Reference Point Ltd is committed to protecting and respecting your privacy. This policy, sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
We keep certain basic information when you use the online card checking service and recognise the importance of keeping that information secure and letting you know what we will do with it.
We are an IT provider for organisations in the construction industry who issue CSCS cards or CSCS approved cards. The services include this online checking service located on the website www.gosmart.co.uk (“our website”) which allows the data of cardholders in participating card schemes to be checked online upon the input of certain identifying cardholder information. The services also include an App for which there is a separate privacy notice.
For the purposes of the Retained Regulation (GDPR (EU) 2016/679) (UK GDPR) and the Data Protection Act 2018 (“data protection legislation”):
We are the data controller data we collect about your use of the online checking service.
Our Contact Details: Reference Point Limited, Shire House, Gerrards Cross, SL9 7QN +44 (0) 1753 279 927.
Information we may collect from you and purpose for processing
Where you contact us for support, we will use your email address and any other contact details you provide for communicating with you. The details of support requested and provided will be logged for our internal records.
We may also ask you for information when you report a problem with the online card checking service.
We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
If you perform a search using the online check service we will collect and store your IP address and the search criteria you have input into the online check service.
Lawful basis for processing:
We will only use your personal data when the law allows us to.
The recipients or categories of recipients of personal data:
We will share your personal data with third parties where required by law or where we have another legitimate interest in doing so.
We may disclose your personal information to third parties:
Where we store your personal data and transfers out of the UK:
The data that we collect from you will be stored within the UK and may be processed by staff operating within the UK who work for us and any relevant sub-processors.
We will not transfer any data that we collect or receive from you that constitutes personal data outside of the UK unless there are appropriate safeguards, the transfer is based on adequacy (decision or regulations) as set out in the data protection legislation or the transfer otherwise complies with the data protection legislation. Such transfers may involve, for example, our use of third party services allowing us to send e-mails or automated SMS messages which make use of facilities in third countries to process and store data.
We will take all steps reasonably necessary to ensure that your data provided to us is treated securely and in accordance with this privacy notice.
All information you provide to us is stored on our or our sub-contractors' secure servers. Where we have given you (or where you have chosen) a password or key which enables you to access the online card checking service, you are responsible for keeping this password or key confidential.
We take steps to protect the information that we receive from you from loss, misuse, and unauthorised access or disclosure. These steps take into account the sensitivity of the information we receive, process and store, and the current state of technology.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do what we reasonably can to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use reasonable procedures and security features to try to prevent unauthorised access.
Retention period and criteria used to determine the retention period:
You have the right to:
Where our processing is based on your explicit consent to our processing, you have the right to withdraw such consent (this will not affect the lawfulness of processing prior to the withdrawal of your consent).
If you wish to exercise any of these rights please contact our Data Protection Officer at firstname.lastname@example.org
We will inform you (before collecting your data) if we intend to use your data for marketing purposes or if we intend to disclose your information to any third party for such purposes and you can withhold your consent to and prevent such processing by not checking certain boxes on the forms we use to collect your data. You can also exercise the right to prevent such processing at any time by contacting us at email@example.com
Third Party Links
Complaints to Information Commissioner: You have the right to lodge a complaint about our processing with the Information Commissioner.
Consequences of failure to provide personal data: Your provision of personal data to us may be a requirement necessary for you to enter into a contract with us. If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you.
Changes to our privacy notice
Any changes we may make to our privacy notice in the future will be posted on the relevant page on our site and, where appropriate, notified to you by e-mail. However, we advise that you check on our site regularly to keep up to date with any necessary changes.
What are cookies?
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer (or internet-enabled device) if you agree.
Cookies allow us to identify the computer or device you are using to access our website – but we cannot identify you personally. This information is sent back to our systems as you move around our website. Cookies are unique to the web browser you are using – so if you are using a desktop computer as well as a smart phone, different data will be collected for each.
Cookies we use
We use the following cookies:
Strictly necessary cookies: These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website and services.
Analytical/performance cookies: These allow us to recognise and count the number of visitors and to see how visitors move around our site when they are using it e.g. which pages are viewed by visitors most frequently. This helps us to improve the way our website and services work, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies: These are used to recognise you when you return to our site. This enables us to personalise our content for you and remember your preferences (for example, your choice of language or region).
We do not set targeting/advertising cookies. Cookies are not used in any Apps we provide.
Who sets cookies?
Cookies can be set by the owner of the website you are on. These are known as first party cookies. Please note that third parties may also set cookies of any type, over which we have no control – however, you can control them by managing your cookies (see below). Only the owner of the cookie can see the anonymous information it collects.
How can I manage cookies?
You may block cookies by activating the setting on your browser which allows you to refuse the setting of all or some cookies. However, if you select this setting you may be unable to access all or certain parts of our site.