We use essential cookies to make our site work. We'd also like to set optional analytics cookies to help us understand how you use it. See our privacy policy for more.
Cookie preferences
Choose which cookies you're happy with. Essential cookies are always on, they're needed for the site to work.
Essential
Required for the site to function. Includes security tokens and consent preferences. Cannot be disabled.
Analytics
Help us understand how visitors interact with the site so we can improve it. No data is sold to third parties.
Marketing
Allow us to personalise ads and measure the effectiveness of our campaigns across channels.
Trust your building information. Stand up to scrutiny.
We help building owners, housing associations and developers understand what information they hold, and whether it stands up to regulatory and safety scrutiny.
Independent assurance for resident, regulator, insurer, lender and operator scrutiny, across the United Kingdom.
Every legal obligation. Captured on site. Automatically.
From 1 October 2023, the Golden Thread became a legal requirement under the Building Safety Act 2022. Every duty holder involved in a higher-risk building must maintain structured, accessible digital records, or face criminal liability. Our methodology ensures every record your duty holders need is captured, structured and audit-ready.
Customisable forms for every job.
Easily create, customise and save different forms for every job or trade. Capture evidence, stay compliant, and hand over projects with confidence.
Drawings, pins and real-time tracking.
Mark up drawings with pin-point accuracy, track material usage, and get live visibility of who's on site and when, all in one connected app. Visual records of every activity, captured as it happens.
Approvals and client access built in.
Provide real-time visibility of project status, streamline QA workflows, and export branded reports with a single click. Hierarchical authentication ensures the right people see the right information.
Built for the whole team.
From contracts managers to operatives on site, GTQA works for everyone. Plan projects, organise visits, and keep everyone in sync without juggling spreadsheets. Designed to handle the unexpected without breaking your workflow.
"GTQA has transformed the way we work, it's easy to use, incredibly efficient, and backed by an excellent support team."
TLR Fire Stopping
Fire Protection
"We've got the confidence to scale. There's no limit to what we can take on now."
Frank Rogers Building Contractors
General Contracting
"Absolute game changer for photographic reporting. Easily customised to our individual requirements."
Fleet Insulation
Compliance & Safety
The technology
Gateway 2 to Gateway 3. Every record. Every time.
The Building Safety Regulator requires a complete digital audit trail before a higher-risk building can be registered and occupied. GTQA captures it at element level, per apartment, per floor, exactly as Regulation 31 requires.
01
Planner
See every job scheduled across the month, by location, floor and operative. Colour-coded by status so nothing gets missed and nothing gets double-booked.
Monthly calendar view
Jobs by location & floor
Colour-coded job status
02
Surveys & Installs
Each task is tied to a specific apartment, floor and element. Operatives attach documents, upload compliance photos and add site notes, all timestamped and ready for audit.
Task documents & photos
Per-element evidence capture
Assigned status tracking
03
Timesheets
Operatives see their jobs for the day the moment they open the app. Scan a QR code or enter a location code to clock in, proving they were on the right job, at the right time.
Today's tasks by location & floor
QR code & balcony code check-in
Works offline on site
04
Visual Records
Every visual record is tied to a specific apartment, floor and element, not just a general project folder. The exact structured format required by the Building Safety Act Golden Thread.
Per-apartment visual records
Task & element-level evidence
Audit-ready for handover
05
GPS Tracking
Every operative's location pinned on a live UK map. Know who's on site, who's travelling and who hasn't arrived, without making a single call.
Live operative locations
UK-wide coverage
Real-time updates
How we work
Every duty under the Building Safety Act. Technology-enabled assurance. The instrument we use to deliver it.
Features
Digital Site Forms
Fully configurable job sheets, inspections and surveys, built around your trade's specific requirements.
Planner
Schedule visits, assign operatives and manage multiple projects from one dashboard.
Signed Docs
Digital RAMs, method statements and toolbox talks, with full e-signature trails captured on site.
Timesheets
GPS-verified clock-in and clock-out, live site monitoring and payroll-ready timesheet exports.
Compliance
Photographic evidence
Approval workflows
Client reporting
Structured records stored securely in the UK, GDPR-compliant, and accessible to authorised dutyholders on request, as required under Regulation 31(2) of the Building Safety (Higher-Risk Buildings Procedures) Regulations 2023.
On site. In the office. Total visibility.
Our platform gives site operatives a structured capture tool and gives duty holders real-time visibility of every record, every site, every operative — from any device.
Project Manager
All tasks, one screen.
Project managers see every operative's jobs for the day, by location, floor and task, without calling anyone or chasing WhatsApp messages.
Planner
Plan the month at a glance.
Full monthly view of every job, colour-coded by status. Spot gaps, clashes and delays before they become problems on site.
Visual Records
Review site evidence in real time.
Photos, documents and visual records uploaded from site appear instantly. Review, approve or flag issues without waiting for end-of-day reports.
GPS Tracking
Your whole team on one map.
Every operative pinned live across the UK. See who's on site, who's en route and who's overdue, at a glance, from anywhere.
Web portal
GTQA iOS & Android
ISO 27001
GDPR Compliant
Smart Sync
⚡
Security at the core. Scale with confidence.
Whether you're running a single site or managing hundreds, GTQA scales effortlessly, keeping your data secure and your teams connected.
Fully customisable digital site forms that replace paper job sheets, inspection records and sign-off sheets, captured on site, in real time, tied to the right project and location.
Build forms specific to your trade, fire stopping surveys, insulation install records, M&E test sheets. No coding, no locked templates.
Location-stamped
Every form is tied to a specific project, building, floor and element, giving you a structured digital record ready for Gateway 2 or Gateway 3.
Instant sign-off
Supervisors and clients can sign off completed forms directly on site from any device. No printing, no scanning, no chasing.
How it works
Every record structured exactly how the Building Safety Regulator requires.
Paper forms can't prove when something was completed, who completed it, or where. GTQA forms are timestamped, GPS-tagged, and stored against the right apartment and element, automatically.
Attach photos directly to each form field
Works offline on site, syncs when signal returns
Export branded PDF reports in one tap
All records stored securely in the UK under ISO 27001
Location-verified clock-in and clock-out means every timesheet is tied to a real job, a real place, and a real time. No more chasing operatives. No more disputed hours.
Operatives clock in via QR code or location code. Their position is verified at the point of entry, no signal needed once on site.
Live site monitoring
See exactly who's on site right now, who's en route, and who hasn't checked in. Updated in real time from the dashboard.
Payroll-ready exports
Export timesheet data by operative, project or date range. Formatted and ready to hand straight to payroll, no reformatting needed.
On site
On site
En route
Not started
👥 2 of 4 on site
How it works
Prove who was on site, when, and for how long.
Timesheet disputes cost money and damage client relationships. GPS-verified records mean you always have a timestamped, location-confirmed record that's impossible to argue with.
QR code or balcony code clock-in tied to specific locations
Works offline, syncs automatically when signal returns
Compliance-grade photographic records tied to a specific apartment, floor and building element, not just a folder of photos. Exactly the structure the Building Safety Regulator requires.
Every photo is attached to a specific floor, apartment, and building element, creating a structured Golden Thread record automatically.
Timestamped & GPS-tagged
Every photo carries a verified timestamp and GPS coordinate. Impossible to dispute, impossible to fake, exactly what the BSR requires.
One-tap PDF reports
Generate a branded, client-ready photographic report in one tap, complete with element references, timestamps and your company logo.
How it works
A photo folder isn't evidence. A structured record is.
Under the Building Safety Act 2022, photographic evidence must be structured, retrievable, and linked to specific building elements. Dropping photos into a shared drive doesn't meet that bar, GTQA does.
Capture photos directly in the GTQA mobile app on site
Attach to a specific job, floor, apartment and element
Automatic timestamp, GPS tag and operative ID on every image
Stored securely in UK-based AWS infrastructure
Retrievable by dutyholders on request under Regulation 31(2)
📍 Floor 4 · Apt 12 · Fire door
Turn your photos into compliance records.
Structured, retrievable, and BSR-ready from day one.
Digital RAMs statements and Toolbox Talk sign-offs, requested, completed and stored without a single sheet of paper. Full e-signature trails captured on site, in seconds.
Operatives sign RAMs and Toolbox Talks directly on their phone, no paper, no printer, no chasing people after the fact.
Real-time completion tracking
See instantly who has and hasn't signed. Chase outstanding signatures with a single tap, before the job starts, not after.
Instant client sharing
Share signed documents with principal contractors and clients the moment they're complete, no email attachments, no delays.
Signed
Signed
Awaiting
✍️ RAMs sign-off · 2 of 3 complete
How it works
Paper sign-off sheets get lost. Digital ones don't.
A lost RAMs signature means you can't prove your operative was briefed before starting work. That's a liability. GTQA stores every signed document against the right job, operative, and date, permanently.
Send documents for signature from the web dashboard
Operatives sign on their phone in seconds
Timestamped signature trail stored against the job
Share completed documents with clients instantly
All records retained for your full compliance period
Never lose a RAMs signature again.
Digital sign-off from every operative, on every job.
See every job across every site on one calendar. Drag and drop to reschedule. Assign operatives to specific floors and locations in seconds.
Operative assignment
Assign any operative to any job, any site, any date. They receive their schedule instantly on the GTQA app, no separate notification needed.
Instant push updates
Job moved? Site closed? Push the change from the dashboard and your team sees it immediately on their phone, wherever they are.
How it works
Run multiple projects without the management overhead.
Growing teams drown in spreadsheets and group chats. The GTQA Planner gives every manager a live view of every operative across every project, and every operative a clear view of their day.
Schedule jobs by date, site, floor and operative
Operatives see their schedule the moment it's published
Reschedule with drag-and-drop, changes sync instantly
Integrates with GPS timesheets for attendance confirmation
Managers get alerts for no-shows and late arrivals
Site A
Site B
Unassigned
📅 3 jobs scheduled today
Ditch the spreadsheet. Run every job from one place.
The GTQA Planner is included in every subscription.
iOS and Android. Works fully offline in basements, plantrooms, and anywhere without signal, then syncs everything automatically the moment connection returns.
Capture forms, photos, signatures and timesheets with zero signal. Everything queues locally and syncs the moment you're back online.
iOS & Android
Native apps on both platforms. Fast, reliable, and designed for use with gloves on, large tap targets and a clean interface built for site conditions.
Secure by design
Role-based access means operatives only see their own jobs. Managers see everything. No data ever leaves UK-based servers.
📶 Offline, 4 records queued
Queued
Queued
✓ Synced when back online
Built for site conditions
Basements. Plantrooms. Stairwells. No signal needed.
Most compliance apps fall apart the moment you lose signal. GTQA was built from the ground up for exactly the environments subcontractors work in, where signal is unreliable and stopping to reconnect isn't an option.
All features available with zero network connection
Whether you're in fire stopping, insulation, M&E, fit-out or any other safety-critical trade, GTQA captures the structured digital records that the Building Safety Regulator requires at Gateway 2 and Gateway 3.
Use cases
How GTQA is being used today.
From regional subcontractors to national contractors, see how teams are using GTQA to win more work and stay compliant.
Trusted by teams at contractors of all sizes.
Small and regional subcontractors use GTQA to professionalise their operations, replacing paper forms and WhatsApp chains with a single connected platform that clients trust.
Larger contractors use GTQA to standardise processes across multiple teams and sites, ensuring every operative records work consistently regardless of location.
Companies in fire stopping, passive fire protection, and safety-critical trades use GTQA to maintain audit-ready records that satisfy principal contractors and building control.
Growing subcontractors use GTQA to scale without adding admin overhead, onboarding new operatives quickly and maintaining quality as headcount increases.
Fire stopping and passive fire protection teams use GTQA to capture photographic evidence, record materials used, and generate branded handover packs that satisfy building regulations.
Insulation contractors use customisable GTQA forms to record installation details, material specifications, and survey findings on every job, with photos attached automatically.
General contractors use GTQA to coordinate multiple trades on site, tracking timesheets, managing planned visits, and keeping clients updated with real-time project status.
Mechanical and electrical contractors use GTQA to log test results, record commissioning data, and maintain a full digital trail from first fix through to handover.
Roofing and cladding teams use GTQA to document survey findings with pin-accurate drawing markups, making defect reporting and remedial planning straightforward.
Carry out detailed surveys using fully customisable digital forms. Attach photos, mark up drawings, and generate branded client reports in one tap from the app.
