Section: Privacy Policy | Sentry OHS

Legal

Privacy Policy

This Privacy Policy explains how Sentry OHS collects, uses, stores, and discloses personal and operational information when organizations and their users access our EHS management platform.

Last updated: March 20, 2026

This policy is drafted for general platform use and operational transparency. It may require legal review to align with your organization's contractual, regulatory, and industry-specific obligations before production use.

1. Scope and Legal Framework

Sentry OHS operates from Moncton, New Brunswick, Canada. We handle personal information in line with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), and apply privacy safeguards appropriate for an enterprise safety and compliance platform.

2. Information We Collect

We collect information required to provide and secure the platform, including:

  • Account and identity data: name, email, role, company affiliation, employee profile fields, and login metadata.
  • Organization and location data: company details, branch/store or job site records, supervisor/manager assignment data, and tenant configuration.
  • Operational safety data: hazards, incidents, FLHA records, checklist templates and submissions, meeting records, training records, equipment and inspection logs.
  • Attachments and evidence: files uploaded by users as part of hazard, incident, or operational reporting workflows.
  • Technical/security data: session activity, audit-related logs, CSRF/security tokens, and anti-abuse records such as login attempts.
  • Support and communications: contact form submissions and support correspondence.

3. How We Use Information

We use collected information to:

  • Authenticate users, enforce role-based access, and protect tenant boundaries.
  • Deliver EHS functions such as hazard/incident workflows, checklists, meetings, training, and reporting.
  • Generate operational dashboards and compliance metrics for authorized users.
  • Maintain data integrity, investigate misuse, and monitor platform security.
  • Provide customer support, communications, and service-related notices.
  • Meet legal, regulatory, and audit obligations where applicable.

4. Data Sharing and Disclosure

Sentry OHS does not sell personal information. We may disclose information:

  • Within your organization according to role permissions and tenant-level access controls.
  • To service providers acting on our behalf for hosting, security, backup, or support operations, under confidentiality and data protection obligations.
  • Where required by law, court order, regulatory request, or to protect rights, safety, and platform integrity.
  • In a business transaction context (such as merger or acquisition), subject to appropriate legal safeguards.

5. Data Storage and Security

We apply technical and organizational safeguards appropriate to the sensitivity of EHS and employee-related data, including access control, session security, tenant scoping, and secure handling of form submissions and credentials. No system can guarantee absolute security, but Sentry OHS uses reasonable safeguards to protect against unauthorized access, disclosure, alteration, and loss.

6. Cookies and Tracking

Sentry OHS uses essential session cookies and related local browser mechanisms needed for login state, form security, and core platform operation. We do not rely on broad advertising-tracker networks for platform access. If non-essential analytics or tracking tools are introduced later, this policy will be updated accordingly.

7. Data Retention

We retain information only as long as necessary for legitimate business purposes, contractual obligations, legal requirements, incident/audit traceability, and safety compliance recordkeeping. Retention periods vary by data type (for example, account records, investigation records, training history, and system logs). Data may be deleted or anonymized when no longer required, subject to legal and contractual limits.

8. Your Privacy Rights

Subject to applicable law and contractual constraints, individuals may request:

  • Access to personal information held about them.
  • Correction of inaccurate or incomplete personal information.
  • Deletion, restriction, or de-identification where lawful and operationally feasible.
  • Information about how personal information has been used or disclosed.

For tenant-managed accounts, requests may first be handled through your employer or account administrator, who controls many operational records submitted in the course of workplace safety activities.

9. International and Cross-Border Processing

Depending on infrastructure and service-provider arrangements, data may be processed outside New Brunswick or outside Canada. Where this occurs, we require contractual and organizational protections appropriate to the sensitivity of the information and applicable legal requirements.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect legal, operational, or platform changes. Revised versions become effective upon posting unless otherwise stated. Continued use of Sentry OHS after a policy update indicates acceptance of the revised policy.

11. Privacy Contact

For privacy requests, access/correction inquiries, or concerns about data handling, contact: support@sentryohs.com
Sentry OHS Privacy Team, Moncton, New Brunswick, Canada