Privacy Policy

1. Data We Collect

We collect the following categories of personal data when you use DCSO Hub:

• Account data: name, work email address, professional role.
• Usage data: pages visited, features used, hazards inherited.
• Content data: posts, replies, and hazard entries you create.

2. How We Use Your Data

• To provide and improve the Platform.
• To send you relevant clinical safety updates (where you have opted in).
• To verify your professional credentials for the Verified CSO badge.
• To comply with legal obligations under UK law.

3. Legal Basis (UK GDPR)

We process your data under the following lawful bases: contract performance (to provide the service), legitimate interests (platform security and improvement), and consent (newsletter communications).

4. Data Sharing

We do not sell your personal data. We may share data with Firebase (Google) as our cloud infrastructure provider, subject to a Data Processing Agreement. We will disclose data to authorities where legally required.

5. Data Retention

Account data is retained for the lifetime of your account plus 12 months after deletion. Usage logs are retained for 90 days.

6. Your Rights

Under UK GDPR, you have the right to:

• Access the personal data we hold about you.
• Request correction or erasure of your data.
• Object to processing or request restriction.
• Lodge a complaint with the ICO (ico.org.uk).

7. Cookies

We use essential cookies for authentication and session management only. No third-party advertising cookies are used.

8. Contact

For privacy queries or data subject requests, contact us via the support page.