Request digital signatures on RAMs statements and Toolbox Talks from anywhere. Track completion in real time and share records with clients and principal contractors instantly.
Export branded project reports with a single tap. All data is securely stored and accessible to the right people at the right level, from operatives to client stakeholders.
What the Building Safety Act actually means for subcontractors in 2026.
Compliance
The Building Safety Act 2022 is now fully in force. For subcontractors working on higher-risk buildings, that means a legal obligation to maintain structured digital records, from first visit to handover. Here's what you need to know and what happens if you don't comply.
May 2, 2026
GTQA
Filter by category
No posts found Try a different search term or clear the filter.
Product
GPS timesheets: know your team is on site, every time.
QR code or location code check-in means every timesheet is tied to a real job, a real location, and a real time. No more chasing operatives for hours.
Compliance
Digital RAMs and Toolbox Talks, signed, tracked, done.
Paper sign-off sheets get lost. Digital signatures collected on site are timestamped, stored against the right job, and ready to share with your principal contractor.
Product
How the GTQA Planner keeps your jobs on track.
See every job scheduled across the month, assign operatives to locations, and push updates directly to their app, no calls, no spreadsheets.
Product
No signal? No problem. How GTQA works offline on site.
Basement plantrooms, remote sites, concrete stairwells, GTQA captures every record even without a connection and syncs automatically when signal returns.
Industry
What is the Golden Thread, and who is responsible for it?
The Golden Thread requires a continuous digital record of a building's safety information from design to demolition. But many subcontractors still don't know what their specific obligations are.
Attaching photos to a project folder isn't enough. GTQA ties every photo and document to a specific apartment, floor and element, exactly the structure the Building Safety Regulator requires.
Guides
Golden Thread explained: what it means for subcontractors.
The Building Safety Act 2022 introduced the Golden Thread. Here's what it legally requires from subcontractors, and how GTQA captures it automatically at every stage of a project.
News
GTQA recognised in the Top 50 Fast Growth Construction Tech Index.
We're proud to be included alongside some of the most innovative companies working to improve safety and efficiency in UK construction.
Industry
Why passive fire stopping needs better record-keeping.
Fire stopping failures often come down to documentation gaps, not bad workmanship. Digital per-element records change the risk profile entirely for fire protection subcontractors.
Meet your Building Safety Act obligations from day one.
30 minutes. No hard sell. We'll walk through your compliance position, explain how our methodology applies to your assets, and answer every question you have.
30 minutes, tailored. We show GTQA set up for your trade, not a generic tour.
No hard sell. Ask anything — pricing, onboarding, the Golden Thread.
Built for the build. Made with UK contractors for real site workflows.
Book your demo.
Thanks — we've got it.
Your demo request is on its way to our team. We'll be in touch within one business day to book a time that works for you.
Built for the people who build.
Built in the UK, for the trades that keep buildings safe.
We believe the Golden Thread shouldn't be a burden, it should be automatic. We built GTQA so that every subcontractor working on a higher-risk building can meet their legal obligations under the Building Safety Act 2022 without slowing down, without extra admin, and without risk of criminal liability.
We are GTQA, a compliance and project management platform built specifically for UK subcontractors, built to help subcontractors streamline their projects, prove their work, and win more business.
Built in the UK, GTQA brings together deep construction expertise and modern technology to tackle the biggest challenges facing subcontractors: complex compliance requirements, fragmented records, and the daily burden of manual admin.
Our goal is simple, give every subcontractor the tools to work smarter, prove their compliance, and grow their business with confidence.
GTQA Ltd operates in accordance with UK law and the following primary legislation. All our legal documents are maintained here and updated when legislation changes. If you have any questions, contact info@gtqa.co.uk.
Contact us at info@gtqa.co.uk and we will respond within 5 business days. For urgent data protection matters, we are required to respond within 30 days under UK GDPR Article 12(3).
Privacy Policy
Last updated: 1 May 2026
GTQA Ltd is committed to protecting your personal data and respecting your privacy. This policy sets out how we collect, use, store and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (PECR).
GTQA Ltd is a company registered in England and Wales. We operate a compliance and project management platform for UK subcontractors, designed to assist with obligations under the Building Safety Act 2022.
We are registered with the Information Commissioner's Office (ICO) as a data controller. We are legally required to process personal data in accordance with the following legislation:
UK GDPR, the UK retained version of the EU General Data Protection Regulation, effective from 1 January 2021
Data Protection Act 2018, the UK's primary data protection statute, which supplements UK GDPR
Privacy and Electronic Communications Regulations 2003 (PECR), governs cookies, electronic marketing, and communications data
Computer Misuse Act 1990, governs security of computer systems and data
2. Our role as data controller and processor
GTQA acts in different roles depending on the context:
Data controller, when we collect and process data about you directly (e.g. account registration, marketing communications, website enquiries). We determine the purpose and means of processing.
Data processor, when we process personal data on behalf of our business customers (e.g. operative timesheets, site records, compliance evidence). In these cases our customer is the data controller and we process data only on their documented instructions, as required by Article 28 UK GDPR.
Where we act as a data processor, a Data Processing Agreement (DPA) is in place with each customer setting out the scope, nature, purpose, duration and type of personal data processed, as required by UK GDPR Article 28(3).
3. What personal data we collect
Account and identity data
Full name, job title, role type (e.g. worker, project manager)
Company name and company registration details
Email address and password (hashed and salted)
Profile photograph (optional)
Operational and compliance data
GPS location data at the point of job check-in (time-stamped)
Photographic evidence captured on site (linked to specific jobs, floors and elements)
Signed documents, method statements and risk assessments
Task records, inspection data and completion notes
QR code and balcony code scan logs
Technical and usage data
Device type, operating system and browser
IP address and approximate location
App usage logs, session duration and feature interactions
Error logs and crash reports
Communications data
Enquiries and messages submitted via our contact form
Support tickets and email correspondence
Marketing consent records
4. Lawful basis for processing
Under UK GDPR Article 6, we rely on the following lawful bases:
Contract (Article 6(1)(b)), processing necessary to deliver our platform services to you under our Terms of Service
Legal obligation (Article 6(1)(c)), processing required to comply with UK law, including the Building Safety Act 2022, the Health and Safety at Work etc. Act 1974, and tax and accounting obligations under the Companies Act 2006
Legitimate interests (Article 6(1)(f)), processing for fraud prevention, security monitoring, product improvement and internal analytics, where these do not override your rights
Consent (Article 6(1)(a)), marketing communications and non-essential cookies, where you have given clear, freely given, specific and informed consent. You may withdraw consent at any time.
