Last updated: 1 March 2025
FNVi Ltd ("FNVi", "we", "us", or "our") operates the Accord LTE platform (the "Service"), a construction commissioning and project management solution. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website at accordlte.com and use our Service.
By accessing or using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.
We are committed to protecting your privacy and handling your data in an open and transparent manner. FNVi Ltd is the data controller responsible for your personal data.
We collect several types of information for various purposes to provide and improve our Service to you.
When you register for an account, we collect your full name, email address, and password (stored in hashed form). If you set up two-factor authentication, we store the encrypted secret key associated with your authenticator app.
If you subscribe to a paid plan, we collect billing information including your company name, billing address, and payment card details. Payment card data is processed and stored by our payment processor, Stripe, and is never stored on our servers.
When you use Accord LTE, we collect data you provide within your projects, including item records, documents, inspection results, punch lists, certificates, safety reports, team member details, and any comments or annotations you create.
This data is stored securely and is only accessible to authorised members of your project workspace.
When you access the Service, we automatically collect certain information including your IP address, browser type and version, operating system, device type, pages visited, time and date of your visit, time spent on pages, and other diagnostic data.
We use cookies and similar tracking technologies to track activity on our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.
We use the data we collect for the following purposes:
We process your personal data under the following legal bases as defined by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018:
We do not sell your personal data to third parties. We may share your information in the following circumstances:
We engage third-party companies and individuals to facilitate our Service, provide the Service on our behalf, perform Service-related tasks, or assist us in analysing how our Service is used. These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Our key service providers include: Stripe (payment processing), MongoDB Atlas (database hosting), Vercel (application hosting), SendGrid and Resend (email delivery), and Vercel Analytics (usage analytics).
We may disclose your personal data in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend the rights or property of FNVi Ltd, prevent or investigate possible wrongdoing in connection with the Service, protect the personal safety of users of the Service or the public, or protect against legal liability.
If FNVi Ltd is involved in a merger, acquisition, or asset sale, your personal data may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.
The security of your data is important to us. We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.
These measures include encryption of data in transit using TLS (Transport Layer Security), encryption of data at rest using AES-256, two-factor authentication support for all user accounts, role-based access control limiting data access to authorised personnel, regular security assessments and vulnerability testing, and hosting in ISO 27001 certified data centres with 99.9% uptime.
While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee its absolute security.
We retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.
Account data is retained for the duration of your account. If you delete your account, your personal data will be removed within 30 days, except where we are required to retain it for legal or regulatory purposes.
Project data (items, documents, inspections, etc.) is retained for the duration of the project workspace. When a workspace is deleted by its owner, all associated project data is permanently removed within 30 days.
Automatically collected usage data is retained for up to 24 months for analytics purposes, after which it is anonymised or deleted.
Under the UK GDPR, you have the following rights in relation to your personal data:
To exercise any of these rights, please contact us at privacy@accordlte.com. We will respond to your request within one month.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe that your data protection rights have been violated. The ICO can be contacted at ico.org.uk.
Your information may be transferred to and maintained on servers located outside of the United Kingdom. If we transfer your personal data to a country outside the UK, we will ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the relevant authority, or that the transfer is to a country that has been deemed to provide an adequate level of data protection.
Our primary data hosting is within the European Economic Area (EEA). Some of our service providers may process data in the United States under appropriate safeguards.
Our Service is not intended for use by anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we will take steps to remove that information from our servers.
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this page.
For material changes, we will provide notice via email or a prominent notice on the Service prior to the change becoming effective.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
If you have any questions about this Privacy Policy or our data practices, please contact us: