NSN System & App CNTM
Privacy Policy
Purpose of This Privacy Policy
Data Controller
Personal Data We May Collect
Why We Use Personal Data
Lawful Bases for Processing
Special Category Data
Location Data
Shift Scheduling, Availability and Time-Off Data
Communications and Chat Records
Photos, Videos and Evidence
Read & Sign, Training and Compliance Records
Forms, Reports and Incident Records
Monitoring and Audit
Who We May Share Data With
Service Providers and System Providers
International Transfers
Retention
Data Security
User Responsibilities
Your Rights
Right to Object
Complaints
Updates to This Privacy Policy
Contact
Purpose of This Privacy Policy
This Privacy Policy explains how NSN Corporation Ltd collects, uses, stores and protects personal data when authorised users access and use NSN System & App CNTM.
​
NSN System & App CNTM is used for shift scheduling, schedule updates, availability, time-off requests, operational communication, site information, training, forms, reporting, compliance acknowledgements, incident reporting, task management, evidence submission and other work related activities.
This Privacy Policy applies to employees, workers, contractors, self-employed operatives, agency personnel, supervisors, Control Room staff, Operations Compliance Officers, management staff and any other authorised users given access to NSN System & App CNTM.
Data Controller
The data controller is:
NSN Corporation Ltd
Registered office: [Insert current registered office] Company number: [Insert company number]
Email: [Insert privacy/compliance email]
Telephone: 0203 55 66 678
​
Personal Data We May Collect
NSN may collect and process personal data through NSN System & App CNTM, including:
Name, contact details, role, site allocation, profile information, employment or contractor status, shift details, rota information, availability, time-off requests, attendance records, clock-in and clockout records, location data where enabled, training records, read-and-sign acknowledgements, form submissions, incident reports, DOLSH records, task records, patrol records, chat messages, uploaded photos, uploaded videos, uploaded documents, device or app usage information, compliance records and investigation-related records.
Where required for operational, legal, safety, security or safeguarding purposes, some records may include more sensitive information, such as health and safety information, incident details, witness information, allegations, security concerns, workplace conduct information or records connected to an investigation.
​
​
Why We Use Personal Data
NSN uses personal data for legitimate business, operational, contractual, safety and compliance purposes.
This includes managing shifts, site cover, staff deployment, availability, time-off requests, site communication, attendance, lone-worker safety, task completion, incident reporting, client reporting, training, compliance acknowledgements, operational audits, investigation of incidents or complaints, payroll support, HR administration, health and safety management, security management, legal compliance, contract management and protection of NSN’s business, clients, residents, staff, contractors and property.
Lawful Bases for Processing
NSN processes personal data under one or more lawful bases under UK data protection law.
Processing may be necessary for the performance of a contract, where NSN needs to manage your work, assignment, duties, attendance, shift records, pay-related records or contractual relationship.
Processing may be necessary for compliance with a legal obligation, including employment law, health and safety law, tax, payroll, regulatory, insurance, security or other legal requirements.
Processing may be necessary for NSN’s legitimate interests, including operational management, service delivery, client reporting, compliance monitoring, fraud prevention, security, audit trail, incident investigation, quality control and protection of staff, clients, residents and property.
Processing may be necessary to protect vital interests in an emergency, including where there is a risk to life, health or safety.
Consent will only be used where NSN specifically asks for consent for a separate optional activity. Consent will not normally be the main lawful basis for core operational use of NSN System & App CNTM
Special Category Data
In limited circumstances, NSN may process special category data, such as health information, where this is necessary for employment, health and safety, safeguarding, incident management, legal claims, emergency response or other lawful purposes.
Where special category data is processed, NSN will rely on an appropriate lawful basis under Article 6 UK GDPR and an additional special category condition under Article 9 UK GDPR. ICO guidance confirms that special category data requires both a lawful basis and an additional Article 9 condition.
Location Data
Where location-based functions are enabled, NSN may process location data for operational purposes, including clock-in and clock-out validation, site attendance verification, lone-worker support, patrol verification, task verification and investigation of attendance or service delivery issues.
NSN will not use location data for unnecessary or excessive monitoring. Location data should only be used where relevant to operational, safety, compliance, attendance or service delivery requirements.
Shift Scheduling, Availability and Time-Off Data
NSN System & App CNTM may be used to manage shift scheduling, shift confirmations, schedule changes, availability, time-off requests, absence-related records and operational cover planning.
Users are responsible for keeping availability, time-off requests and relevant work-related information accurate and up to date. Inaccurate or delayed information may affect scheduling, operational planning, payroll support, client service delivery and compliance records.
Communications and Chat Records
Messages and communications sent through NSN System & App CNTM may be recorded and reviewed for operational, compliance, safety, investigation, training, service delivery or audit purposes.
Users must use the app professionally and must not share inappropriate, offensive, discriminatory, confidential, misleading or unauthorised content.
