Last updated: February 15, 2026
We respect and protect your privacy. This notice is layered so you can find the information relevant to your relationship with SafePorter. Start with the summary below, then select your role or expand any topic for detail.
SafePorter is fully committed to protecting your privacy and handling your information in an open and transparent manner. This privacy notice sets out how we will collect, handle, store and protect information about you when:
If you are a survey or feedback respondent: If you provide information to us through MyDataProtected you can correct, amend, or delete your information at any time using your SafePorter ID through mydataprotected.com.
You can request a copy of your personal data through a SafePorter Data Subject Access Request via the organization you have a relationship with who sent you the survey and a SafePorter ID and we will respond to you directly through the contact information you provide in that form. (You have to go through that organization because SafePorter does not know who you are. We do not have your name or email or any way to verify your identity.)
If you are an Admin Portal user: You can delete your administrative account at ourdataprotected.com at any time, but will no longer have access to the Admin Portal.
We use Personal Data to:
All of SafePorter's tools have been built on and with adherence to privacy-by-design and zero trust security principals. We protect survey participant data by keeping it isolated to the region collected, only sharing aggregated data and insights with clients, avoiding conveying inter-sectional diversity data to clients even in the aggregate, and by withholding aggregate and insight data that could identify individuals.
Amazon Web Services (AWS) provides the cloud infrastructure on which the DataProtected platform operates.
We may change this Privacy Notice from time to time (for example, if the law changes). We recommend that you check this page regularly to keep up-to-date. If we make any material changes to the manner in which we process and use your personal data and we have your contact information, we will contact you to let you know about the change.
If you have queries about our use of your data please contact us at [email protected]
If you are based in the EU or UK and would prefer to raise a concern through our EU/UK Representative please title your e-mail "EU Representative" or "UK Representative".
Select your relationship with SafePorter for a notice specific to you.
For individuals completing surveys or providing feedback via MyDataProtected.com
At no time do we know your name or email address. You will have been invited to our platform by your employer/organisation, using a system that generated a unique SafePorter ID, known only to you, and access restricted within your employer/organisation.
Once you enter the survey site with your Organization Key and SafePorter ID, we become the Controller of any data you provide. Your employer will not have any access or rights to the data you provide except in the de-identified aggregate with other survey participants. At this point, your original SafePorter ID is hashed (changed) and converted to a new one. This is done to ensure the security and confidentiality of your responses. The ID that sits with your survey answers does not exist outside our systems and is not the same as the one you were provided as your SafePorter ID.
Through our MyDataProtected.com surveys, you may provide answers that give sensitive personal information about your race, gender, sexuality, ability, caregiver status or other diversity related data (all of the foregoing, "Diversity Identity Data").
We process Diversity Identity Data to provide aggregate-only diversity information or inclusion and other program feedback to employers and organizations that allow them insight into the status, progress, and effectiveness of their programs and initiatives.
We delete Survey Participant data as soon as your SafePorter ID is deactivated by your organization or the contract with your organization is finished, or when you log in with an activated SafePorter ID and delete your data, which you can do at any time.
For visitors to SafePorterSecure.com and OurDataProtected.com
This website (safeportersecure.com) is a static site and does not set cookies. The mydataprotected.com site, where survey participants are routed, does not use cookies either.
Cookies are small data files placed on your computer or mobile device when you visit a website. Cookies set by the website owner are called first-party cookies. Cookies set by parties other than the website owner are called third-party cookies. Third-party cookies enable third-party features or functionality to be provided on or through the website (e.g. advertising, interactive content and analytics).
Our current website does not use analytics, advertising, or tracking cookies. If this changes, we will update this notice and present a cookie consent mechanism before any non-essential cookies are set.
For SafePorter corporate clients and SafePorter vendors
As a corporate client or SafePorter vendor, we hold the contact and payment details required to carry out our contract with you, data to manage our relationship and, for clients, data to keep you up to date with changes and improvements to our services. This data would have been sourced from you directly. For potential clients or vendors, we may have collected your data from our own network, from websites and public sources. We then use this data to contact you about solutions.
For the purposes of the GDPR, our lawful basis for processing your data is a combination of Contract and Legitimate Interest. We use legitimate interest when we use your data to keep you up to date with changes and improvements to our goods and services, or contact you with a view to introducing you to our products. Our legitimate interest balancing test indicates that this is a legitimate purpose; it is necessary for the purpose of keeping you updated and growing our business, and unlikely to cause you risk or harm. All other data is processed to enable us to fulfill our contract with you and manage our relationship with you.
