Back to Home

Privacy Policy

Last updated: May 2026

1. Introduction

IPAFOperatorUK Ltd, trading as IPAF Operator UK ("we", "us", or "our"), is committed to protecting your privacy.

This Privacy Policy explains how we collect, use, store, and share personal data when you use our website, platform, booking services, or temporary operator supply services.

We operate as a temporary employment agency supplying certified powered access equipment operators to construction, industrial, facilities management, infrastructure, and related clients on a temporary assignment basis.

We are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

For Operators / Subcontractors

  • Full name
  • Email address
  • Phone number
  • Address or general work location
  • Location and travel radius
  • IPAF card details, including card number, categories, and expiry date
  • CSCS or other relevant certification details
  • Work experience and availability
  • Day rate or preferred working arrangements
  • Profile photo, where provided
  • Right-to-work confirmation or related compliance information where required
  • Insurance information, where requested
  • Records of assignments, bookings, communications, and work history through our platform

For Clients / Businesses

  • Company name
  • Contact name
  • Email address
  • Phone number
  • Billing details
  • Site address and job location
  • Job requirements and assignment details
  • Purchase order numbers, invoice details, payment terms, and booking history
  • Communications relating to bookings, assignments, disputes, or account management

Automatically Collected Information

When you use our website or platform, we may collect:

  • IP address
  • Browser type and device information
  • Pages visited and time spent on the platform
  • Login, security, and session data
  • Cookies and similar tracking information

3. How We Use Your Information

We use personal data to:

  • Create and manage user accounts
  • Verify operator qualifications, certifications, and suitability for assignments
  • Match operators with client requirements based on skills, certification, location, and availability
  • Arrange, schedule, and manage temporary work assignments
  • Share relevant assignment information between clients and operators
  • Process bookings, payments, invoices, and purchase orders
  • Send booking confirmations, assignment updates, account notices, and service communications
  • Manage disputes, cancellations, non-attendance, or operational issues
  • Improve the website, platform, and user experience
  • Maintain records for accounting, compliance, insurance, and legal purposes
  • Prevent fraud, misuse, or unlawful activity
  • Comply with legal and regulatory obligations

4. Legal Basis for Processing

Contract

Where processing is necessary to provide our services, manage accounts, arrange assignments, process bookings, or communicate with users about work or services.

Legitimate Interests

Where processing is necessary for our legitimate business interests, including operating a temporary labour supply service, verifying credentials, managing client and operator relationships, improving our platform, preventing fraud, and protecting our legal rights.

Consent

Where we rely on your consent, such as for certain marketing communications or optional profile information. You can withdraw consent at any time.

Legal Obligation

Where processing is required to comply with legal, accounting, tax, regulatory, or law enforcement obligations.

5. Sharing Your Information

Clients and Operators

Relevant operator details may be shared with clients for assignment suitability, booking, site attendance, compliance, and operational purposes. Relevant client, job, and site details may be shared with operators to allow them to assess, accept, attend, and complete assignments.

Service Providers

We may share data with trusted third-party providers who help us operate our services, including Stripe or other payment processors, website hosting providers, database and platform providers, email and communication providers, analytics providers, and accounting, legal, compliance, or insurance support providers.

Legal and Regulatory Bodies

We may share data where required by law, court order, regulator, tax authority, law enforcement body, or where necessary to protect our rights, users, or business.

We do not sell personal data to third parties.

6. Data Retention

  • Account and platform data may be kept while your account remains active.
  • After account closure or deletion, we may retain certain records for up to 6 years where needed for legal, accounting, tax, insurance, contractual, dispute, or compliance reasons.
  • Some technical, analytics, or security records may be retained for shorter periods unless required for investigation, fraud prevention, or legal protection.

7. Your Rights

Under UK data protection law, you may have the right to:

  • Request access to your personal data
  • Request correction of inaccurate or incomplete data
  • Request deletion of your personal data
  • Request restriction of processing
  • Request data portability
  • Object to processing based on legitimate interests
  • Withdraw consent where processing is based on consent
  • Complain to the Information Commissioner's Office

To exercise your rights, contact us at:

Email: info@ipafoperator.co.uk

We will respond within the required legal timeframe, normally within one month.

8. Cookies

We use cookies and similar technologies to operate and improve the platform.

Essential Cookies

Used for authentication, security, account login, session management, and platform functionality.

Analytics Cookies

Used to understand how visitors use the website and improve performance. We may use tools such as Google Analytics, Plausible, or similar services.

You can manage cookies through your browser settings. Blocking certain cookies may affect platform functionality.

9. Data Security

We use appropriate technical and organisational measures to protect personal data, including HTTPS encryption, access controls, secure authentication, and restricted access to user data.

However, no online system is completely secure. We cannot guarantee absolute security, but we take reasonable steps to protect personal data from unauthorised access, loss, misuse, or disclosure.

10. International Transfers

Some of our service providers may process personal data outside the United Kingdom. Where this happens, we take reasonable steps to ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or equivalent protection mechanisms.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Where changes are significant, we may notify users by email or by placing a notice on our website or platform. Continued use of our services after updates means the revised policy applies.

12. Contact Us

For privacy-related questions or requests, contact:

IPAFOperatorUK Ltd

Email: info@ipafoperator.co.uk

You also have the right to complain to the Information Commissioner's Office at ico.org.uk.