LOGIN
REGISTER

PRIVACY POLICY

Building a Safer Future and Learning and Excellence Hub – Privacy Policy

 

 

  • Introduction 

    • The Building a Safer Future Charter and the Learning and Excellence Hub are services of Building a Safer Future Ltd, a company incorporated in the United Kingdom whose registered office address is The Building Centre, 26 Store Street, London, WC1E 7BT (referred to as BSF, we, us and our in this Privacy Policy).

    • The Building a Safer Future Charter was originally conceived and created by a group of 'Early Adopters' comprising local authorities, contractors, housing associations and property developers, with the support of the Ministry of Housing, Communities and Local Government (MHCLG).

    • The Considerate Constructors Scheme (CCS) was appointed by the Early Adopters, to be the administrative partner of the Building a Safer Future Charter and has established a not-for-profit independent legal entity, Building a Safer Future Ltd, to manage and develop the Charter.

    • Building a Safer Future Ltd is owned by Construction Umbrella Bodies (Holdings) Limited (CUB(H)) the owners of CCS.

    • The information set out in this Privacy Policy is provided to individuals whose personal data we process (you or your) as data controller, in compliance with our obligations under Articles 13 and 14 of the General Data Protection Regulation 2016/679 (GDPR).  ​​​​ 

    • To make this information clear, we have divided the data we receive into the following groups and corresponding Schedules, where each of which refers to: the particular category of information we collect and retain; from where we obtain the information; the purpose and legal basis of processing and to whom we will (if applicable) disclose the information:

Schedule 1

Data about our Registered Signatories (RSig), Charter Supporters (CS), Registered Site (RSite), Learning and Excellence Hub Users (LEHU), Learning and Excellence Hub Content Providers (LEHCP), and all individuals in respect of whom we have acquired personal information in connection with our professional relationship with our customer (including directors, shareholders, consultants, employees or other personnel of our customers)

Schedule 2

Data about individuals which we acquire as part of the BSF service (including members of our customer’s workforce and its contractors’ (and sub-contractors’) workforces)

Schedule 3

Data about members of the public including residents of in-scope buildings/building users or industry workforce who contact us via post, website forms, email addresses, via Social media, via a Public Liaison phone line, via the Considerate Constructors Scheme Public Liaison team (if appropriate/applicable), and any future technology solutions such as an ‘App’.

    • In addition to the above, individuals who interact with us in any of the below capacities should also refer to the following:

​​ Schedule 4

Data about visitors to our websites www.buidlingasaferfuture.org.uk and www.bsflearninghub.org

 

 

    • Please note that this Privacy Policy does not apply to:

      • any personal data collected or processed by us via the Considerate Constructors Scheme and/or at www.ccscheme.org.uk (which is covered by separate Privacy Policy arrangements available at https://www.ccscheme.org.uk/privacy-policy/ or,

      • any personal data which is otherwise collected or processed by Construction Umbrella Bodies (Holdings) Limited outside the BSF service.

 

  • Data controller details

    • We are the data controller in relation to the processing of the personal information that you provide to us or our service providers as part of BSF. Our contact details are as follows:

      • Address: Building a Safer Future Ltd, The Building Centre, 26 Store Street, London, WC1E 7BT

      • Telephone number: 07500 247 492

      • Email address: enquiries@buildingasaferfuture.org.uk (please include “Personal Data Request” in your subject heading to ensure it receives the correct attention).

  • How we collect your information

    • Generally, the information we hold about you comes from the way you engage with us, for example by doing any of the following:

      • providing us with information in the course of enquiring about, or registering for, our BSF services, and maintaining your professional relationship with us;

      • providing us with information as part of any review we may conduct under the BSF services;

      • reporting concerns to us about issues and practices which are the subject of the BSF services (whether anonymously or on an open basis);

      • visiting and/or viewing our website.

  • International transfers

We will not transfer personal data relating to you within or to a country which is outside the UK or European Economic Area (EEA) unless:

    • the country or recipient is covered by an adequacy decision of the Commission under GDPR Article 45;

    • appropriate safeguards have been put in place which meet the requirements of GDPR Article 46 (for example using the European Commission’s Standard Model Clauses for transfers of personal data outside the EEA); or

    • one of the derogations for specific situations under GDPR Article 49 is applicable to the transfer. ​​ These include (in summary):

      • the transfer is necessary to perform, or to form, a contract to which we are a party:

        • with you; or

        • with a third party where the contract is in your interests;

      • the transfer is necessary for the establishment, exercise or defence of legal claims;

      • you have provided your explicit consent to the transfer; or

      • the transfer is of a limited nature and is necessary for the purpose of our compelling legitimate interests.

