Privacy Policy

Your privacy matters. Here's how we protect and handle your personal information.

Last updated: January 2025

Quick Summary

  • We only collect data necessary to operate our platform
  • Your data is never sold to third parties
  • You control what information employers can see
  • We're GDPR compliant and respect your data rights
  • All data is encrypted and securely stored

1. Information We Collect

Personal Information

When you register on Rope Access Network, we collect:

  • Basic Details: Name, email address, phone number
  • Professional Information: IRATA/SPRAT certification levels, experience, skills
  • Employment History: Previous employers, project types, references
  • Location Data: Work location preferences, availability for travel
  • CV/Resume: Documents you upload for verification and matching

Technical Information

  • IP address and browser information
  • Usage analytics (pages visited, time spent)
  • Device information (mobile, desktop, browser type)
  • Cookies for authentication and preferences

2. How We Use Your Information

Platform Operation

  • Create and maintain your professional profile
  • Match you with relevant job opportunities
  • Verify your certifications and experience
  • Enable communication between technicians and employers
  • Process subscription payments (employers)

Communication

  • Send job match notifications
  • Platform updates and new features
  • Account security alerts
  • Customer support responses

Legal and Safety

  • Comply with legal obligations
  • Prevent fraud and abuse
  • Maintain platform security
  • Resolve disputes

3. Information Sharing

We Do NOT Sell Your Data

Your personal information is never sold, rented, or shared with third parties for marketing purposes.

Controlled Sharing

  • Employers: Only verified employers can see profiles of technicians who match their criteria
  • Certification Bodies: We may verify credentials directly with IRATA, SPRAT, or training providers
  • Service Providers: Trusted partners who help operate our platform (payment processing, email delivery)
  • Legal Requirements: When required by law or to protect safety

Profile Visibility Controls

You control what information is visible to employers and can adjust privacy settings at any time through your account dashboard.

4. Data Security

Technical Safeguards

  • All data encrypted in transit (HTTPS/TLS)
  • Database encryption at rest
  • Regular security audits and penetration testing
  • Multi-factor authentication for admin access
  • Regular backup and disaster recovery procedures

Access Controls

  • Strict employee access controls and background checks
  • Regular access reviews and permission audits
  • Secure development practices and code reviews
  • Third-party security certifications

5. Your Rights (GDPR)

Under GDPR and other data protection laws, you have the following rights:

Access & Portability

  • • Request a copy of your data
  • • Download your profile information
  • • Transfer data to another service

Control & Correction

  • • Update incorrect information
  • • Restrict data processing
  • • Object to certain uses

Deletion

  • • Request account deletion
  • • Erase specific information
  • • Right to be forgotten

Complaints

  • • Lodge complaints with supervisory authorities
  • • Contact our Data Protection Officer
  • • Seek legal remedies

6. Data Retention

  • Active Accounts: Data retained while your account is active
  • Inactive Accounts: Deleted after 2 years of inactivity (with prior notice)
  • Communications: Support tickets and communications retained for 3 years
  • Financial Records: Payment records kept for 7 years for tax and legal compliance
  • Security Logs: System logs retained for 1 year for security purposes

7. Cookies and Tracking

Essential Cookies

Required for platform functionality (authentication, security, preferences)

Analytics Cookies

Help us understand how the platform is used to improve user experience (you can opt out)

Marketing Cookies

Currently not used, but would require your consent if implemented

8. International Transfers

Your data is primarily stored and processed within the UK/EU. If data is transferred internationally, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Certification schemes and codes of conduct

9. Children's Privacy

Our platform is not intended for anyone under 18. We do not knowingly collect personal information from children. If we become aware that we have collected such information, we will delete it promptly.

10. Changes to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify you of significant changes via:

  • Email notification to your registered address
  • Prominent notice on our platform
  • Updated "last modified" date at the top of this policy