Privacy Policy

Last updated: 3 June 2026  ·  Polska wersja →

This policy explains how xSkylight LTD ("we", "us", "xSkylight") processes personal data through this website (xskylight.uk) and through the PV-Access mobile and web platform that we develop and operate as a software-as-a-service offering.

PV-Access is deployed for industrial clients (the "Customer"). For data processed inside the PV-Access platform on behalf of a Customer, the Customer is the data controller and xSkylight LTD acts as a data processor under Art. 28 GDPR. For data you submit directly to xskylight.uk (contact form, sales enquiries), xSkylight LTD is the data controller.

1. Who we are

xSkylight LTD is a company registered in England and Wales (Company No. 17163237), registered office at 167-169 Great Portland Street, 5th Floor, London W1W 5PF, United Kingdom. We develop AI-powered software for the utility-scale photovoltaic and hybrid energy industry, including the PV-Access access-control platform.

Data-protection contact: data-protection@xskylight.uk
General contact: contact@xskylight.uk

2. Data we process on xskylight.uk

If you submit the contact form on this website, we process the information you provide (name, email address, company name, message content) solely to respond to your enquiry. The legal basis is our legitimate interest in answering business correspondence (Art. 6(1)(f) UK GDPR). We retain this correspondence for up to 24 months from your last contact, after which it is deleted unless an ongoing commercial relationship requires longer retention under Art. 6(1)(b) (contract performance).

This website does not use third-party analytics, advertising trackers, or social-media plug-ins. A single technical cookie may be set to remember your cookie-banner choice; it stores no personal data and expires after 12 months.

3. PV-Access mobile and web platform

PV-Access is a software platform for physical access control at utility-scale photovoltaic construction sites. The platform consists of:

• Admin / Inspector mobile app — used by site managers, BHP (occupational-safety) specialists and inspectors to scan worker badges, view qualification status, and record incident reports.
• Kiosk mobile app — a tablet-mounted self-service device installed at site entry points. The kiosk scans worker badges, verifies entitlement, and records entry / exit events.
• Web admin console — used by Customer administrators and BHP specialists to manage workers, projects, badges, documents and reports.

For each Customer deployment, the Customer is the data controller and signs a Data Processing Agreement (DPA) with xSkylight LTD. The Customer is responsible for issuing the GDPR Art. 13/14 information notice to their workers and for collecting any consents required under local employment law (in particular Polish Kodeks Pracy Art. 22¹ regarding PESEL processing).

3.1 Categories of data processed in PV-Access

• Identity data: first name, surname, internal employee number or PESEL (where the Customer's legal obligation requires it), employer / sub-contractor name, role.
• Image data: worker headshot used on the badge (optional; controlled by Customer policy).
• Occupational-health documents: BHP certificates, training records, medical clearances. These may include data within the scope of Art. 9 GDPR and are processed under Art. 9(2)(b) (employment + occupational safety obligations).
• Location data: approximate GPS coordinates captured at the moment of an entry, exit, or incident scan. Used to confirm that the scan took place on the authorised site (geofence) and to detect anomalies.
• Verification logs: timestamped record of every badge scan (worker, project, decision, GPS, scanning device, scanning operator).
• Incident reports: free-text descriptions of safety or compliance incidents, optional photographs, severity classification (yellow / red card).
• Account data (for Customer staff using the apps): email address, hashed password, role, last-login timestamp, optional PIN.
• Device data (for kiosk / admin tablets): device identifier, enrolment status, software version, last-seen timestamp.

3.2 Legal bases (the Customer's processing)

• Art. 6(1)(b) GDPR — performance of the employment or sub-contracting contract (identity, BHP records).
• Art. 6(1)(c) GDPR — compliance with legal obligations under Polish Kodeks Pracy Art. 22¹ and Art. 94⁴ (employee records, BHP records, working-time records); UK Health and Safety at Work etc. Act 1974 where applicable.
• Art. 6(1)(f) GDPR — legitimate interest in operating access control to protect personnel and assets on construction sites, including verification of sub-contractor workers and capture of GPS position at scan.
• Art. 9(2)(b) GDPR — processing necessary for the carrying out of obligations in the field of employment, social security and occupational safety law (medical certificates).

3.3 Permissions requested by the mobile apps

• Camera — required to scan QR-encoded worker badges and to attach incident photographs. The camera is only activated by an explicit operator action (button tap). No images are captured or transmitted without operator action.
• Location (approximate, foreground) — required only at the moment a scan or incident is recorded, to verify the geofence and to attach the coordinate to the verification log. The apps do not request background-location permission and do not track movement between scans.
• Internet — required to synchronise data with the Customer's PV-Access backend.
• Photos / media storage (Android) — required when an operator selects an existing photograph to attach to an incident report. No bulk access to the device's gallery occurs.
• Notifications — optional; used to alert the operator to synchronisation status and to administrative messages from the Customer.

