Privacy Policy – MSite Supervisor App

Effective Date: 19th May 2026

Introduction

The MSite Supervisor App (“the App”) is a workforce management and site operations application provided by Infobric Limited trading as MSite, registered address The Bunker, 25 Innovation Boulevard, Liverpool, England, L7 9PW, company number 04363275 and ICO registration number ZA068354(“MSite”, “we”, “our”, or “us”).

As you utilise the MSite online portal, the information collected is controlled by the portal owner (“Principal Contractor”) who act as the Data Controller. Infobric Ltd operate and manage the MSite online portal on behalf of the portal owner (“Principal Contractor”) and act as their Data Processor.

The MSite portal owner (“Principal Contractor”) will have their own privacy policy which you should reference to understand how they manage your personal data, including but not limited to their reasons for holding the data and how long they hold the data for.

The App is designed for authorised supervisors and workforce management personnel to manage operational activities including attendance logging, workforce onboarding, briefing attendance, accreditation checks, roll call procedures, and related site safety and compliance workflows.

This privacy policy has been updated for the UK / EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 as applicable and illustrates how we use your personal data when you visit or record your personal information in MSite. MSite only does when instructed by the Principal Contractor.

We have provided this policy to ensure that you understand what personal data we collect and hold about you, what we may use it for and how we keep it safe. You have legal rights to access the personal data that we hold about you and to control how we use it which are also explained.

The App is not designed for covert surveillance, device monitoring, or background tracking of users or devices.

Information Collected Through MSite

Depending on how the App is used and configured by the Principal Contractor, the App may collect and process the following categories of information:

Workforce Information

Any personal data collected about you in MSite is collected on behalf of a Principal Contractor and as such subject to their privacy policy.

Identity and Verification Information

Where enabled by the Principal Contractor, authorised users may capture or upload workforce-related documents and attachments, including:

Attendance and Site Access Information

The App may process:

Biometric Data

The Principal Contractor has responsibilities to protect your health and safety, requires them to prevent unauthorised access to site, ensure anyone they appoint has the skills, knowledge, experience and, where relevant, the organisational capability to carry out their work safely and without risk to health, and they must ensure all workers have site-specific inductions, and any further information and training they need.

MSite uses biometrics as the most pertinent means of proving your identity and to allow you to access site as this provides a secure, reliable and fast method. We are committed to protecting and respecting your privacy and understand that this data is sensitive and unique to you. We would like you to use your fingerprint, but if you’re uncomfortable with this, MSite can give you a PIN number instead.

The Principal Contractor decides whether biometric functionality is used and is responsible for identifying the appropriate lawful basis and any applicable special category condition under data protection law.

Location Information

Where enabled, attendance transactions may include GPS location data captured at the time an attendance transaction is created.

Location data is collected only during attendance or operational workflows initiated by authorised users and is not used for continuous background tracking.

Images and Attachments

The App may process:

Signatures

The App may capture signatures for briefings and compliance workflows.

Authentication Information

To access the App, authorised users must authenticate using their MSite account credentials or using SSO if configured by the Principal Contractor.

How Information Is Collected

Most data collection activities are manually initiated by authorised supervisor users during operational workflows.

How We Use Information

Information collected through the App may be used to (depending on the instructions of the Principal Controller):

How we keep your personal data safe:

In order to ensure your personal data is safe at MSite we:

Unfortunately, sending information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of personal data sent to our portal; you send us personal data at your own risk. Once we have received your personal data, we will use strict procedures and security features (some of which are described above) to try to prevent unauthorised access.

Facial Images and Biometric Processing

The App may allow profile photographs to be manually captured or uploaded for workforce identification and profile management purposes.

Unless explicitly enabled by a Principal Contractor as part of separate MSite services, the App itself is not intended to perform covert facial surveillance or continuous biometric monitoring.

Profile images are stored securely on the server. Where facial recognition is configured to be used by the Principal Contractor, biometric templates and generated and securely stored on the server.

Templates are synced onto devices for use by the App and kept securely.

Offline Data Storage and Synchronisation

Some App features support offline operation.

To support offline workflows, certain workforce and operational data may be temporarily stored on the device until synchronisation with MSite servers occurs.

This may include:

Users may remove locally stored data using the App’s device reset functionality.

Sharing of Information

Information processed through the App may be shared with:

We do not sell personal information.

MSite may share Personal data collected from Platform Users under the following circumstances:

Data Security

We implement reasonable technical and organisational measures designed to protect information processed through the App, including:

Data Retention

Information is retained in accordance with:

Retention periods may vary depending on the type of data and the Principal Contractor’s configuration.

The personal data stored within MSite is not used for any advertising or marketing purposes.

Your Rights

Depending on your location and applicable law, you may have rights relating to your personal information, including rights to:

Requests should normally be directed to the organisation administering your MSite system.

Children’s Privacy

The App is intended for workforce and operational use and should not be used by children.

Third-Party Services

The App may rely on third-party infrastructure or platform services including:

Sub-Processor Types of data Transferred Purpose for the data transfer Location
Amazon Web Services* All Infrastructure as a Service provider London, United Kingdom
Amazon Web Services* All Infrastructure as a Service provider Dublin, Ireland
Twilio First name, Last name, Phone number Invite to employee to complete online registration USA
Loqate Employee Postcode, Lodging Postcode Travel distances to Site UK
CITB Construction Training Register Last name, DOB, NI number Validate employee details UK

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updated versions will be made available through appropriate channels.

Contact Us

MSite

The Bunker, 25 Innovation Blvd, Liverpool, United Kingdom, L7 9PW

Email: dpo@msite.com

Website: https://infobric.com/uk/en/platforms/msite/