Who we are
SiteSafe (Pty) Ltd is a South African company providing health, safety and environment compliance software to subcontractors. We are the responsible party for the personal information described in this policy as defined in the Protection of Personal Information Act, 2013 (POPIA).
What we collect
- Account details for users you create — name, work email, role assignment.
- Worker records you upload — names, clock numbers, job titles, masked ID numbers.
- Compliance documents — medicals, training certificates, site inductions and metadata about each.
- Operational logs — IP address, browser, login attempts, and changes you make in the application.
How we use it
We use this information solely to operate the service you've signed up for — running readiness checks, generating audit files, sending expiry notifications, and protecting accounts from unauthorised access. We do not sell personal information and we do not use it to train AI models.
Where it lives
Production data is stored in databases hosted in the European Union region of our infrastructure provider. We use row-level security so that data belonging to one customer is never accessible to another. Backups are encrypted at rest.
How long we keep it
While your account is active we keep your data for as long as you need it. On termination we delete or anonymise account data within 90 days, except where retention is required by law (for example, audit-trail records under the Occupational Health and Safety Act).
Your rights under POPIA
- Access — request a copy of personal information we hold about you.
- Correction — ask us to fix anything inaccurate.
- Deletion — ask us to remove information no longer needed.
- Objection — object to processing on legitimate grounds.
- Complaint — lodge a complaint with the Information Regulator (South Africa).
Contact
Email privacy@sitesafe.co.za for any privacy-related request, including POPIA Subject Access Requests.