The PV-Access apps do not use advertising identifiers, do not integrate any third-party analytics SDK (Firebase Analytics, Google Analytics, Facebook SDK, etc.), do not use any social-login provider, and do not share data with advertising networks.

3.4 Local storage and encryption on the device

To support offline operation at sites with poor connectivity, the apps cache a subset of the Customer's worker database on the device. This cache is stored in an encrypted SQLite database (SQLCipher, AES-256). The encryption key is held in the device's secure storage (Android Keystore / iOS Keychain). On logout, on revocation of the device, or after five consecutive failed PIN attempts, the encrypted database is wiped.

4. Retention

• Verification logs (scans): 3 years from the date of the scan, then row-level anonymisation (worker identifier is nulled, the aggregate record is retained for statistical purposes).
• Incident reports: 3 years from creation, then anonymisation; longer if linked to an open legal claim.
• Worker identity and BHP documents: retained for the duration of the employment / sub-contracting relationship plus the period required by Kodeks Pracy Art. 94⁴ (currently up to 10 years from year of termination for records created from 2019 onwards; 50 years for older records).
• Account data of Customer staff: retained while the account is active and for 12 months after the account is disabled for audit purposes, then deleted.
• Website contact-form correspondence: up to 24 months from your last contact.

5. Recipients and sub-processors

We do not sell or rent personal data to anyone. We share personal data only with the following recipients, each bound by confidentiality and (where applicable) a Data Processing Agreement:

• Hosting infrastructure — virtual private server provider (Hetzner Online GmbH or equivalent EU-based provider). Production deployments are located in the European Union. Encrypted backups may be replicated within the EU.
• Email transit — the transactional emails sent by PV-Access (account invitations, password resets, alerts) are delivered through the mail.xskylight.uk SMTP submission server operated by xSkylight LTD. We do not use external bulk-email services such as SendGrid, Mailgun, or Postmark.
• Mobile-app distribution — Google Play Store (Google LLC, Google Ireland Limited) and the Apple App Store (Apple Distribution International Limited). The PV-Access apps do not use Google or Apple identity services, so these platforms do not receive worker data; they only receive standard app-store telemetry (downloads, crashes, device model).
• Antivirus scanning — uploaded documents are scanned locally on the backend server using open-source software (ClamAV). No documents are transmitted to a third-party scanning service.
• Auditors, regulators, courts — when required by law or in defence of legal claims.

A current list of sub-processors is available to Customers on request via data-protection@xskylight.uk.

6. International transfers

xSkylight LTD is established in the United Kingdom. The European Commission's adequacy decision of 28 June 2021 (extended in December 2024) recognises the UK as providing an adequate level of protection for personal data transferred from the EEA. No additional safeguards are therefore required for routine transfers between EEA-based Customers and xSkylight LTD as processor.

Production data is stored on servers physically located in the European Union. We do not transfer personal data to any third country outside the UK / EEA.

7. Security

• TLS 1.2 / 1.3 for all network traffic, with HSTS enabled.
• PostgreSQL row-level security separating Customer tenants; per-row access verified on every query.
• Argon2id password hashing; per-device pepper for kiosk PIN hashing.
• SQLCipher (AES-256) for on-device caches in the mobile apps.
• Append-only audit logs of every privileged action (verification, incident, role change, configuration change).
• Daily encrypted off-site backups; ransomware-resilient retention.
• Regular dependency scanning and security review of every code change.

A data-breach notification will be sent to the relevant supervisory authority within 72 hours of becoming aware of a notifiable incident, in accordance with Art. 33 GDPR; affected data subjects will be notified where required by Art. 34 GDPR.

8. Your rights

Under the UK GDPR and the EU GDPR you have the right to:

• access your personal data and obtain a copy (Art. 15);
• rectify inaccurate personal data (Art. 16);
• request erasure of your personal data, subject to legal retention obligations (Art. 17);
• restrict processing (Art. 18);
• data portability for data you provided under Art. 6(1)(b) (Art. 20);
• object to processing based on legitimate interest, including GPS capture (Art. 21);
• not be subject to a decision based solely on automated processing that produces legal effects concerning you (Art. 22). The PV-Access access decision can be reviewed by a human BHP specialist on request — the technical mechanism for human override is documented as WORKER_UNBLOCK in the system.

For data processed in PV-Access on behalf of a Customer, please address your request directly to that Customer (your employer or the site operator). If you do not know who that is, contact us at data-protection@xskylight.uk and we will route the request.

For data processed by xSkylight LTD as controller (this website, sales enquiries), contact data-protection@xskylight.uk directly.

You have the right to lodge a complaint with a supervisory authority — in the United Kingdom the Information Commissioner's Office (ico.org.uk), in Poland the Prezes Urzędu Ochrony Danych Osobowych (uodo.gov.pl).

9. Changes

We may update this policy from time to time to reflect changes in the platform, the law, or our sub-processor list. The current version is always published at this URL, with the "last updated" date at the top.

← Back to home  ·  Polska wersja