Like most companies, we use a number of other companies as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. We also transfer your data to our accountants to ensure we are paid appropriately. Where you are UK or EU based and data is transferred outside of the UK/EEA, we ensure that appropriate protection and mechanisms are in place, for example Standard Contractual Clauses. We do not sell your data to anybody.
We hold contact information for Corporate Clients and SafePorter vendors for the length of time that you are a client of ours, then for another 5 years in case of any dispute.
For individuals with admin access to OurDataProtected.com or the DataProtected app
We collect data when your organization provides your information as an admin user for OurDataProtected.com or the DataProtected app, or when you create an Admin Portal account. When you register or are registered by your organization we will collect your name and your work email. When you use the Admin Portal we will collect your IP address, login information, browser type and version, time zone setting, browser plug-in types, and geolocation information about where you may be.
We collect the following Personal Data from you, your employer, or your device as OurDataProtected account administrators for your organization:
We process Personal Identifiers for the purposes of providing you access to your organization's OurDataProtected Admin Portal. The legal basis for this processing is the performance of our contract with your employer.
As an Admin User, we may also send you information about new features of the DataProtected Tools or updates to our user guides. You can opt-out of emails from SafePorter at any time by emailing [email protected].
We will verify that your organization has provided your e-mail address as a valid and current designated Admin portal user. If you need to change or delete that information at any time you can do so from "My Account" on ourdataprotected.com.
As an Admin User, we will only keep your personal data for six months after the deletion of your account. Admin User data, unlike Survey Participant data, is stored in the United States.
For vendors of our clients who complete ESG surveys via the Vendor Portal on ourdataprotected.com
As a Vendor Portal user we hold the contact information for the designated party at the vendor organization who completed the ESG, security or other survey at the request of, and for submission to, our client. This data would have been sourced from you directly.
All Vendor Portal data is processed to enable us to fulfill our contract with our client and to manage our relationship with you as a Vendor survey respondent.
Like most companies, we use a number of other companies as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where you are UK or EU based and data is transferred outside of the UK/EEA, we ensure that appropriate protection and mechanisms are in place, for example Standard Contractual Clauses. We do not sell your data to anyone.
We hold contact information for Client Vendors for the length of time that the client contract is in place, plus up to an additional 90 days for the client to be able to access and copy it if they wish.
For current and prospective investors, shareholders, and board members
As an investor or private shareholder in SafePorter, we hold your contact and investment details. This data will have been sourced directly from you in the course of your investment. We use this data to pass to the regulators*, to issue your share certificates** and to manage our relationship with you***.
As a Board or Advisory Board Member we hold your contact details. This would have been sourced directly from you.
Our lawful basis for processing your data is a legal obligation*; contractual obligation** and legitimate interest***. Our legitimate interest balancing test indicates that this is a legitimate purpose; you would not be surprised to hear from us based on the nature of our relationship, and our processing does not cause any harm or risk to you as a data subject.
We share your contact details in line with our regulatory requirements, so will be listed in official documents such as company filings and would be used in any potential data room. Like most companies, we use a number of other companies as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. If you are based in the UK/EU and data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example, Standard Contractual Clauses.
As a shareholder/investor or Board Member we hold your information for as long as we are legally required to do so.
We are SafePorter LLC, a trust platform enabling organizations to understand their diversity profiles and receive inclusion feedback in a way that protects the privacy of the individuals they seek information and feedback from. Our Data Protection Officer can be contacted by emailing [email protected].
This privacy notice applies if you have administrative access to a client dashboard via ourdataprotected.com or to the client-side DataProtected app; you have filled out a survey or provided feedback on mydataprotected.com; you or your organization have filled out a vendor survey through ourdataprotected.com; you are visiting safeportersecure.com or our other websites; or if you are a client, potential investor, or you have otherwise reached out to or been in contact with us by e-mail.
SafePorter plays two different roles when it comes to processing your data. In some situations, we act as a Controller, in others we are the Processor.
When we are a Processor: We are handling your data only in line with the instructions of an organization you are affiliated with (that organization is the Controller). We act as a Processor for client admin users designated by their organizations to access the aggregate dashboards, and vendor employees who fill out vendor surveys for our clients through the vendor portal.
