How SamePage handles personal data across quotes, projects and property records

1. Controller and contact details

SamePage is a Trent End Ventures Ltd product. For UK data protection purposes, Trent End Ventures Ltd is the controller for the platform data it collects and uses to operate SamePage.

For privacy requests and concerns, contact trust@samepage.build. If your query relates to data entered by a business into SamePage, we may direct or copy that business where needed because they may also be a controller for their own processing.

2. Data we collect

• Account information such as names, email addresses, company details, role selection and login/session data.
• Project information such as trade type, job description, rooms, fixtures, access notes, parking detail, photos, floorplans, condition flags and customer approvals.
• Operational information such as quote versions, Scope of Works records, variation history, appointment events, FastTrack booking data and customer-portal interactions.
• Business and compliance information such as company profile data, badge or accreditation documents, insurance detail and partner-linking status.
• Property and materials information such as site, unit and area context, handover records, property history and materials-ledger postings.

3. Data sources

• Data you give directly when creating accounts, requesting quotes, uploading documents or using messages and approval flows.
• Data generated by platform activity, such as timestamps, version history, login events, booking events and status changes.
• Data shared by linked businesses, PMs, contractors or partner trades where workflow permissions allow that sharing.
• Limited data from third-party systems used for authentication, security, payment, messaging or compliance support.

4. How we use personal data

• To create and secure accounts, authenticate sessions and protect the platform.
• To route quote requests, show customer-safe project records, support booking flows and maintain project timelines.
• To store approvals, changes, messages, photos and operational history so users can run and evidence jobs.
• To review trust badges, investigate misuse, resolve support or legal issues and enforce platform rules.
• To improve product features, provided we do so lawfully and with appropriate safeguards.

5. Lawful bases

Depending on the context, SamePage uses personal data because it is necessary to perform our contract with the user, because it is necessary for our legitimate interests in operating and protecting the platform, because we need to comply with legal obligations, or because consent has been given where consent is the appropriate basis.

Where a business user inputs customer, staff, contractor or partner data into SamePage, that business is responsible for ensuring it has an appropriate lawful basis for that use.

6. Visibility, sharing and separation

SamePage uses role and surface separation so customer-facing portals do not expose internal pricing, margin, staffing notes or other business-only records by default. Customer-safe visibility is part of the product design, but users must still control credentials and sharing behaviour responsibly.

Data may be shared with the relevant customer, business, PM, contractor or partner trade where that sharing is required by the workflow, authorised by the relevant user, or necessary for coordination, support, compliance, safety, security or dispute handling.

7. Property history, materials ledger and future works context

SamePage may retain property and project context to support future jobs, reduce repeated data capture and preserve operational history. That can include route changes, installed items, handover photos, variation context and materials-ledger movements.

Those records are kept for platform continuity and operational evidence. They are not intended to be public and are not treated as open property dossiers.

9. International transfers

Where providers process data outside the UK, SamePage applies appropriate safeguards such as adequacy regulations, approved transfer mechanisms and contractual protections proportionate to risk.

Cross-border processing is limited to what is reasonably necessary to operate, secure and support the platform.

10. Retention

We keep data for as long as reasonably necessary for the purposes explained in this policy, including account administration, project continuity, support, dispute handling, security, compliance and record keeping.

Retention periods vary by data type. Some project, property and financial-supporting records may need to be kept longer than basic account profile data because they support future works, evidential needs or legal obligations.

11. Security

SamePage uses technical and organisational measures appropriate to the nature of platform data and foreseeable risk, including access controls, role separation and audit-oriented workflow records.

No system is perfectly secure. Users must also protect account credentials, devices and sharing behaviour.

12. Your rights and complaints

You may have rights to request access, rectification, erasure, restriction, objection and data portability. Those rights are subject to legal exceptions and may differ depending on why the data is being processed.

For privacy requests or complaints, use the legal contact route at trust@samepage.build. You may also complain to the Information Commissioner's Office if you think your data has been handled unlawfully.

13. Children

SamePage is designed for adults arranging or delivering property and trade services. It is not intended for unsupervised use by children.

If you think child personal data has been uploaded inappropriately, contact trust@samepage.build so the issue can be assessed and addressed.

14. Policy updates

SamePage may update this policy to reflect legal, product or operational changes. Material updates will be posted in the legal section with an updated date.