We do not process any special category data (Article 9 UK GDPR) unless expressly agreed with you in writing.
5. How we use your personal data
To create and manage your GTQA account and provide platform access
To record and store compliance evidence in accordance with the Building Safety Act 2022 Golden Thread requirements
To verify operative attendance via GPS and QR code check-in
To generate timesheet records and compliance reports
To process and respond to support enquiries
To send transactional communications (account activity, invoices, security alerts)
To send marketing communications where you have consented
To detect and prevent fraud, abuse, and security incidents
To improve the platform through anonymised analytics
To comply with legal and regulatory obligations
6. Who we share your data with
We do not sell your personal data. We may share it only in the following circumstances:
Sub-processors, cloud hosting (AWS, UK region), authentication providers, payment processors and customer support tools. All sub-processors are bound by UK GDPR-compliant Data Processing Agreements.
Your organisation, data you generate within GTQA is accessible to authorised administrators within your company account
Regulatory authorities, the Building Safety Regulator (BSR), Health and Safety Executive (HSE), Fire and Rescue Services, and other authorities where required by law, including under the Building Safety Act 2022
Legal proceedings, where required by a court order or to protect our legal rights
Business transfers, in the event of a merger, acquisition or sale of assets, with appropriate safeguards
7. Retention periods
We retain personal data only for as long as necessary for the purposes for which it was collected, in line with UK GDPR Article 5(1)(e) (storage limitation):
Account data: for the duration of your subscription plus 12 months following account closure
Golden Thread compliance records: for the duration of your subscription plus a minimum of 6 years, in line with construction industry obligations and potential liability periods under the Limitation Act 1980
GPS and timesheet data: 3 years from the date of capture, unless required longer for ongoing legal proceedings
Financial and invoicing records: 7 years in accordance with HMRC requirements
Marketing consent records: until withdrawal of consent
Technical logs and error data: 90 days rolling
8. Your rights under UK GDPR
Under UK GDPR Articles 15–22, you have the following rights:
Right of access (Article 15), request a copy of the personal data we hold about you
Right to rectification (Article 16), request correction of inaccurate or incomplete data
Right to erasure (Article 17), request deletion of your data, subject to our legal retention obligations
Right to restriction of processing (Article 18), request that we limit how we use your data in certain circumstances
Right to data portability (Article 20), receive your data in a structured, commonly used, machine-readable format
Right to object (Article 21), object to processing based on legitimate interests or for direct marketing purposes
Right to withdraw consent (Article 7(3)), withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing
To exercise any right, contact us at info@gtqa.co.uk. We will respond within 30 days as required by UK GDPR Article 12(3). If you are dissatisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.
9. Security measures
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction or alteration, as required by UK GDPR Article 32. These include:
Encryption in transit using TLS 1.2 or higher
Encryption at rest using AES-256
Role-based access controls with principle of least privilege
UK-based AWS infrastructure with automatic failover and daily backups
Regular security testing and vulnerability assessments
Staff training on data protection and information security
A documented data breach response procedure in line with ICO requirements (72-hour notification obligation under UK GDPR Article 33)
10. Cookies and PECR
We use cookies on our website in accordance with the Privacy and Electronic Communications Regulations 2003 (PECR) and the ICO's guidance on cookies. Non-essential cookies are only set with your prior consent.
Strictly necessary cookies, essential for the site to function (session management, authentication, security). These cannot be disabled and do not require consent under PECR.
Analytics cookies, help us understand how visitors use the site. Only set with your consent. No personal data is sold to third parties.
Marketing cookies, used to personalise content and measure campaign effectiveness. Only set with your explicit consent.
You can manage or withdraw your cookie consent at any time via the cookie settings banner on our website.
11. International data transfers
GTQA stores all data within the United Kingdom. Where any processing involves a transfer outside the UK or the EEA, we ensure that appropriate safeguards are in place as required by UK GDPR Chapter V, such as the International Data Transfer Agreement (IDTA) approved by the ICO, or Standard Contractual Clauses (SCCs) as adapted for UK use. We do not transfer data to countries without an adequacy decision unless appropriate safeguards are confirmed.
12. Building Safety Act 2022, data obligations
GTQA is designed to assist customers with their obligations under the Building Safety Act 2022 and the Building Safety (Higher-Risk Buildings Procedures) (England) Regulations 2023. Compliance records, photographic evidence, signed documents and GPS data captured through GTQA may form part of the Golden Thread of information required under Section 88 of the Building Safety Act 2022.
Where Golden Thread data is requested by the Building Safety Regulator (BSR), the Health and Safety Executive (HSE), Fire and Rescue Services or other competent authorities, GTQA will provide access to this data as required by law. We will notify affected customers of any such request wherever we are legally permitted to do so.
Customers using GTQA for Golden Thread record-keeping remain the data controller for all compliance records generated by their operatives. GTQA processes this data solely on their instructions as data processor.
13. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in law, our data practices, or the services we provide. We will notify you of material changes by email or by a prominent notice on our platform. The date at the top of this page indicates when the policy was last updated. Continued use of GTQA after an update constitutes acceptance of the revised policy.
14. Contact and complaints
For any questions about this Privacy Policy, to exercise your data rights, or to raise a concern:
Post: GTQA Ltd, Data Protection, [Registered Address]
If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO), the UK's independent data protection authority:
Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Questions about your data?
Contact us at info@gtqa.co.uk. We will respond within 30 days as required by UK GDPR.
Terms of Service
Last updated: 1 May 2026
These Terms of Service govern your use of the GTQA platform, operated by GTQA Ltd, a company registered in England and Wales. By accessing or using GTQA, you agree to be bound by these terms. These terms are governed by the laws of England and Wales.
"Platform", the GTQA web application, mobile application and associated services
"Customer", the business entity that has subscribed to use the Platform
"User", any individual authorised by the Customer to access the Platform
"Data", all information, records and content uploaded to or generated by the Platform
"Subscription", the paid licence granted to the Customer to access the Platform
2. Access and accounts
Access to the Platform is granted to the Customer on a subscription basis. The Customer is responsible for ensuring all Users comply with these Terms. You must not share login credentials. GTQA reserves the right to suspend access where these Terms are breached.
You must be at least 18 years old and have the authority to enter into this agreement on behalf of your organisation.
3. Licence to use the platform
Subject to payment of the applicable Subscription fee, GTQA grants the Customer a non-exclusive, non-transferable, revocable licence to access and use the Platform during the Subscription term, solely for the Customer's internal business purposes in connection with compliance obligations under the Building Safety Act 2022 and related legislation.
GTQA retains ownership of all intellectual property in the Platform. No rights are granted except as expressly set out in these Terms.
4. Customer obligations
The Customer agrees to:
Use the Platform only for lawful purposes and in accordance with these Terms and the Acceptable Use Policy
Ensure all Users are appropriately trained in the use of the Platform
Maintain the accuracy and completeness of all data entered into the Platform
Not attempt to reverse engineer, decompile or copy any part of the Platform
Notify GTQA immediately of any unauthorised access or security breach
Comply with all applicable laws, including the Building Safety Act 2022, UK GDPR and the Data Protection Act 2018
5. Data and privacy
The Customer remains the data controller for all compliance records, operative data and site evidence generated through the Platform. GTQA acts as data processor in accordance with the Data Processing Agreement (UK GDPR Article 28) and our Privacy Policy.
GTQA stores all data within the United Kingdom on AWS infrastructure. The Customer is responsible for ensuring their use of the Platform complies with UK GDPR and the Data Protection Act 2018.
6. Intellectual property
All intellectual property rights in the Platform, including software, design, trademarks and documentation, are owned by or licensed to GTQA Ltd. The Customer retains ownership of all data and compliance records it creates using the Platform.
The Customer grants GTQA a limited licence to process and store Customer data solely for the purpose of providing the Platform services.
7. Limitation of liability
To the maximum extent permitted by law, GTQA's total liability to the Customer for any claims arising under or in connection with these Terms shall not exceed the total Subscription fees paid by the Customer in the 12 months preceding the claim.
GTQA shall not be liable for any indirect, consequential, special or punitive damages, loss of profits, loss of data, or business interruption, even if advised of the possibility of such damages.
Nothing in these Terms excludes liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be excluded under English law.
8. Termination
Either party may terminate the Subscription on written notice at the end of the current billing period. GTQA may terminate immediately where the Customer breaches these Terms or fails to pay fees.
On termination, the Customer may export all compliance records and data within 30 days. After this period, GTQA will delete Customer data in accordance with the Privacy Policy, subject to any legal retention obligations under the Building Safety Act 2022 and the Limitation Act 1980.
9. Governing law and disputes
These Terms are governed by the laws of England and Wales. Any disputes shall be subject to the exclusive jurisdiction of the courts of England and Wales. We will attempt to resolve disputes informally before resorting to legal proceedings.
These Terms incorporate the Electronic Commerce (EC Directive) Regulations 2002 and the Unfair Contract Terms Act 1977 where applicable.
Questions about our Terms?
Contact info@gtqa.co.uk and we will respond within 5 business days.
Data Processing Agreement
Last updated: 1 May 2026, Required under UK GDPR Article 28
This Data Processing Agreement (DPA) forms part of the agreement between GTQA Ltd ("Processor") and the Customer ("Controller"). It sets out the terms under which GTQA processes personal data on behalf of the Customer, as required by Article 28 of the UK General Data Protection Regulation.
1. Scope and purpose
GTQA processes personal data on behalf of the Customer solely for the purpose of providing the GTQA platform, including the capture, storage and retrieval of compliance records, operative timesheets, photographic evidence and signed documents required under the Building Safety Act 2022.
2. Nature of personal data processed
Operative names, roles and authentication credentials
GPS location data at point of job check-in
Photographic evidence linked to specific jobs and elements
Timesheet and attendance records
Signed documents and digital signatures
Task notes and inspection records
3. Processor obligations (UK GDPR Article 28(3))
GTQA Ltd, as data processor, agrees to:
Process personal data only on documented instructions from the Controller
Ensure all staff with access to personal data are subject to appropriate confidentiality obligations
Implement appropriate technical and organisational security measures (Article 32)
Not engage sub-processors without prior written authorisation from the Controller
Assist the Controller in responding to data subject rights requests
Delete or return all personal data on termination of the agreement
Provide all information necessary to demonstrate compliance with Article 28
Notify the Controller without undue delay of any personal data breach (Article 33)
4. Sub-processors
GTQA uses the following authorised sub-processors, all of whom are bound by equivalent data protection obligations:
Amazon Web Services (AWS), cloud infrastructure and data storage (UK region)
Payment processor, billing and subscription management
Email delivery provider, transactional email
5. Data location
All personal data is stored and processed within the United Kingdom. GTQA does not transfer personal data outside the UK without appropriate safeguards as required by UK GDPR Chapter V.
Data protection queries
Contact info@gtqa.co.uk for all data protection matters. We respond within 30 days as required by UK GDPR Article 12(3).
Cookie Policy
Last updated: 1 May 2026, Governed by PECR 2003 and UK GDPR
This Cookie Policy explains how GTQA Ltd uses cookies and similar tracking technologies on our website in accordance with the Privacy and Electronic Communications Regulations 2003 (PECR) and the UK GDPR.
What are cookies?
Cookies are small text files placed on your device when you visit a website. They are widely used to make websites work efficiently and to provide information to site owners.
Cookies we use
Strictly necessary cookies
These cookies are essential for the website to function. They do not require your consent under PECR Regulation 6(1). They include session management, authentication tokens and security cookies.
Analytics cookies
These help us understand how visitors use our site so we can improve it. They are only set with your prior consent. We use anonymised data, no personal information is sold to third parties.
Marketing cookies
These are used to deliver relevant advertising and measure campaign effectiveness. They are only set with your explicit consent.
Managing cookies
You can manage or withdraw your cookie consent at any time using the cookie settings banner on our website. You can also control cookies through your browser settings, note that disabling all cookies may affect how the site works.
For more information about cookies and your rights, visit the ICO's guidance at ico.org.uk.
Contact
If you have questions about our use of cookies, contact info@gtqa.co.uk.
Acceptable Use Policy
Last updated: 1 May 2026
This Acceptable Use Policy sets out the rules governing use of the GTQA platform. It forms part of our Terms of Service. By using GTQA, you agree to comply with this policy.
Permitted use
You may use GTQA solely for lawful business purposes, specifically for the capture and management of compliance records, timesheets, site evidence and documentation required under the Building Safety Act 2022 and related legislation.
Prohibited use
You must not use GTQA to:
Upload false, misleading or fabricated compliance records
Impersonate any person or misrepresent operative attendance or location
Transmit any unlawful, harmful, defamatory or offensive content
Attempt to gain unauthorised access to any part of the platform
Introduce malware, viruses or any other malicious code
Scrape, copy or reproduce any part of the platform without written permission
Use the platform in any way that violates the Computer Misuse Act 1990
Process personal data in a manner inconsistent with UK GDPR and the Data Protection Act 2018
Compliance records integrity
Given that GTQA is used to capture Golden Thread records under the Building Safety Act 2022, the accuracy and integrity of all records is paramount. Deliberately falsifying compliance records may constitute a criminal offence under the Building Safety Act 2022 and the Fraud Act 2006.
Enforcement
Breach of this policy may result in immediate suspension of access. GTQA reserves the right to report suspected criminal activity to the appropriate authorities including the Building Safety Regulator (BSR) and the Health and Safety Executive (HSE).
Report a concern
If you become aware of any misuse of the platform, contact info@gtqa.co.uk immediately.
Pricing
Pricing built for subcontractors.
No lock-in contracts. No hidden fees. Pay per user, cancel any time. Book a 30-minute demo and we'll show you exactly how GTQA works for your trade.
Book a 30-minute demo and we'll walk you through GTQA set up for your trade, answer your questions, and show you exactly how it works on site, no obligation.
Can I change plans later?
Absolutely. You can upgrade, downgrade, or cancel at any time. There are no lock-in contracts or exit fees.
How does per-user pricing work?
Each user who logs into GTQA counts as one seat. You can add or remove users at any point and we'll prorate the difference. Ask us about volume discounts on your demo.
Do you offer a discount for annual billing?
Yes, paying annually gives you two months free. We'll discuss the options on your demo call.
Is GTQA Building Safety Act compliant?
Yes. GTQA is built around the Golden Thread requirements introduced by the Building Safety Act 2022. Your records, evidence, and signed documents are stored in a structured, auditable format ready for any inspection or handover.
What support is included?
All plans include access to our Help Centre, onboarding guides, and email support. Pro and Enterprise customers get priority response times and a dedicated point of contact.
Get started
See GTQA in action.
30-minute demo. No hard sell. We'll show you exactly how GTQA works for your trade.
We started GTQA because subcontractors were being left behind, buried in paperwork, chasing signatures, and struggling to prove compliance. We're here to fix that.
UK
Built and supported in the UK
30+
Trade specialisms supported
BSA
Built for the Building Safety Act
Offline
Works on site, even with no signal
Our mission
A compliance platform built exclusively for UK subcontractors.
Since 1 October 2023, the Golden Thread of information has been a legal requirement for all higher-risk buildings under the Building Safety Act 2022. Subcontractors are duty holders, legally obligated to capture, store and hand over structured digital records at Gateway 2 and Gateway 3.
A breach carries criminal liability, including fines and up to two years in prison. Yet most subcontractors were handed that obligation with no tools designed to meet it.
GTQA was built from the ground up to close that gap, a UK platform built exclusively for subcontractors to capture structured, element-level digital records the Building Safety Regulator requires.
Building Safety Act 2022
Every feature is designed for the way trades actually work on site: offline-capable, QR-verified, and ready for Building Safety Regulator inspection at any stage.
✓ Golden Thread compliant✓ Gateway 2 & 3 ready✓ Offline-capable✓ QR-verified records
Our story
GTQA was founded in the UK by a team with deep roots in construction and technology. After watching subcontractors struggle with compliance paperwork in the wake of the Building Safety Act 2022, our founders set out to build something better, a platform that treats subcontractors as the professionals they are.
We launched our first product in 2022 and have been growing steadily ever since, guided by close relationships with the subcontractors who use GTQA every day on site. We don't guess what they need, we ask them, watch them work, and build what they tell us.
Today, GTQA is trusted by fire stopping contractors, insulation specialists, M&E subcontractors, and dozens of other trades across England, Scotland, and Wales to keep their projects on track and their compliance records watertight.
JM
Founder & CEO
Construction technology, 12 years in the industry
SR
CTO
Previously built compliance tooling for Tier 1 contractors
AL
Head of Product
Spent 5 years on site as a fire stopping surveyor
KP
Head of Customer Success
Former subcontracting business owner
What we believe
01
Subcontractors deserve better
The trades have been underserved by software for decades. We're here to change that, starting with compliance and growing into every part of how a sub runs their business.
02
Safety is the law
The Building Safety Act 2022 was born from the Grenfell Tower tragedy. Non-compliance is not just a business risk, it carries criminal liability. We build tools that make compliance automatic, not an afterthought.
03
On-site simplicity is non-negotiable
Operatives in protective gear, working at height, in basement plantrooms. If our app requires training to use, it won't be used. We obsess over making the right thing also the easy thing.
04
Transparency builds trust
No hidden fees. No lock-in contracts. No buried clauses. We want customers who stay because GTQA makes their lives better, not because leaving is too painful.
05
The industry needs to modernise
Construction is one of the least digitised industries in the UK. We're proud to be part of changing that, one subcontractor at a time.
06
Our customers are our compass
Every major product decision at GTQA is tested against one question: does this make life better for subcontractors? If not, we don't build it.
Forms & Inspections
Compliance forms built for site.
Create, complete and submit digital inspection forms from any device, with photo capture, GPS location and signatures built in. No signal needed.
Every form your trade needs. Customised, not compromised.
GTQA ships with ready-made templates for fire stopping, insulation, M&E and dozens of other trades. Every field, photo slot and signature block can be adjusted to match your exact inspection workflow, no developer needed.
Add fields, sections, photo slots and dropdowns. Save templates per trade or per client. Any form you use on paper, built once in GTQA and reused forever.