When we act as a Controller: We are responsible for making decisions about how we handle the data we hold, and for protecting that data on your behalf and in line with data protection laws. We act as a Controller for users of our MyDataProtected.com surveys and inclusion feedback portal who have activated SafePorter IDs, SafePorter employees and job applicants, suppliers, clients, prospective clients, individuals who make inquiry of our organization, investors, and website visitors.
If you are an employee, member or student who has been invited to access and engage with our surveys, your information is handled in two parts: When you receive an invitation from your organization with your SafePorter ID, the Controller for the invitation process is your employer/school/organisation. (SafePorter does not send you emails or have any access to any name or contact information for survey participants.) Once you interact with the MyDataProtected survey platform, we become the Controller and we protect the diversity identity data, survey answers and inclusion feedback you provide. Your personal data is not shared at an identifiable level with your employer/organisation.
The organization who has assigned a survey to you determines the questions contained therein. When you complete a survey, we collect the information you choose to provide about the following categories based on your consent and your survey answers:
When you submit a survey or feedback on mydataprotected.com your data stays in the region designated by your organization. Only aggregated numbers or summary information indicating percentages that are large enough to protect individuals from being identified are transferred to the client Admin Portal.
When you register for or are provided an admin account, we will collect your name and your work email. When you use the Admin Portal we will collect your IP address, login information, browser type and version, time zone setting, browser plug-in types, and geolocation information. We will verify that your organization has provided your e-mail address as a valid Admin portal user. You can change or delete that information at any time from "My Account" on ourdataprotected.com.
When you reach out to make an inquiry by e-mail we collect your name, e-mail address, and any additional information you have provided therein.
As a data subject, you have a number of rights over your personal data under Data Protection Laws. If you wish to exercise any of your rights, please contact us at [email protected].
You can request access to a copy of the personal data which we hold about you, as well as details about why and how we use it. For survey participants you must complete a data subject access request through the organization that issued you a SafePorter ID as we cannot verify your identity. For all others please contact [email protected].
You can ask us to change or complete any personal data we hold about you which is inaccurate or incomplete. For survey participants with active SafePorter IDs you can login to mydataprotected.com and overwrite your prior answer at any time. For client designated admin users you can change your data in the "my account" section of the admin portal or application.
You have a right, under certain circumstances, to ask us to delete any personal data we hold about you. Please note that there may be situations where we must retain your personal data after a request for erasure where we have a lawful basis for doing so. For survey participants with active SafePorter IDs you can login to mydataprotected.com and opt to delete your data at any time.
You can ask us to restrict (i.e. prevent) the processing of your personal data where you have objected to our use of it and we have no lawful basis to contin supervisory authority. Our lead supervisory authority in Europe is the Irish Data Protection Commissioner, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland.
Security is the first ingredient in everything we build, and Privacy by Design is the core of our organization. Each aspect of our platform is isolated and distinct. Respondent and feedback data are stored in a separate and secure database that solely reports out in the aggregate.
All of SafePorter's tools have been built on and with adherence to privacy-by-design and zero trust security principals. We protect survey participant data by keeping it isolated to the region collected, only sharing aggregated data and insights with clients, avoiding conveying inter-sectional diversity data to clients even in the aggregate, and by withholding aggregate and insight data that could identify individuals.
When you submit a survey or feedback on mydataprotected.com your data stays in the region designated by your organization. Aggregated numbers or summary information indicating percentages only are transferred to the client Admin Portal that can be accessed by designated Admin Portal users of the organization that assigned and distributed the survey to you.
Please see our Vulnerability Disclosure Policy for information on how to responsibly report security vulnerabilities.
Children under the age of 18 are not allowed to use our services. If you are under 18 years old, we would need your parents' or guardian's consent to process your data and no SafePorter client should have designated you as a survey or feedback participant.
Last updated: February 15, 2026
This website (safeportersecure.com) is a static site hosted on Cloudflare Pages. It does not set first-party cookies and does not use analytics, advertising, or tracking scripts. Cloudflare, our hosting provider, may set a strictly necessary cookie (__cf_bm) for bot management and security purposes. This cookie is essential for the operation and protection of the website and does not require consent under applicable data protection laws.
The mydataprotected.com survey portal does not use cookies.
We use only strictly necessary cookies. If we introduce any non-essential cookies in the future, we will update this notice and implement a consent mechanism before they are set.
For information on managing cookies in your browser, visit allaboutcookies.org.
Questions about your data?
Privacy@safeportersecure.comIf you are based in the EU or UK and would prefer to raise a concern through our EU/UK Representative, please title your e-mail "EU Representative" or "UK Representative".