GO Smart Card Checker Privacy Notice 

Online Card Checker 

iOS

Android

Go Smart Online Card Checker - Privacy Notice (PC Client)

Causeway Technologies Limited is an IT provider for organisations in the construction industry who issue Construction Skills Certification Scheme Limited (“CSCS”) cards or CSCS approved cards.  

This privacy notice sets out the information that is collected through your use of the Go Smart for PC Client application (“the App”) which can be downloaded from the Microsoft store and directly from the website www.gosmart.co.uk/Getting-Started.  It also explains to you what happens when you check a card using the App.  

Contact Details 

Our Contact Details: Causeway Technologies Limited, Sterling House, 20, Station Road, Gerrards Cross, SL9 8EL +44 (0) 1753 279 927.  

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed for the attention of our Data Protection Officer at dpo@gosmart.co.uk 

Purpose  

The purpose of the App is to allow a user who has downloaded it on to their device to check if a card presented by a cardholder is genuine and the identity, training and qualifications of the cardholder.  

When I use the App to check a card, what information is transmitted to Causeway Technologies Limited, CSCS and/or CSCS Partners? 

  • Information about the make and model of your PC along with the version of the PC Client operating system installed is recorded, in order to allow Causeway Technologies Limited to target and improve its services.  
  • The time that your device reads a card or swipes a card in or out.  
  • The location/GPS co-ordinate where your mobile device read the card if you have location services switched on. This is passed to our Vircarda App and used for mapping where a read took place for which there is a separate Vircarda privacy notice.  For some virtual cards, the location, time and friendly name of the card checking device are provided to the data controller (i.e. card issuer) when an online card check is undertaken. 

The App requires access to your device’s: 

  • Photo/Media/Files and Storage to temporarily store cardholder data but we do not collect any personal data in this process. 
  • Camera functionality solely to support the reading of QC codes (held on each card). 

No additional information about the card or cardholder is transmitted to Causeway Technologies Limited, CSCS or CSCS Partners other than that required for facilitating the synchronisation of the data on the card to the relevant database. 

We do not require you to record and we do not collect or store any registration data in respect of the app. Accordingly, when you use the app on your device to read a card we are not capable of identifying you using the above information without further information which is not in our possession or control. Therefore, the above personal information does not constitute personal data for data protection and privacy purposes. 

What cardholder information is collected and stored on your (the App user’s) device? 

  1. Information that can be read from a CSCS or CSCS Partner Smartcard including the cardholder’s initial, surname and photograph. 
  1. The time and if possible, location of where the card was read. 

Can this information be transferred from your (the App user’s) device? 

It is possible for the user of Go Smart for PC Client to export the data from card reads. Once data has been exported, it is the responsibility of the user to ensure that it is not used insecurely, inappropriately or illegally. Before capturing data from a CSCS card or CSCS Partner card onto your device, you must ensure you have the cardholder’s permission and you (or your employer if you are checking a card on their behalf) must have a suitable registration under the Data Protection Act 2018.  

Where we store personal data and transfers out of the UK 

The data that we collect will be stored within the UK and may be processed by staff operating within the UK who work for us and any relevant sub-processors. 

We will not transfer any data that we collect or receive from you that constitutes personal data outside of the UK unless there are appropriate safeguards, the transfer is based on adequacy (regulations or decision) or the transfer otherwise complies with the applicable UK data protection legislation. Such transfers may involve, for example, our use of third party services allowing us to send e-mails or automated SMS messages which make use of facilities in third countries to process and store data. 

Lawful basis for processing:  

We will only use your personal data when the law allows us to.  

  • We may use your personal data to perform the contract we have entered into with you or in order to take steps at your request to enter into a contract with you (Basis: Art 6(b) UK GDPR). 
  • We and any third parties with whom we share your personal data may also find it necessary to process your data for legitimate interests we pursue (Basis: Art 6(f) UK GDPR), for example, to improve our services. 
  • We may also process your personal data based on compliance with a mandatory legal obligation (Basis: Art 6 (c) UK GDPR) including, for example, accounting and tax requirements which are subject to strict internal policies (such as retention periods). 
  • Where we do not rely on another legal basis, we may process your personal data based on consent you provide (Basis: Art 6(a) UK GDPR).

Security: How is data protected within Go Smart for PC Client? 

We will take all steps reasonably necessary to ensure that your data provided to us is treated securely and in accordance with this privacy notice. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and administrative procedures to safeguard and secure the information collected.  

How long is data stored within Go Smart for PC Client? 

Data from card reads is stored until deleted by the operator or until Go Smart for PC Client is uninstalled from your PC 

Your rights:  

You have rights under data protection laws in relation to your personal data including the right to receive a copy of the personal data we hold about you and you have the right to make a complaint at any time to the Information Commissioner’s Office. If you wish to exercise any of these rights please contact our Data Protection Officer at dpo@gosmart.co.uk. 