Works offline on site.
Basement plantrooms, remote sites, concrete stairwells. Forms save locally and sync automatically the moment signal returns, no data ever lost.
GPS stamp on every submission.
Every completed form is automatically stamped with the operative's GPS coordinates, date and time. Proves where the work happened, for clients, insurers and the Building Safety Regulator.
Element-level records.
Each form is tied to a specific apartment, floor and element, exactly the structure the Building Safety Act requires. Instant PDF export, shareable in one tap.
How it works
From paper to proof in three steps.
1
Build your template
Drag in fields, photo slots, dropdowns and signature blocks. Start from a ready-made trade template or build your own, no developer needed.
2
Complete it on site
Operatives fill the form on any device, even with no signal. Photos, GPS and signatures are captured inline and saved locally until sync.
3
Export element-level records
Every submission is tied to an apartment, floor and element, then exported as a shareable PDF in one tap, ready for clients and the regulator.
Forms FAQ
Forms & Inspections questions.
Yes. GTQA ships with templates for fire stopping, insulation, M&E and more, and every field, photo slot and signature block can be adjusted to match your exact workflow.
They do. Forms save locally on the device and sync automatically the moment a connection returns, so nothing is ever lost in basements or remote sites.
Every form is linked to a specific apartment, floor and element, the structure the Building Safety Act requires, and stamped with GPS, date and time.
Yes. Any completed form exports as a branded PDF in one tap, and full record sets can be exported for Gateway 3 handover.
GPS Timesheets
Prove time on site. Every single day.
Every clock-in and clock-out tied to a real location. QR-code check-in means no more disputes over hours, and no more chasing paper timesheets at week's end.
Location-verified timesheets your payroll team can trust.
Operatives check in via QR code or a site-specific location code on their phone. The app records GPS coordinates, timestamps the entry, and builds a timesheet automatically, no paper, no spreadsheets, no disputes.
No hardware required. Each job gets a unique QR code or a 6-digit location code. Operatives scan it on arrival, proof of presence is captured instantly.
GPS-stamped, tamper-evident records.
Every check-in is verified to a real GPS location. Your clients, principal contractors and payroll team can see exactly when and where each operative was, no disputes, no backdating.
Automatic weekly timesheets.
GTQA builds the weekly timesheet for you. Approve it in one click. Export to CSV or PDF and drop it straight into your payroll process, no manual entry, no errors.
Multi-site, multi-operative.
Operatives can work across several jobs in a single day. GTQA tracks each check-in and check-out separately, giving you a clean per-site, per-operative breakdown every week.
How it works
Prove who was on site, in three steps.
1
Display your site code
Put a QR code at the site entrance, or set a balcony code for each location. Setup takes a couple of minutes per site.
2
Operatives clock in
They scan the code or enter it manually in the app. The clock-in is stamped with their GPS location, the date and the exact time.
3
Review verified hours
See who was on site and when across every project, and export location-verified timesheets for payroll and client billing.
Timesheets FAQ
GPS Timesheets questions.
They scan a site QR code or enter a balcony code in the app. Each clock-in records GPS coordinates, date and time automatically.
Operatives can enter a balcony or location code manually instead, the record stays tied to the correct part of the building.
Yes. Hours are location-verified, so you can export accurate timesheets for payroll and back up client billing with proof of attendance.
GTQA records the verified location at clock-in and clock-out, giving you a defensible record of who was on site and when.
Photo Evidence
Compliance-grade photographic records.
Every photo timestamped, GPS-tagged and tied to the specific element it documents. Not a folder of images, a structured, auditable record that satisfies the Building Safety Regulator.
Photos that mean something at handover and inspection.
Dumping photos in a shared drive doesn't cut it anymore. The Building Safety Act requires element-level evidence, each photo linked to a specific apartment, floor and element. GTQA captures that structure automatically at the point of capture.
Every photo is automatically tagged with the operative's name, the GPS coordinates, date and time the moment it's taken, no manual filing, no metadata to fill in.
Tied to apartment, floor and element.
Photos are filed against a specific apartment, floor and element, not just a project folder. This is the exact structure the Building Safety Act Golden Thread requires.
Before and after photo pairs.
Capture the condition before work starts and after it's completed. Essential for remedial and installation work, and invaluable when a dispute arises months later.
Photo reports in one tap.
Generate a branded, client-ready photo report for any job instantly. Share it with your principal contractor without leaving the app, no email attachments, no manual assembly.
How it works
Compliance-grade photos in three steps.
1
Open the element
Within a task, select the specific apartment, floor and element you're recording, for example a fire-stopping penetration or insulation run.
2
Capture the evidence
Take before and after photos straight from the app. Each image is timestamped, GPS-located and linked to that element automatically.
3
Store and export
Photos are stored securely in the UK and exported as part of the Golden Thread, so your evidence is always tied to where the work happened.
Photo Evidence FAQ
Photo Evidence questions.
Each photo is timestamped, GPS-located and tied to a specific apartment, floor and element, so it proves exactly what was installed, where and when.
Yes. You can attach multiple photos to a single element, which is ideal for before/after records on fire stopping, insulation and remedial work.
All records are stored securely in the UK and form part of your Golden Thread, ready to export for clients, insurers and the regulator.
Photos capture and save on the device with no signal and sync automatically once a connection returns.
Signed Documents
Digital sign-off collected on site, instantly.
RAMs, Toolbox Talks, method statements, handover certificates, all signed on a phone or tablet, timestamped and stored against the right job. No printer. No scanner. No chasing paper.
Sign-off that holds up in the office and in court.
Paper sign-off sheets get lost, backdated or disputed. GTQA's digital signatures are collected in real time, tied to the signer's name and role, and stored with a full audit trail. Your principal contractor gets an instant PDF. Your records are protected.
Any operative can sign on their phone or tablet, no hardware, no app download beyond GTQA. The signature is stored with their name, role, date and time automatically.
Full audit trail, who signed and when.
Every signature includes a complete audit log: who signed, on which device, at what time and GPS location. Tamper-evident and legally admissible, exactly what you need when a project is queried months later.
Templates for every document type.
RAMs, Toolbox Talks, method statements, handover certificates, COSHH assessments. Templates are ready to go, or build your own in minutes.
Automatically filed and shareable.
