions will be posted in the App and/or communicated where required.

Continued use after the effective date constitutes acceptance.

12. Contact

For privacy and data protection:

support@safetynet-web.com

For general support:

support@safetynet-web.com