More detail can be found at https://ico.org.uk/your-data-matters  

Changes to our privacy notice 

Any changes we may make to our privacy notice in the future will be posted on the relevant page on the Microsoft store 

GO SMART APP PRIVACY NOTICE (iOS) 

Causeway Technologies Ltd is an IT provider for organisations in the construction industry who issue Construction Skills Certification Scheme Limited (“CSCS”) cards or CSCS approved cards.  

This privacy notice sets out the information that is collected through your use of the Go Smart for iOS application (“the App”) which can be downloaded from the website www.gosmart.co.uk. It also explains to you what happens when you check a card using the App.  

Contact Details 

Our Contact Details: Causeway Technologies Limited, Sterling House, 20, Station Road, Gerrards Cross, SL9 8EL Questions, comments and requests regarding this privacy policy are welcomed and should be addressed for the attention of our Data Protection Officer at dpo@gosmart.co.uk.  

Purpose  

The purpose of the App is to allow a user who has downloaded it on to their device to check if a card presented by a cardholder is genuine and the identity, training and qualifications of the cardholder.  

When I use the App to check a card, what information is transmitted to Causeway Technologies Limited, CSCS and/or CSCS Partners? 

  • Information about the make and model of the smartphone along with the version of the iOS operating system installed is recorded, in order to allow Causeway Technologies Limited to target and improve its services. If there is an error or other issue in your use of the App, we may receive your IP address in order to correct the issue but we cannot identify you personally from this. 
  • The time that your device reads a card or swipes a card in or out.  
  • The location/GPS co-ordinate where your mobile device read the card if you have location services switched on. This is passed to our Vircarda App and used for mapping where a read took place for which there is a separate Vircarda privacy notice.  For some virtual cards, the location, time and friendly name of the card checking device are provided to the data controller (i.e. card issuer) when an online card check is undertaken. 

The App requires access to your device’s: 

  • Photo/Media/Files and Storage to temporarily store cardholder data but we do not collect any personal data in this process. 
  • Camera functionality solely to support the reading of QC codes (held on each card). 

No additional information about the card or cardholder is transmitted to Causeway Technologies Limited, CSCS or CSCS Partners other than that required for facilitating the synchronisation of the data on the card to the relevant database. 

We do not require you to record and we do not collect or store any registration data in respect of the app. Accordingly, when you use the app on your device to read a card we are not capable of identifying you using the above information without further information which is not in our possession or control. Therefore, the above personal information does not constitute personal data for data protection and privacy purposes. 

What cardholder information is collected and stored on your (the App user’s) device? 

  1. Information that can be read from a CSCS or CSCS Partner Smartcard including the cardholder’s initial, surname and photograph. 
  1. The time and if possible, location of where the card was read. 

Can this information be transferred from your (the App user’s) device? 

It is possible for the user of Go Smart for iOS to export the data from card reads. Once data has been exported, it is the responsibility of the user to ensure that it is not used insecurely, inappropriately or illegally. Before capturing data from a CSCS card or CSCS Partner card onto your device, you must ensure you have the cardholder’s permission and you (or your employer if you are checking a card on their behalf) must have a suitable registration under the Data Protection Act 2018.  

Where we store personal data and transfers out of the UK 

The data that we collect will be stored within the UK and may be processed by staff operating within the UK who work for us and any relevant sub-processors. 

We will not transfer any data that we collect or receive from you that constitutes personal data outside of the UK unless there are appropriate safeguards, the transfer is based on adequacy (regulations or decision) or the transfer otherwise complies with the applicable UK data protection legislation. Such transfers may involve, for example, our use of third party services allowing us to send e-mails or automated SMS messages which make use of facilities in third countries to process and store data. 

Lawful basis for processing:  

We will only use your personal data when the law allows us to.  

  • We may use your personal data to perform the contract we have entered into with you or in order to take steps at your request to enter into a contract with you (Basis: Art 6(b) UK GDPR). 
  • We and any third parties with whom we share your personal data may also find it necessary to process your data for legitimate interests we pursue (Basis: Art 6(f) UK GDPR), for example, to improve our services. 
  • We may also process your personal data based on compliance with a mandatory legal obligation (Basis: Art 6 (c) UK GDPR) including, for example, accounting and tax requirements which are subject to strict internal policies (such as retention periods). 
  • Where we do not rely on another legal basis, we may process your personal data based on consent you provide (Basis: Art 6(a) UK GDPR).

Security: How is data protected within Go Smart for iOS? 

We will take all steps reasonably necessary to ensure that your data provided to us is treated securely and in accordance with this privacy notice. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and administrative procedures to safeguard and secure the information collected.  

How long is data stored within Go Smart for iOS? 

Data from card reads is stored until deleted by the operator or until Go Smart for iOS is uninstalled from the smartphone.  

Your rights:  

You have rights under data protection laws in relation to your personal data including the right to receive a copy of the personal data we hold about you and you have the right to make a complaint at any time to the Information Commissioner’s Office. If you wish to exercise any of these rights please contact our Data Protection Officer at dpo@gosmart.co.uk.  

More detail can be found at https://ico.org.uk/your-data-matters  

Changes to our privacy notice 

Any changes we may make to our privacy notice in the future will be posted on the relevant page on the App Store.  

