PRIVACY POLICY

Last updated: 5 December 2024

1. Introduction

Site Samurai is a trading name of ZANZERO INVESTMENTS LTD ("we", "us", "our"). We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our construction management platform and services.

ZANZERO INVESTMENTS LTD is registered in England and Wales under company number 15409277.

For the purposes of UK data protection legislation (including the UK General Data Protection Regulation and the Data Protection Act 2018), we are the data controller.

2. Information We Collect

We collect and process the following categories of personal data:

2.1 Information You Provide

  • Account Information: Name, email address, phone number, job title, company name
  • Organisation Details: Company registration number, VAT number, business address
  • Project Data: Project names, addresses, contract values, client information
  • Financial Information: Payment details, invoicing information, application for payment data
  • Health & Safety Records: RAMS, incident reports, training records
  • Subcontractor Data: CIS verification details, UTR numbers, insurance information
  • Communications: Correspondence with us, support tickets, feedback

2.2 Information Collected Automatically

  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Pages visited, features used, time spent on platform, click patterns
  • Location Data: General location based on IP address (not precise GPS)
  • Analytics Data: We use Google Analytics to understand how visitors use our website. This includes information about your device, browser, pages viewed, and how you interact with our platform
  • Cookies and Similar Technologies: See our Cookie Policy for full details on the cookies we use, including Google Analytics cookies (_ga, _gid)

3. How We Use Your Information

We use your personal data for the following purposes:

3.1 Contract Performance

  • Providing and maintaining our platform and services
  • Processing your subscription and payments
  • Enabling project management and collaboration features
  • Generating reports and analytics for your organisation

3.2 Legitimate Interests

  • Improving and developing our platform
  • Providing customer support
  • Sending service-related communications
  • Preventing fraud and ensuring security
  • Analysing usage patterns to improve user experience

3.3 With Your Consent

  • Sending marketing communications about our products and services
  • Using cookies for analytics and advertising purposes

3.4 Legal Obligations

  • Compliance with tax and accounting requirements
  • Responding to legal requests from authorities
  • Maintaining health and safety records as required by law

4. Data Sharing

We may share your personal data with:

  • Service Providers: Cloud hosting (AWS/Azure), payment processors (Stripe), email services, analytics providers
  • Professional Advisers: Lawyers, accountants, auditors where necessary
  • Regulatory Bodies: HMRC for CIS verification, HSE for health and safety matters
  • Your Organisation: Other users within your organisation as permitted by your administrator
  • Business Partners: Only with your explicit consent

We do not sell your personal data to third parties.

5. International Transfers

Your data is primarily stored and processed within the United Kingdom. Where we transfer data outside the UK, we ensure appropriate safeguards are in place, including:

  • Transfers to countries with UK adequacy decisions
  • Standard Contractual Clauses approved by the ICO
  • Binding Corporate Rules where applicable

6. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected:

  • Account Data: For the duration of your subscription plus 7 years
  • Financial Records: 7 years as required by HMRC
  • Health & Safety Records: 40 years for accident/incident records as per HSE guidance
  • Project Data: For the duration of your subscription plus 6 years (limitation period)
  • Marketing Preferences: Until you withdraw consent

7. Your Rights

Under UK data protection law, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data in certain circumstances
  • Right to Restrict Processing: Request limitation of processing in certain circumstances
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for marketing
  • Rights Related to Automated Decision-Making: Not be subject to solely automated decisions

To exercise any of these rights, please contact us at [email protected]

8. Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication measures
  • Regular security assessments and penetration testing
  • Staff training on data protection
  • Incident response procedures

9. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the platform. The "Last updated" date at the top indicates when the policy was last revised.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact:

Data Protection Officer

ZANZERO INVESTMENTS LTD (trading as Site Samurai)

Company number: 15409277

Email: [email protected]

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.