  • Retention of personal data

 ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​ ​​​​ Our retention and deletion policy can be found at Schedule 5 below. ​​ 

  • Your rights in respect of your personal data

    • You have the following rights under the GDPR:

      • you will have the following rights:

        • right to access: the right to request certain information about, access to and copies of the personal information about you that we are holding (please note that you are entitled to request one detailed summary of the personal information that we hold about you at no cost, but for any further copies of such detailed summaries, we reserve the right to charge a reasonable fee based on administration costs); and

        • right to rectification: the right to have your personal information rectified if it is inaccurate or incomplete; and

      • in certain circumstances, you will also have the following rights:

        • right to erasure/“right to be forgotten”: the right to withdraw your consent to our processing of the data (if the legal basis for processing is based on your consent) and the right to request that we delete or erase your personal information from our systems (however, this will not apply if we are required to hold on to the information for compliance with any legal obligation or if we require the information to establish or defend any legal claim);

        • right to restriction of use of your information: the right to stop us from using your personal information or limit the way in which we can use it;

        • right to data portability: the right to request that we return any information you have provided in a structured, commonly used and machine-readable format, or that we send it directly to another party, where technically feasible; and

        • right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or for marketing purposes.

    • Please note that if you withdraw your consent to the use of your personal information for purposes set out in our Privacy Policy, we may not be able to carry out our service or any contractual obligations to you or provide you with access to all or certain parts of our services.

    • If you consider our use of your personal information to be unlawful, you have the right to lodge a complaint with your relevant local supervisory authority. In the UK, this is the Information Commissioner’s Office. Please see further information on its website: www.ico.org.uk

​​ 

  • Automatic decision making

We do not make decisions based solely on automated data processing, including profiling. We will update this policy if this position changes and we would recommend that you should check back and review this policy from time to time.

  • Security

    • We keep your information protected by taking appropriate technical and organisational measures to guard against unauthorised or unlawful processing, accidental loss, destruction or damage. For example:

      • where appropriate, data is password protected and/or encrypted when transiting on our system or stored on our databases;

      • we have implemented safeguards in relation to access and confidentiality in order to protect the information held within our systems

    • Unfortunately, the transmission of information via the internet is not completely secure and, although we will take steps to protect your personal information, we cannot guarantee the security of your personal information transmitted via our website(s); any transmission is therefore at your own risk.

    • It is important that all details of any username, password and/or other identification information created to access our servers are kept confidential by you and should not be disclosed to or shared with anyone.

  • Changes to this Privacy Policy

We may amend this Privacy Policy from time to time, for example to keep it up to date, to implement minor technical adjustments and improvements or to comply with legal requirements. We will always update this Privacy Policy on our website, so please try to read it when you visit the website (the “last updated” reference tells you when we last updated our Privacy Policy).

 

  • Our use of cookies

    • A cookie is a small file that is sent to your browser from a web server and is stored on your computer. Cookies help us to analyse web traffic and identify which pages of our Website(s) are being used. Our Website(s) also uses cookies to respond to you as an individual so that it can tailor its operations to your needs by gathering and remembering information about your preferences. We only use this information for statistical analysis purposes and then it is removed from our systems.

    • A cookie in no way gives us access to your computer or any information about you, other than information about how you use the Website and the Personal Information you choose to share with us (including Personal Information you automatically share with us by way of your browser settings). In particular, we use the cookies identified at Appendix 1.

    • We may also use banners and pop-ups from time to time to give you options around cookie use.

    • You can also manage cookie use via your browser settings (this will allow you to refuse the setting of all or some cookies) and your browser provider may ask you to confirm your settings. Note, however, that if you block all cookies (including essential cookies) via your browser settings you may not be able to access all or parts of our Website(s).

    • You can find more information about the specific cookies we use and the purposes for which we use them in the table below. You can also find more information about cookies generally here: www.allaboutcookies.org

 

 

Appendix 1

Our Cookies

Cookie Name

Description/Purpose

Duration

ASP.NET_SessionId

A token used by the website when registering for a site, company or supplier. This cookie holds no personal information.

After session ends

.AspNet.ApplicationCookie

Holds encrypted data for user roles and

After session ends

__RequestVerificationToken

Random token used to prevent CSRF attacks

After session ends

__utma

 

Used by the old Google Analytics which is no longer used. No new cookies will be issues however if you have visited the site in the past you may have this cookie still saved.

Persistent cookie –

expires year 2038

_ga

_gid

Used to distinguish users for Google Analytics.

 

_ga – 2 years

_gid – 24 hours

_gat

Used to throttle request rate on Google Analytics

1 minute

ARRAffinity

Used to keep the same Azure server instance for applications that are hosted on Azure so that you do not lose your session if you lose connection temporarily.