NSN System & App CNTM is an official NSN communication channel. Work-related communications may form part of NSN’s operational and compliance records.
Photos, Videos and Evidence
Photos, videos and documents uploaded through NSN System & App CNTM may be used for operational reporting, incident evidence, maintenance reporting, compliance audits, client updates, investigations, training verification, health and safety management, security management, insurance support or legal protection.
Users must only upload media that is relevant, necessary and proportionate. Users must not upload unnecessary images of residents, visitors, members of the public, children, private documents, personal belongings or sensitive areas unless this is strictly necessary for a legitimate work-related purpose.
Read & Sign, Training and Compliance Records
NSN may use NSN System & App CNTM to issue SOPs, Assignment Instructions, RAMS, Toolbox Talks, policies, site documents, training materials, quizzes, assessments and compliance acknowledgements.
Records of access, completion, acknowledgement, pass marks, failed attempts, retraining and noncompletion may be retained as part of NSN’s compliance, training, audit and operational control records.
Forms, Reports and Incident Records
NSN may process form submissions, incident reports, DOLSH records, RAG status records, severity ratings, escalation notes, witness information, task records, patrol records, maintenance reports, site observations and supporting evidence.
These records may be used for operational response, client reporting, compliance validation, service improvement, insurance, legal protection, disciplinary review, contractor management or investigation purposes.
Monitoring and Audit
NSN may review activity within NSN System & App CNTM for legitimate operational and compliance purposes.
This may include reviewing messages, acknowledgements, forms, reports, uploaded evidence, attendance records, task records, training records, location-based attendance data where enabled, and other app activity relevant to work duties.
Monitoring must be proportionate and connected to legitimate business, safety, security, compliance, service delivery or investigation purposes. ICO guidance recognises that employee monitoring can be intrusive and should be handled in a way that respects staff privacy and complies with data protection law.
Who We May Share Data With
NSN may share relevant personal data with authorised NSN management, Bookings & Scheduling, Control Room, Operations Compliance Officers, HR, payroll, finance, clients, managing agents, insurers, legal advisers, HR advisers, IT and system providers, auditors, emergency services, regulators or public authorities where there is a legitimate business, contractual, legal, safety, security or compliance reason.
Personal data will only be shared where necessary and proportionate.
Service Providers and System Providers
NSN may use third-party service providers to operate, host, support or maintain NSN System & App CNTM and related business systems.
These providers may process personal data on NSN’s behalf where required for system operation, technical support, data storage, security, maintenance or service improvement.
International Transfers
Some systems, service providers or support functions may process data outside the United Kingdom.
Where this happens, NSN will take reasonable steps to ensure appropriate safeguards are in place in line with UK data protection requirements.
Retention
NSN will keep personal data only for as long as necessary for the purpose it was collected.
Retention periods may vary depending on the type of record and the reason it is held. Shift records, attendance records, training records, compliance acknowledgements, incident reports, investigation records, client reporting records, payroll support records and health and safety records may be retained for longer where required for legal, insurance, client, employment, regulatory, contractual, audit or dispute-management purposes.
Data Security
NSN will take reasonable technical and organisational steps to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.
Users must also protect personal data by keeping login details secure, avoiding unauthorised sharing, reporting suspected breaches promptly, using the app only for authorised NSN business purposes and not downloading, copying or forwarding data unless authorised.
User Responsibilities
Users must use NSN System & App CNTM professionally, accurately and honestly.
Users must not submit false, misleading, incomplete, fabricated or unauthorised information. Users must not share login details, misuse confidential information, upload inappropriate content, interfere with system records or use the app for non-business purposes.
Failure to follow these requirements may result in investigation, retraining, restriction from deployment, disciplinary action, contract termination or other appropriate action.
Your Rights
You may have rights under UK data protection law, including the right to access your personal data, request correction, request deletion in certain circumstances, request restriction, object to certain processing, and raise a complaint.
These rights are not absolute and may depend on the lawful basis for processing, the nature of the data and NSN’s legal, contractual, operational, safety or compliance obligations.
Right to Object
Where NSN relies on legitimate interests, you may have the right to object to processing.
NSN will consider any objection carefully and will stop processing unless there are compelling legitimate grounds to continue or the processing is required for legal claims, compliance, safety, security, investigation, contractual performance or operational reasons.
Complaints
If you have a concern about how NSN handles your personal data, you should contact NSN first using the contact details below.
You also have the right to complain to the Information Commissioner’s Office
Updates to This Privacy Policy
NSN may update this Privacy Policy from time to time.
Users may be required to review and acknowledge updated versions through NSN System & App CNTM. Continued use of NSN System & App CNTM may confirm that the user has been provided with the latest published version.
Contact
Questions about this Privacy Policy or requests relating to personal data should be directed to:
NSN Corporation Ltd
Email: privacy@nsncorporation.co.uk
Telephone: 0203 55 66 678