Effective Date: 19th May 2026
The MSite Supervisor App (“the App”) is a workforce management and site operations application provided by Infobric Limited trading as MSite, registered address The Bunker, 25 Innovation Boulevard, Liverpool, England, L7 9PW, company number 04363275 and ICO registration number ZA068354(“MSite”, “we”, “our”, or “us”).
As you utilise the MSite online portal, the information collected is controlled by the portal owner (“Principal Contractor”) who act as the Data Controller. Infobric Ltd operate and manage the MSite online portal on behalf of the portal owner (“Principal Contractor”) and act as their Data Processor.
The MSite portal owner (“Principal Contractor”) will have their own privacy policy which you should reference to understand how they manage your personal data, including but not limited to their reasons for holding the data and how long they hold the data for.
The App is designed for authorised supervisors and workforce management personnel to manage operational activities including attendance logging, workforce onboarding, briefing attendance, accreditation checks, roll call procedures, and related site safety and compliance workflows.
This privacy policy has been updated for the UK / EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 as applicable and illustrates how we use your personal data when you visit or record your personal information in MSite. MSite only does when instructed by the Principal Contractor.
We have provided this policy to ensure that you understand what personal data we collect and hold about you, what we may use it for and how we keep it safe. You have legal rights to access the personal data that we hold about you and to control how we use it which are also explained.
The App is not designed for covert surveillance, device monitoring, or background tracking of users or devices.
Depending on how the App is used and configured by the Principal Contractor, the App may collect and process the following categories of information:
Any personal data collected about you in MSite is collected on behalf of a Principal Contractor and as such subject to their privacy policy.
Where enabled by the Principal Contractor, authorised users may capture or upload workforce-related documents and attachments, including:
The App may process:
The Principal Contractor has responsibilities to protect your health and safety, requires them to prevent unauthorised access to site, ensure anyone they appoint has the skills, knowledge, experience and, where relevant, the organisational capability to carry out their work safely and without risk to health, and they must ensure all workers have site-specific inductions, and any further information and training they need.
MSite uses biometrics as the most pertinent means of proving your identity and to allow you to access site as this provides a secure, reliable and fast method. We are committed to protecting and respecting your privacy and understand that this data is sensitive and unique to you. We would like you to use your fingerprint, but if you’re uncomfortable with this, MSite can give you a PIN number instead.
The Principal Contractor decides whether biometric functionality is used and is responsible for identifying the appropriate lawful basis and any applicable special category condition under data protection law.
Where enabled, attendance transactions may include GPS location data captured at the time an attendance transaction is created.
Location data is collected only during attendance or operational workflows initiated by authorised users and is not used for continuous background tracking.
The App may process:
The App may capture signatures for briefings and compliance workflows.
To access the App, authorised users must authenticate using their MSite account credentials or using SSO if configured by the Principal Contractor.
Most data collection activities are manually initiated by authorised supervisor users during operational workflows.
Information collected through the App may be used to (depending on the instructions of the Principal Controller):
In order to ensure your personal data is safe at MSite we:
Unfortunately, sending information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of personal data sent to our portal; you send us personal data at your own risk. Once we have received your personal data, we will use strict procedures and security features (some of which are described above) to try to prevent unauthorised access.
The App may allow profile photographs to be manually captured or uploaded for workforce identification and profile management purposes.
Unless explicitly enabled by a Principal Contractor as part of separate MSite services, the App itself is not intended to perform covert facial surveillance or continuous biometric monitoring.
Profile images are stored securely on the server. Where facial recognition is configured to be used by the Principal Contractor, biometric templates and generated and securely stored on the server.
Templates are synced onto devices for use by the App and kept securely.
Some App features support offline operation.
To support offline workflows, certain workforce and operational data may be temporarily stored on the device until synchronisation with MSite servers occurs.
This may include:
Users may remove locally stored data using the App’s device reset functionality.
Information processed through the App may be shared with:
We do not sell personal information.
MSite may share Personal data collected from Platform Users under the following circumstances:
We implement reasonable technical and organisational measures designed to protect information processed through the App, including:
Information is retained in accordance with:
Retention periods may vary depending on the type of data and the Principal Contractor’s configuration.
The personal data stored within MSite is not used for any advertising or marketing purposes.
Depending on your location and applicable law, you may have rights relating to your personal information, including rights to:
Requests should normally be directed to the organisation administering your MSite system.
The App is intended for workforce and operational use and should not be used by children.
The App may rely on third-party infrastructure or platform services including:
| Sub-Processor | Types of data Transferred | Purpose for the data transfer | Location |
|---|---|---|---|
| Amazon Web Services* | All | Infrastructure as a Service provider | London, United Kingdom |
| Amazon Web Services* | All | Infrastructure as a Service provider | Dublin, Ireland |
| Twilio | First name, Last name, Phone number | Invite to employee to complete online registration | USA |
| Loqate | Employee Postcode, Lodging Postcode | Travel distances to Site | UK |
| CITB Construction Training Register | Last name, DOB, NI number | Validate employee details | UK |
We may update this Privacy Policy from time to time. Updated versions will be made available through appropriate channels.
MSite
The Bunker, 25 Innovation Blvd, Liverpool, United Kingdom, L7 9PW
Email: dpo@msite.com