After session ends

wp-settings-XXX

WordPress also sets a few wp-settings-[UID] cookies.

The number on the end is your individual user ID from the users database table.

This is used to customize your view of admin interface, and possibly also the main site interface.

1 year

wp-settings-time

Used to show GMT time across the site

  • year

 

This policy was last updated: July 2020

 

 

Data about our customer, and all individuals in respect of whom we have acquired personal information in connection with our professional relationship with you (including directors, shareholders, consultants, employees or other personnel of our customer)

 

What we may collect:

 

We may use your information for the following purposes, based on the following legal grounds:

Recipients:

  • Contact details such as your name, email address, landline/mobile phone or fax numbers.

  • Employment information such as your position/title, professional specialisms and qualifications.

  • Company information such as address, phone number, website address, company registration number, annual turnover, name and contact details of CEO/MD/BSF Senior sponsor for purposes of signing and committing to the BSF Charter on behalf of your company.

  • Additional logins as advised by you for other users of our websites under your relationship with us as a registered signatory.

  • If it is necessary for the performance of our contract or for the purposes of entering into a contract: for the purpose of negotiating and entering into contractual agreements with you, in the course of providing our services e.g. contacting individuals to obtain instructions and discuss work involved.

  • If it is in our legitimate business interests to do so: for internal record keeping for administration purposes, for the purpose of communications in relation to establishing a customer relationship, obtaining evidence of identity of our customers, communications regarding our service and fees, for insight purposes (e.g. to analyse compliance/market trends and demographics, and develop the service which we offer to you or other individuals in the future) and sending information to you about products and services which we think may be of interest to you for marketing purposes.

  • Recording your organisation as a Registered Signatory or other categories of ‘membership’ or ‘association’.

  • Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements.

How we share information

Please note that personal information we are holding about you may be shared with and processed by:

  • our own professional advisers and auditors for the purpose of seeking professional advice or to meet our audit responsibilities;

  • our service providers and agents (including their subcontractors) or third parties which process information on our behalf (e.g. internet service and platform providers, our bank, payment processing providers and those organisations we engage to help us send communications to you) so that they may help us to provide you with the services and information you have requested;

  • regulators or other third parties for the purposes of monitoring and/or enforcing our compliance with any legal and regulatory obligations, including statutory or regulatory reporting or the detection or prevention of unlawful acts;

  • any third party in the context of actual or threatened legal proceedings, provided we can do so lawfully (for example in response to a court order);

  • third parties for marketing purposes (with your consent), e.g. our partners and other third parties with whom we work; and

  • another organisation to whom we may transfer our agreement with you or if we sell or buy (or negotiate to sell or buy) our business or any of our assets (provided that adequate protections and safeguards are in place).

  • Payment information such as bank details and transaction history.

 

  • If it is necessary for the performance of our contract: for the purpose of making or receiving payments in the course of providing our services.

  • If it is in our legitimate business interests to do so: for internal record keeping for administration purposes, for the purpose of retaining evidence of payment transactions, for insight purposes (e.g. to analyse market trends and demographics in relation to our fees), for establishing our customer’s ability to pay costs and to develop the service which we offer to you or other individuals in the future).

  • Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements.

Data about individuals which we acquire as part of the BSF services (including members of our customer’s workforce and its contractors’ and sub-contractors’ workforces and members of the public)

 

What we may collect:

We may use your information for the following purposes, based on the following legal grounds:

 

Recipients:

  • Contact details such as your name, work email address and work telephone number.

  • Information about your role such as your position/title, sites and/or offices where you work, the tasks you fulfil as part of your work.

​​ 

  • Our legitimate interest in processing such information for assessing your role and activities against the requirements of the BSF Charter Commitments and other related services relevant building safety issues.

  • Necessary to protect the vital interests of the individual concerned for the purposes of ensuring that you are working in a safe and legally-compliant environment.

  • Necessary in the exercise of an official authority vested.

  • Consent: if you had provided your consent to our processing this information as part of our review.

 

 

How we share information

Please note that personal information we are holding about you may be shared with and processed by:

    • your employer (if they are our customer) unless you have indicated to us that you wish this to be confidential in which case we will respect your wishes and only shared that information in an anonymised manner;

  • our own professional advisers and verifiers for the purpose of seeking professional advice or to meet our benchmarking and verification responsibilities;

    • our service providers and agents (including their subcontractors) or third parties which process information on our behalf (e.g. customer relationship management (CRM) provider, appointment booking coordinator, internet service and platform providers, data storage providers, administrative support and benchmarking and verification providers);

  • regulators or other third parties for the purposes of verifying and/or enforcing our compliance with any legal and regulatory obligations, including statutory or regulatory reporting or the detection or prevention of unlawful acts;

  • any third party in the context of actual or threatened legal proceedings, provided we can do so lawfully (for example in response to a court order);

    • please note that special categories of information will only be disclosed provided you have consented or if we are permitted to do so under any applicable law.