GO SMART APP PRIVACY NOTICE (ANDROID) 

Causeway Technologies Ltd is an IT provider for organisations in the construction industry who issue Construction Skills Certification Scheme Limited (“CSCS”) cards or CSCS approved cards.  

This privacy notice sets out the information that is collected through your use of the Go Smart for Android application (“the App”) which can be downloaded from the website www.gosmart.co.uk. It also explains to you what happens when you check a card using the App.  

Contact Details 

Our Contact Details: Causeway Technologies Limited, Sterling House, 20, Station Road, Gerrards Cross, SL9 8EL.Questions, comments and requests regarding this privacy policy are welcomed and should be addressed for the attention of our Data Protection Officer at dpo@gosmart.co.uk.  

Purpose  

The purpose of the App is to allow a user who has downloaded it on to their device to check if a card presented by a cardholder is genuine and the identity, training and qualifications of the cardholder.  

When I use the App to check a card, what information is transmitted to Causeway Technologies Limited, CSCS and/or CSCS Partners? 

  • Information about the make and model of the smartphone along with the version of the Android operating system installed is recorded, in order to allow Causeway Technologies Limited to target and improve its services. If there is an error or other issue in your use of the App, we may receive your IP address in order to correct the issue but we cannot identify you personally from this. 
  • The time that your device reads a card or swipes a card in or out.  
  • The location/GPS co-ordinate where your mobile device read the card if you have location services switched on. This is passed to our Vircarda App and used for mapping where a read took place for which there is a separate Vircarda privacy notice.  For some virtual cards, the location, time and friendly name of the card checking device are provided to the data controller (i.e. card issuer) when an online card check is undertaken. 

The App requires access to your device’s: 

  • Photo/Media/Files and Storage to temporarily store cardholder data but we do not collect any personal data in this process. 
  • Camera functionality solely to support the reading of QC codes (held on each card). 

No additional information about the card or cardholder is transmitted to Causeway Technologies Limited, CSCS or CSCS Partners other than that required for facilitating the synchronisation of the data on the card to the relevant database. 

We do not require you to record and we do not collect or store any registration data in respect of the app. Accordingly, when you use the app on your device to read a card we are not capable of identifying you using the above information without further information which is not in our possession or control. Therefore, the above personal information does not constitute personal data for data protection and privacy purposes. 

What cardholder information is collected and stored on your (the App user’s) device? 

  1. Information that can be read from a CSCS or CSCS Partner Smartcard including the cardholder’s initial, surname and photograph. 
  1. The time and if possible, location of where the card was read. 

Can this information be transferred from your (the App user’s) device? 

It is possible for the user of Go Smart for Android to export the data from card reads. Once data has been exported, it is the responsibility of the user to ensure that it is not used insecurely, inappropriately or illegally. Before capturing data from a CSCS card or CSCS Partner card onto your device, you must ensure you have the cardholder’s permission and you (or your employer if you are checking a card on their behalf) must have a suitable registration under the Data Protection Act 2018.  

Where we store personal data and transfers out of the UK 

The data that we collect will be stored within the UK and may be processed by staff operating within the UK who work for us and any relevant sub-processors. 

We will not transfer any data that we collect or receive from you that constitutes personal data outside of the UK unless there are appropriate safeguards, the transfer is based on adequacy (regulations or decision) or the transfer otherwise complies with the applicable UK data protection legislation. Such transfers may involve, for example, our use of third party services allowing us to send e-mails or automated SMS messages which make use of facilities in third countries to process and store data. 

Lawful basis for processing:  

We will only use your personal data when the law allows us to.  

  • We may use your personal data to perform the contract we have entered into with you or in order to take steps at your request to enter into a contract with you (Basis: Art 6(b) UK GDPR). 
  • We and any third parties with whom we share your personal data may also find it necessary to process your data for legitimate interests we pursue (Basis: Art 6(f) UK GDPR), for example, to improve our services. 
  • We may also process your personal data based on compliance with a mandatory legal obligation (Basis: Art 6 (c) UK GDPR) including, for example, accounting and tax requirements which are subject to strict internal policies (such as retention periods). 
  • Where we do not rely on another legal basis, we may process your personal data based on consent you provide (Basis: Art 6(a) UK GDPR).

Security: How is data protected within Go Smart for Android? 

We will take all steps reasonably necessary to ensure that your data provided to us is treated securely and in accordance with this privacy notice. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and administrative procedures to safeguard and secure the information collected.  

How long is data stored within Go Smart for Android? 

Data from card reads is stored until deleted by the operator or until Go Smart for Android is uninstalled from the smartphone.  

Your rights:  

You have rights under data protection laws in relation to your personal data including the right to receive a copy of the personal data we hold about you and you have the right to make a complaint at any time to the Information Commissioner’s Office. If you wish to exercise any of these rights please contact our Data Protection Officer at dpo@gosmart.co.uk

More detail can be found at https://ico.org.uk/your-data-matters  

Changes to our privacy notice 

Any changes we may make to our privacy notice in the future will be posted on the relevant page on  Google Play.