Privacy & Cookie Policy

OSPR Privacy & Cookie Policy version

Last updated 22/05/2018

About OSPR

The Offshore Safety Professionals Register (OSPR) was incorporated 7th October 2015 and is registered in the UK; 56 King Street, Aberdeen, AB245AX c/o Mint Accountants.

Our company registration number is number: 517345.

About this Privacy Policy

It’s our intention to make the OSPR privacy policy as simple and as clear as possible to understand. At its basic level,  our users hand us their data to improve their career prospects and we in turn use it to offer our users the best possible opportunities we can.  We will do our utmost to keep it safe, correct and not do anything untoward with it.

This privacy policy covers all visitors and users of the OSPR website and myOSPR portal, as well as any offline activities that make take place between users and OSPR employees.

If you have any questions relating to our privacy policy please e-mail info@ospr.co.uk.

You must be 18 years and above to use OSPR and therefore we don’t collect any data involving users under 18.

Our website and portal

The OSPR website and portal area consists of the following areas:

  • OSPR main website:
    this is the main website under the www.ospr.co.uk banner. It includes the frontend for all public and guest visitors to OSPR.
  • myOSPR members portal:
    this is the portal area that subscribed members to the OSPR platform use.

A visitor and user of OSPR can be classified as one of the following:

  • A Guest
    An anonymous visitor to www.ospr.co.uk and one which we hold no identifiable data on.
  • Active member
    An active member is someone who has signed up to OSPR fully paid up to OSPR and has received their membership number.
  • Lapsed member
    Someone who has previously had an OSPR membership but it has not renewed. OSPR memberships normally last 1 calendar year and are automatically renewed. A lapsed member may have not renewed because their card details were invalid, they had insufficient funds or they chose not to renew their account.
  • Interested member
    This is someone who has filled out a contact form or sat the eligibility test who as a result may hold identifiable information on.
  • Other
    Someone who has made contact with OSPR of their own accord who doesn’t fall into any other category.

How we deal with data

We collect anonymous device data, such as browser, operating system, screen size and IP address for statistical and marketing analysis. This data does not allow for users to be identified and is aggregated together to provide an overall view of OSPR and it’s visitors.

If you contact OSPR through an online form we will collect your contact details as well as device data including IP addresses. This data will be stored on our email system/CRM for administrative purposes as long as it is necessary to store. We will never use personal information you supply for any purposes other than replying to you unless you otherwise give us permission.  We may use anonymous aggregated information for administrational, statistical or marketing purposes.

For users who sit our eligibility test we will collect names, contact details, IP addresses and a brief history of certificates and work history in order to give an estimated member level. We will never use personal information you supply for any purposes other than replying to you or linking with your own personal profile when you sign up – unless you otherwise give us permission.  We may use anonymous aggregated information for administrational, statistical or marketing purposes.

For active members we generally keep a copy of all data you supply us (personal information, work history, CV, certificates, interests etc) for as long as you have an active or lapsed membership.

Your billing details will be passed onto our payment processor (Stripe) in order to carry out billing operations such as membership renewals and course bookings.  By using OSPR you agree to Stripes privacy policies which you can view at https://stripe.com/gb/privacy

We will automatically attempt to renew a members account for another calendar year on their membership anniversary date.

Account renewals and lapsed accounts

Accounts which do not renew automatically due to expired card details, incorrect card details or insufficient funds will remain active for 14 days in order for the user to continue using the service and update their card details. We will automatically attempt to renew an account 14 days later if it has failed. After this time, if the account still has not renewed it will become a lapsed account.

Users may also choose not to renew their account automatically. At this point they will become a lapsed account the day after their renewal date.

Lapsed accounts will be unable to use the myOSPR portal without renewing their membership which they can do anytime after their account has lapsed by logging in.

Lapsed accounts will remain on our system for 1 calendar year after they lapsed in order to allow the user to reactivate their account. After this point we will delete all data associated with the account. Users can request this happens sooner by e-mailing info@ospr.co.uk.

After an account has been deleted we may retain some identifiable information such as name and e-mail address for administrative purposes. You have a right for this information to be fully deleted under the GDPR Right To Be Forgotten rules.

3rd party access to data

At times we may partner with 3rd party companies to offer our users a more features and opportunities such as vacancies, courses and meetups. By using OSPR you agree for your data to be handed over to these companies.

We will only partner up and hand over data where it is beneficial to the end user in order to provide them with greater opportunities. We will only ever handover the bare minimum information required in order for our user to benefit (normally contact details but may include work history & certificate data if required).

You have the right to express that your data is not handed over to any 3rd party. This can be done in the privacy settings section of the myOSPR portal.  Please note if you refuse to have your details handed over to 3rd parties the courses and vacancies functionality of myOSPR will be unavailable to you.

Security, backups and data transfers

OSPR takes data security very seriously. All data is stored on secure servers in GDPR compliant data centres. Password information is encrypted using industry standard protocols and is not visible to OSPR or data centre staff.  Information is passed between you and our servers using SSL.

Billing/credit card information is stored on PCI compliant servers and encrypted to industry security standards. You can find out more about our billing providers privacy policy by visiting https://stripe.com/gb/privacy

Data is backed up regularly to secure servers.  Backups are encrypted and retained for 30 days and therefore  changes to your personal data may take 30 days to be fully off our systems.

It may be necessary at times for OSPR developers and engineers to take local copies of data for backup purposes. Our engineers are will only ever store data on encrypted and secure systems.

Under the conditions for transfer set out in Chapter 5 of the GDP code we may from time to time store your data outside of the EAA.

Who Has Access to your data?

 

  • Managing Members:
    Members who have submitted their data for the first time, or are looking to have their membership level re-evaluated will have their data shared with our Maginging Members.

    Managing members have access to a cut down version of a users profile, which includes name, certificates, employment history. It does not include contact information.

    This data is only viewable to a managing member for the purposes of reviewing your profile, at which point it is no longer visible.

    Managing members have been evaluated by OSPR and have signed privacy agreements regarding the handling of your data.

 

 

  • OSPR Staff, admins and developers
    At times we may partner with 3rd party companies to offer our users a more features and opportunities such as vacancies, courses and meet-ups. Please see 3rd party usage above.

 

Cookie Policy

OSPR and the myOSPR portal use cookies for technical purposes to improve the user experience.  The myOSR portal will not function correctly if you choose not to accept our cookie.

We do not use cookies to track our users out-with the OSPR website.

We use Google Analytics cookie and from time to time we may have various remarketing cookies in place on our website and myOSPR portal.

These remarketing cookies are for Google Adsense, Facebook, Twitter and LinkedIn.

These cookies adhere to users Do Not Track preferences.

Non-identifiable tracking information is available to OSPR.

Marketing Preferences

We have a marketing database of members and non-members.

Everyone on this list has opted in at some point in the past. You are able to remove yourself from this list at any time by clicking the unsubscribe link at the bottom of every email or by e-mailing info@ospr.co.uk

Members to OSPR will also be included in personal tailored information emails which you can remove yourself from in the privacy settings of the myOSPR portal.

Members to OSPR will receive transactional emails related to account issues such as security, billing and membership. As an OSPR user you are unable to opt out of these emails as they are important to the ongoing usage of your account. If you do not wish to receive these emails, you may cancel your OSPR account by e-mailing info@ospr.co.uk

Right To Be Forgotten

As part of the GDPR regulations we must adhere to your right to be forgotten.

Please see the ‘what happens when you don’t renew your membership’ section to see what will happen to your data once your account becomes inactive.

You can remove all the data we hold on you at any given point by e-mailing info@ospr.co.uk

We may ask some security questions in order to confirm your identity.

We will have 30 days in order to comply with your request however we look to achieve this quicker.

Right For Copy of Data

Under GDPR rules, you have a right for a copy of all the data we hold on and it must be sent to you in an easy to view format.

Generally speaking, all the data we hold on you is already available to view in the portal area of myOSPR.

You can request all the data we hold on you by e-mailing info@ospr.co.uk

We may ask some security questions in order to confirm your identity.

We will have 30 days in order to comply with your request however we look to achieve this quicker.

Right For Correct Information

Under GDPR rules, you have a right for all the information we hold on you to be correct.

Generally speaking, all information in our database can be amended yourself in the myOSPR portal.

Changes to this privacy policy

As a continuously developing platform there is potential for our privacy policy to change from time to time.  The latest edition will always be available on our website and within the myOSPR members portal.

We won’t contact our users for minor changes to the privacy policy.

If there are major changes to the privacy policy, we will notify users by email that by continuing to use the service they must agree to these changes.

Major changes would constitute a change in how we handle the data our users provide us and who owns this data.

Back to top