You're in safe hands
MSite keeps your data safe and makes sure everything we do is GDPR compliant. GDPR stands for General Data Protection Regulations. As a quick side note, if you're particularly interested in your rights relating to data protection (not just with MSite, but in general), you can find out more about GDPR here.
MSite is a Cyber Essentials + certified company - you can view our certification here by searching for Human Recognition Systems. This means that we:
- Use a firewall to secure our internet connection
- Choose the most secure settings for our devices and software
- Control who has access to our data and services
- Protect our systems from viruses and malware
- Keep our devices and software up-to-date
We also use ISO 27001 certified cloud hosting to ensure that your data is safe and secure.
How we handle your data
If you have (or are about to create) an MSite profile, here is everything you need to know about how your data is secured and handled by MSite.
- All of our data resides within the UK. It is stored safely and securely, with back-up mechanisms in place to provide an extra layer of protection
- MSite collects data on behalf of the data controller. This includes basic personal data and can include special category personal data such as health and safety information, and if you wish to use your fingerprint or face for site entry, biometric data
- When we process biometric personal data, we understand that this data is sensitive and unique to you and we only use it for the purpose of identity verification
MSite Workforce App - your biometrics, your way
The MSite Workforce App provides a way for you to link your MSite profile to your phone's biometrics and then use the App via bluetooth to confirm your identity to MSite. This way you can gain and manage access in a biometrically verified contactless way at associated principal contractor construction sites and premises.
The App will use biometric authentication such as Android Fingerprint/Face, Apple Touch ID or Apple Face ID to confirm your identity before Bluetooth access is provided.
The MSite Workforce App does not store information, personal or biometric, about you or access your device to gain such information.
For Principal Contractors
In terms of defined roles under GDPR, the principal contractor is the data controller and MSite the data processor.
Like the data of your workers, your dashboard(s) and reporting system information is securely stored (see accreditation section). Your internal MSite Administrator can set permissions for users to determine who can see what within your site or organisation. For example, a supervisor may be permitted to see data for their own team only, while a project manager is likely to have complete oversight of all site data. Head Office contacts may have access to all sites and cumulative site dashboards.
Within your own organisation, there will be a nominated data controller, who will be responsible for determining how the data is used.
At MSite, we have our resident GDPR expert - if you have any questions relating to our GDPR processes or data security you can email directly here - firstname.lastname@example.org