ZSE Dashboard
Privacy Policy
This policy describes how Zero Sequence Earthing Pty Ltd ("ZSE", "we", "us") collects, uses, stores and protects information when you use the ZSE Dashboard application ("the App"). The App is a field-data capture tool used by power systems engineers performing Current Injection Testing on substations and earthing systems.
1. Who is the data controller
Zero Sequence Earthing Pty Ltd is the data controller responsible for the personal data described below. You can contact our privacy team at info@zsearthing.com for any question about this policy or to exercise your rights.
2. What we collect, why, and on what basis
Account information
When you sign in, we collect the name, email address and stable user identifier ("sub") returned by your organisation's Microsoft Entra ID directory. This is required to attribute every measurement and audit record to a specific engineer. Lawful basis: contract — without it the App cannot fulfil its core purpose.
Field measurements you record
Every measurement you enter — Earth Potential Rise, touch and step voltages, continuity, current splits, fault levels, voltage limit profiles — is stored as part of your engineering record. Lawful basis: contract and legitimate interests in maintaining engineering records.
Optional GPS coordinates
Each measurement can optionally have a GPS location attached. The App prompts for your permission before reading the device GPS the first time. You can save any measurement without GPS. Coordinates stored on the audit trail are rounded to three decimal places (~ 111 metres) before logging. Lawful basis: consent (you choose whether to capture each one).
Injection-route recording (background location)
When recording an injection route, the App tracks your device's GPS location in the background — even while the screen is locked or the App is closed — so it can trace the path you walk from the EPR injection reference to a remote grid. A persistent notification is shown while recording is active. Location is collected only during an active recording session that you start by tapping Record, and stops when you tap Stop; it is not collected at any other time. The App shows an in-app disclosure and requests “Allow all the time” location access before recording begins, and you can decline or revoke it at any time in your device settings (route recording then simply does not run). Lawful basis: consent (you choose whether to record a route).
Optional reference photos
You can attach photos to a measurement using your device camera or gallery. The App prompts for camera and storage permissions before accessing them, and you can save any measurement without photos. Lawful basis: consent.
Audit metadata
Every create, update and delete action is logged with a timestamp and the identity of the user who performed it. This is required by good engineering practice and supports our compliance obligations. Lawful basis: legitimate interests and legal obligation.
Diagnostic and performance telemetry
We collect anonymised telemetry — request timings, exception traces, feature-usage counts and dependency latencies — through Microsoft Azure Application Insights. URLs containing OAuth authorisation codes are redacted before export, and your IP address is one-way hashed before storage. The telemetry is sampled at 5% and is not used to identify individual users. Lawful basis: legitimate interests in keeping the App reliable and secure.
3. What we do not collect
- We do not collect or read your contacts, calendar or messages.
- We do not collect financial information or payment-card details.
- We do not run advertising trackers or third-party analytics.
- We do not sell, rent or share your data with third parties.
4. Where data is stored
All personal data and engineering records are stored in Microsoft Azure (Australia East region), in the cit-dashboard-zse tenant operated by ZSE. Data is encrypted at rest using Azure-managed transparent data encryption and in transit with TLS 1.2 or higher.
On your device, the App uses local storage (IndexedDB on web, Capacitor Preferences on Android) so that you can continue to record measurements without an internet connection. Local data is replicated back to Azure as soon as the device regains connectivity.
5. Who can see your data
Within your organisation, access is governed by the role your Microsoft Entra ID administrator assigns to you in the ZSE Dashboard Enterprise application. Two roles exist:
- Engineer — can record, view and export measurements for the projects they have access to.
- Admin — additionally can see analytics and recover deleted projects and sessions.
ZSE staff with operational access to the Azure subscription may access the underlying database for support, security and reliability reasons. That access is logged and audited.
6. Sub-processors
| Microsoft Azure | Hosting, database, monitoring, identity (Australia East) |
|---|---|
| Microsoft Entra ID | Authentication and role management |
| Google Maps Platform | Map tiles when the map view is opened (no personal data sent beyond the visible map bounds) |
7. How long we keep your data
- Engineering records (projects, sessions, measurements, photos) — retained for the life of the underlying engineering work, consistent with industry record-keeping obligations.
- User account — retained while you are an active member of your organisation. We delete your personal attribution on request (see Your rights below). The engineering record remains, but your name is replaced with [redacted] on every audit row referring to you.
- Audit log entries — automatically pruned after 24 months by a scheduled retention job.
- Diagnostic telemetry — retained according to the Azure Application Insights default of 90 days.
8. Your rights
Subject to applicable law (the Australian Privacy Act 1988 and, where relevant, the GDPR), you have the right to:
- Access the personal data we hold about you.
- Correct data that is inaccurate or out of date.
- Receive an export of your data in a machine-readable format (available through the App, or on request).
- Request that your personal attribution be erased. We anonymise attribution on every audit row and delete your user record; the engineering record itself is retained.
- Withdraw consent for the optional GPS or photo features at any time, by revoking the relevant Android permission or simply not using the feature.
- Lodge a complaint with the Office of the Australian Information Commissioner (oaic.gov.au) if you believe we have mishandled your data.
To exercise any of these rights, email info@zsearthing.com. We will respond within 30 days.
9. Security
- All traffic between your device and our servers uses TLS 1.2 or higher.
- The database is encrypted at rest using Azure-managed keys.
- Authentication is handled by Microsoft Entra ID; we never see or store your password.
- Access to production infrastructure is restricted to ZSE staff who need it, with multi-factor authentication enforced.
- Database errors and exceptions are logged with structured metadata for incident response.
10. Children
The App is a professional tool for licensed engineers and is not directed at children. We do not knowingly collect data from anyone under the age of 18.
11. International transfers
Data is stored in the Australia East Azure region. Microsoft may process limited operational data — for example, identity tokens during sign-in — outside Australia under their standard contractual commitments. Google Maps tile requests are made to Google's global infrastructure when you open the map view.
12. Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top of this page reflects the most recent change. Material changes will be communicated to active users via the App.
13. Contact
Zero Sequence Earthing Pty Ltd
Email:
info@zsearthing.com
Web: zsearthing.com