Review Frequency: Annual, with additional reviews as required by regulatory changes or organisational updates.
Introduction
SSS Compliance Services Ltd. (SSSCP) is committed to protecting the privacy and security of your personal information in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This privacy policy outlines how we collect, use, store, and safeguard your personal data. Our commitment to privacy reflects our core values of safety, security, and sustainability.
Information We Collect
To fulfil our membership and regulatory requirements, we may collect, store, and use the following types of personal information:
Contact Details: Name, address, email, and phone numbers.
Photograph: Used solely for identity verification.
Right to Work Documents: Proof of eligibility to work.
CV and Qualifications: Evidence of skills and experience.
Certifications and Licences: Details on professional credentials and competency.
Company Details: Applicable for members under corporate schemes.
How We Collect Your Information
We collect personal information directly from you through our app or website when you submit documents, such as your CV, qualifications, and other membership-related information.
How We Use Your Information
Your personal data is used for creating and managing your SSSCP membership and for compliance with our Terms of Service. Specifically, we use your information to:
Verify Competency and Training: Display evidence of your qualifications through the SSS Profile Checker and TRACK-IT.
Support compliance checks: Enable clients, contractors, and other duty holders to verify your credentials under the Building Regulations and Building Safety Act.
Documentation Reminders: Notify you when renewals are due for certificates, licences, or qualifications.
Marketing Communications: Inform you about services and updates that may be of interest.
Data Sharing
We share your personal data only for verification and regulatory purposes with:
The relevant duty holders: for compliance checks in accordance with legal requirements.
Awarding Bodies and Certifying Organisations: To verify qualifications and certifications as needed.
All third parties are required to uphold data security and privacy standards in line with GDPR. They are permitted to process your personal data solely for specified purposes and under our instruction.
Data Security
SSSCP has implemented robust measures to protect your personal information from unauthorised access, alteration, or misuse. These include:
Access Control: Data access is restricted to authorised employees, agents, and third parties with a business need.
Confidentiality Agreements: All personnel with access to your data are bound by confidentiality obligations.
Breach Response Protocols: In the event of a data breach, we will promptly notify you and relevant authorities as required by law.
Data Retention
We retain your personal data only for as long as necessary to meet the purposes for which it was collected, including legal and regulatory requirements. Once your data is no longer required, it will be securely deleted or anonymised in line with our data retention policy.
Your Rights Under GDPR
Under GDPR, you have the following rights regarding your personal data:
Access: Request access to your personal information.
Correction: Request corrections if any data is inaccurate.
Erasure: Request deletion of data no longer necessary for its original purpose.
Restriction: Restrict processing of your data in specific circumstances.
Objection: Object to processing based on legitimate interests.
Data Portability: Request transfer of your data to another party.
To exercise any of these rights, please contact us at [email protected]. We will respond promptly, and while most requests are free, we may charge a fee for excessive or unfounded requests.
Right to Withdraw Consent
If we process your personal data with consent, you may withdraw it at any time by contacting us at [email protected]. Once your request is received, we will stop processing your data unless required by law.
Data Sharing for Verification Purposes
Your data is shared with specific parties solely for the purpose of verifying your qualifications and competency. Personal details such as your photograph or contact information will not be publicly disclosed.
Monitoring, Reporting, and Accountability
To maintain transparency and accountability, we implement the following measures:
Data Monitoring Systems: Regularly track data use, access, and processing to ensure compliance with GDPR.
Periodic Audits: Conduct data protection audits to evaluate our data handling practices and identify areas for improvement.
Annual Privacy Impact Report: Publish a summary report to inform stakeholders about data protection initiatives, achievements, and future commitments.
Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in regulations, best practices, or our operations. If significant changes are made, we will notify you via email or through the SSSCP app. We encourage you to periodically review this policy to stay informed about how we protect your personal data.
Contact Us
If you have any questions or wish to exercise your rights concerning your personal information, please reach out to us at: Email:[email protected] Mail: Data Protection Officer, SSS Compliance Services Ltd
By agreeing to this privacy policy, you acknowledge that you have read and agree to our Terms and Conditions and Cookies Policy.