 

Data about members of the public or industry workforce who contact us via any BSF website forms, email addresses, via Social media, via any BSF Public Liaison phone line, via the Considerate Constructors Scheme Public Liaison team, and any future technology solutions such as an ‘App’

 

What we may collect:

We may use your information for the following purposes, based on the following legal grounds:

Recipients:

  • Your name.

Consent where you have expressly agreed to provide this information to us.

How we share information

Please note that any personal information that you provide to us will be processed by: BSF personnel and Third-party suppliers engaged in the delivery of the BSF including, but not limited to:

  • Complaints handling; technology solutions providers; software developers and providers; CCS public liaison team (if appropriate/applicable); Market research and data analysis providers. Where information is provided to us anonymously or requested to be treated in an anonymised manner, We will respect this request and treat such information accordingly.

  • our service providers and agents (including their subcontractors) or third parties which process information on our behalf (e.g. customer relationship management (CRM) provider, customer app provider, complaints handling provider, ​​ internet service and platform providers, data storage providers, administrative support and audit providers); where information is provided anonymously or requested to be treated in an anonymised manner, We will respect this request and treat such information accordingly.

  • our customers, on an anonymised basis;

  • regulatory and law enforcement bodies, where required of us under any applicable law or regulation.

  • Contact details such as your email address and your phone number.

Consent where you have expressly agreed to provide this information to us.

  • Your position such as whether you are a member of the public or a member of the construction industry working on a particular site. ​​ 

Consent where you have expressly agreed to provide this information to us.

  • Your concerns such as those relating to a particular registered site and any other information that you disclose to us.

Consent where you have expressly agreed to provide this information to us.

  • Your call to us such as a recording of your voice on the call for training, quality or service improvement/development purposes.

Consent where you have expressly agreed to provide this information on the telephone.

 

 

 

 

 

 

 

 

 

 

 

Details about visitors to our website www.buildingasaferfuture.org.uk and www.bsflearninghub.org

 

What we collect:

 

We may use your information for the following purposes, based on the following legal grounds:

Recipients:

  • Browser history information you provide when browsing our website, including your IP address and device type and, if you choose to share it with us, your location data, as well as how you use our website.

  • If it is in our legitimate business interests to do so: to improve and maximise functionality of our website and services.

  • Necessary to protect the vital interests of the individual concerned: for security purposes, to prevent and detect against fraud against you or us.

  • Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements.

  • Consent: for the purposes of analytics, advertising, integrated social media and functional services.

How we share information

Please note that personal information we are holding about you may be shared with and processed by:

    • regulators or other third parties for the purposes of monitoring and/or enforcing our compliance with any legal and regulatory obligations, including statutory or regulatory reporting or the detection or prevention of unlawful acts;

    • any third party in the context of actual or threatened legal proceedings, provided we can do so lawfully (for example in response to a court order);

    • our service providers and agents (including their subcontractors) or third parties which process information on our behalf (e.g. internet service and platform providers);

    • third parties for marketing purposes (with your consent), e.g. our partners and other third parties with whom we work; and

    • another organisation to whom we may transfer our agreement with you or if we sell or buy (or negotiate to sell or buy) our business or any of our assets (provided that adequate protections and safeguards are in place).

 

 

Retention and deletion policy

Unless we are required or permitted by law to hold on to your information for a specific retention period, we may retain your information for the following purposes and periods:

 

Category of personal data:

Period for which personal data will be stored:

  • Data about our customers and business contacts.

Contracts and general correspondence (emails, post and other communications) obtained in the course of providing our services: ​​ 

Such information will be deleted after three years from the completion or termination of our relationship with regard to the BSF or to the company and locations to which the data applies.

Contact details for marketing purposes:

Contact information relating to customers and contacts will be held for so long as we believe the

information to remain accurate and the individual concerned remains a genuine connection of ours, or of

one of our directors and staff. ​​ We have a programme for reviewing our contacts regularly and removing any

information which is considered to be out of date or no longer relevant.

  • Data about workforce personnel that we collect as part of the BSF services.

Such information will be stored for up to 2 years following completion of the services or termination or expiry of our contract (whichever is later).

  • Data about members of the public or workforce personnel that is submitted to us as part of any reporting of concerns or complaints

Such information will be stored for up to 2 years following collection.

  • Data about visitors of our websites

We will maintain records of your personal data for 2 years following your visit to our website.

 

 

© 2020 Building a Safer Future Ltd. All rights reserved.