At HSSE Solutions, we are committed to safeguarding the privacy and security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data, and outlines your rights in relation to your personal data. By accessing our website or using our services, you consent to the practices described in this policy.

If you have any questions or concerns about this Privacy Policy, please contact us using the details provided below.

1. Introduction

We understand how important privacy is to our customers. This Privacy Policy sets out how we manage personal data in compliance with data protection laws, including the UK GDPR (General Data Protection Regulation) and the Data Protection Act 2018. Please read it carefully to understand how we handle your personal information.

By using our website or services, you agree to the collection and use of your data as outlined in this policy.

2. Information We Collect

We collect and process various types of personal information in the course of providing our services. This data helps us to communicate with you, improve our services, and deliver a personalized experience.

We collect the following categories of personal data:

• Personal Identification Data: Name, property address, email address, phone number, and similar details.
• Technical Data: Your IP address, browser type and version, operating system, and information about how you interact with our website.
• Usage Data: Details of how you use our website, products, and services, such as page views and time spent on specific sections of the site.
• Marketing and Communications Data: Your preferences for receiving marketing and promotional communications from us.
• Special Categories of Personal Data: Information about health or vulnerability, shared voluntarily, where necessary, for providing our services.

3. How We Use Your Data

We use your data for several purposes, including:

• Service Delivery: To fulfill our contractual obligations with you and deliver the services you’ve requested.
• Communication: To provide updates, newsletters, marketing offers, and respond to inquiries.
• Personalization: To tailor the content, recommendations, and advertising you see based on your preferences and usage patterns.
• Legal Compliance: To meet our legal obligations, including preventing fraud and complying with regulations.
• Security: To safeguard our business operations, detect fraud, and ensure the security of our network and data.
• Customer Support: To assist with inquiries, resolve complaints, and enhance customer satisfaction.

We process your data on the following legal bases:

• Consent: Where you have given us permission to use your data.
• Contractual Necessity: To fulfill the terms of our contract with you.
• Legal Obligation: To comply with legal requirements.
• Legitimate Interest: Where necessary for our legitimate business interests (e.g., marketing, improving services).

4. Data Sharing and Disclosure

We may share your personal data in the following scenarios:

• Service Providers: We may share your data with third-party who assist us in delivering our services (e.g., Scheme Providers, Certification Body, Quality Assurance Scheme).
• Legal Obligations: We may disclose your personal data to comply with legal requirements or to protect our rights and property, including responding to requests from regulatory bodies or law enforcement.
• With Your Consent: If you provide consent, we may share your data with partners or other third parties for specific purposes.

5. Your Data Protection Rights

You have rights regarding your personal data under the UK GDPR, including:

• Right to Access: Under Article 15 of the UK GDPR, individuals have the right to request access to their personal data, allowing them to confirm whether their data is being processed and, if so, to obtain a copy of that data.
• Right to Rectification: Under Article 16, individuals can request the correction of inaccurate or incomplete personal data held about them.
• Right to Erasure (Right to be Forgotten): Article 17 of the UK GDPR gives individuals the right to request the deletion of their personal data, under certain conditions (e.g., when the data is no longer necessary for the purposes for which it was collected or if they withdraw consent).
• Right to Restrict Processing: Under Article 18, individuals have the right to ask for the restriction of processing of their personal data in specific situations (e.g., when they contest the accuracy of their data or object to processing).
• Right to Object: Under Article 21, individuals have the right to object to processing of their personal data based on legitimate interests or for direct marketing purposes.
• Right to Data Portability: Article 20 grants individuals the right to request their personal data in a structured, commonly used, and machine-readable format, and to transfer it to another data controller.
• Right to Withdraw Consent: If personal data is processed based on consent (as per Article 6(1)(a)), individuals can withdraw their consent at any time. This must be as easy as giving consent.

If you wish to exercise any of these rights, please contact us at info@hsse-solutions.co.uk.

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including meeting any legal, regulatory, or contractual obligations.

Specific retention periods include:

• Contractual Data: Retained for 10 years after the completion of the services provided.
• Marketing Data: Retained for 2 years or until you opt-out of communications.
• Legal and Financial Data: Retained for the duration required by law.

Once we no longer need your data, we will either delete or anonymize it to prevent unauthorized access.

7. How We Protect Your Data

At HSSE Solutions, we are committed to safeguarding your personal data. We have implemented a comprehensive range of technical and organizational measures to protect your data from unauthorized access, disclosure, alteration, or destruction. These measures include, but are not limited to:

• Data Encryption: We use industry-standard encryption methods to protect your personal data during transmission and while stored in our systems.
• Access Controls: We restrict access to personal data to authorized personnel only, based on the principle of “least privilege” and the specific requirements of their roles.
• Secure Storage: Your personal data is stored in secure environments with robust protection against unauthorized access, including physical and logical safeguards.

Despite these efforts, it is important to note that no method of data transmission over the internet or electronic storage is entirely secure. While we strive to protect your personal data using appropriate security measures, we cannot guarantee absolute security.

Should we detect any breach or potential risk to your personal data, we will take immediate action and notify you in accordance with our obligations under the UK GDPR.

8. Changes to This Privacy Policy

We reserve the right to update or amend this Privacy Policy periodically to reflect changes in our practices, operational procedures, or to comply with legal, regulatory, or industry requirements.

Any updates or revisions will be posted on this page, with the updated date clearly indicated at the top of the policy. In the event of significant changes to how we process your personal data, we will notify you directly, either via email or through a prominent notice on our website, in accordance with the UK GDPR.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data and to ensure you are aware of any changes to our practices.

9. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at:

HSSE Solutions
Email: info@hsse-solutions.co.uk
Phone: 020 8178 5892
Company Address: 33 Croppath Road Dagenham RM10 8BN

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe that we have not complied with data protection regulations.

ICO Contact Information:
Website: https://ico.org.uk/
Phone: 0303 123 1113
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF