Privacy and GDPR Notice

This system may process personal data for legitimate business, employment, health and safety, legal, contractual, and operational purposes.

Data Processed

• Employee and user identification details, role, contact details, training/certification records, PPE issue records, and signatures.
• Documents sent, received, signed, uploaded, printed, archived, and linked to employees or users.
• Maintenance tickets, job sheets, equipment logs, service sheets, inventory usage, photos, timestamps, and audit records.
• Login/session records, device records, IP information, and security events needed to protect the system.

Purpose

Data is used to operate the company, prove document delivery/signature, comply with health and safety obligations, manage HR files, maintain equipment, trace inventory, prevent misuse, and meet legal/audit requirements.

Security

• Uploaded files are encrypted at rest by the application before being stored.
• Protected files require login and relevant permission before opening.
• Passwords are stored using PBKDF2 hashing for upgraded accounts.
• Sessions use signed cookies and failed login attempts are limited.
• Admin and creator-protected actions are restricted and audited.

Rights

Where applicable under GDPR and Malta/EU data protection law, individuals may request access, correction, restriction, deletion where legally possible, or information about how their data is used. Some records may need to be retained for legal, safety, employment, accounting, or audit obligations.

Contact

For data protection requests, contact the company administrator or manager responsible for this system.