Every signed document is stored against the correct project and element. Share a signed PDF with your principal contractor in one tap, no email attachments to hunt down, no document folders to maintain.
How it works
Collect signatures in three steps.
1
Open the document
Select the RAMS, toolbox talk or other document you need signed, straight from the project in the app.
2
Request signatures
Choose the operatives who need to sign. They review and sign on their own device, and you see the status update in real time.
3
Store the signed record
Each signed document is stored with the signer's name and a timestamp, ready to export as proof of acknowledgement.
Signed Documents FAQ
Signed Documents questions.
RAMS, toolbox talks and any other document you upload. Signatures are collected digitally, on site, on the operative's own device.
Yes. You see signature status update in real time, so you know exactly who has acknowledged a document and who is outstanding.
Each signed document is stored with the signer's name and a timestamp, giving you a defensible record of acknowledgement for audits and handover.
Documents can be reviewed and signed on site, and the signed record syncs automatically once a connection returns.
Planner
Schedule jobs and manage project timelines.
See every job across the month in one view. Assign operatives to sites, push changes directly to their app, and know who is where, without a single phone call.
The GTQA Planner gives you a drag-and-drop calendar for every active project. Assign operatives, set dates, and push live notifications to the team. No spreadsheets. No lost WhatsApp messages. No one turning up to the wrong site.
See all jobs and operatives at a glance. Colour-coded by status, scheduled, in progress, complete, delayed. Know the shape of your week before it starts.
Changes push instantly to the app.
Reschedule a job in the Planner and every affected operative gets an instant notification on their phone. No calls, no messages, no confusion about which site to go to.
Per-operative schedule.
Each operative sees only their own jobs for the day. No sensitive project information shared with the whole team. Clean, simple, and secure.
Linked to timesheets and forms.
Plan the job in the Planner, capture the records in Forms, confirm the hours in Timesheets. Everything in one system, no copying between apps, no data entry twice.
How it works
Plan the build in three steps.
1
Schedule the work
Open the planner and lay jobs out by date and week across a building, floor by floor.
2
Assign operatives
Drag jobs onto locations and assign the right operatives. Changes appear in their app instantly.
3
Track progress
Watch progress update as tasks complete, so you can see exactly where a building stands at a glance.
Planner FAQ
Planner questions.
Use the calendar view to lay out jobs by date and week, then drag them onto specific floors and locations within a building.
Yes. When you assign a job, it appears in the operative's app immediately, and any changes you make sync straight through.
Progress updates as tasks are completed, giving you a live view of how far along each floor and building is.
The planner ties into tasks, forms and records, so scheduling, completing and evidencing work all live in one place.
iOS & Android
The site app that works where you do.
Offline-capable, fast to use in gloves, and packed with every GTQA feature. Works without Wi-Fi on site, everything syncs automatically when you're back in signal. Available on the App Store.
The GTQA mobile app is designed for real site conditions: gloved hands, bright sunlight, basement signal blackspots. Large touch targets, clear interface, full offline capability, operatives capture every record the moment the work is done.
Records save locally and sync on reconnection. No signal in the basement or the stairwell? No problem. Not a single record is ever lost due to a dropped connection.
QR code check-in for timesheets.
One scan and you're on the clock. GPS-verified, tamper-evident, and linked to the right job automatically. The whole check-in takes under five seconds.
Camera-first photo capture.
Open the camera, take the photo, and GPS and timestamp are added automatically. No manual tagging or filing. The photo goes straight to the right element record.
iOS and Android.
Available on both platforms, for subcontractors using it daily on site. The usability standard we hold ourselves to every release.
Assurance Services · £7,500 to £15,000 per audit
Building Information Assurance Audit
An independent, structured review of the building information you currently hold for a single building or a defined portfolio, measured against the requirements of the Building Safety Act and wider safety obligations.
The Building Safety Act 2022 places a legal duty on Accountable Persons to maintain accurate, accessible and complete building information throughout the life of a higher-risk building.
A Building Information Assurance Audit is an independent, structured review of the information a duty holder currently holds, benchmarked against those obligations and the expectations of the Building Safety Regulator.
Why it matters
Incomplete records carry criminal liability.
Under the Act, duty holders who fail to hold or produce required building information face enforcement action and potential prosecution. The Regulator can request records at any point and expects them to be structured, complete and verifiable.
An audit establishes your baseline position before a regulator does it for you.
Scope
What we review
Each audit covers the information categories specified in the Building Safety Act and supporting regulations:
01
Golden Thread records
Completeness, structure and accessibility, including whether records are held digitally, element-level, version-controlled and shareable with the Regulator on request.
02
Fire and structural safety information
Fire safety case records, fire strategy documents, compartmentation drawings and structural calculations evaluated against Safety Case Reports guidance.
03
Construction and as-built documentation
O&M manuals, specification records, materials certifications and installation records benchmarked against what was specified, consented and built.
04
Resident engagement and complaints records
Engagement logs, Section 89 notices, complaints handling and remediation correspondence against the Accountable Person's statutory duties.
05
Change control and maintenance records
Whether changes to the building have been recorded, assessed for safety impact and reflected in updated building information.
06
CDE and information governance
How building information is stored, controlled, accessed and maintained, including CDE structure, naming conventions and access permissions.
Output
What you receive
A structured written report and prioritised action plan. Every finding is evidenced and graded by severity.
Written assurance report
Identifies what is complete, what is incomplete, and what is missing entirely — with a clear evidence basis throughout.
Risk-rated gap register
Every deficiency prioritised by regulatory exposure and remediation cost, so you know where to act first.
Recommended next steps
Including whether a Recovery engagement is required and at what scope, with guidance on immediate remediation priorities.
Executive summary
A board-ready summary suitable for audit committees, lenders and insurers — presenting your compliance position clearly and concisely.
Clients
Who commissions a Building Information Assurance Audit?
Building owners, PAPs and housing associations
Confirming their compliance position before a BSR audit or operational milestone.
Developers and contractors
Approaching Gateway 2 or Gateway 3 handover and needing to verify documentation meets the Golden Thread standard.
Lenders, insurers and investors
Requiring independent third-party verification before completing a transaction.
How it works
The audit process
1
Scoping
We agree buildings in scope, information access, key contacts and the regulatory benchmarks for the audit.
2
Information review
Our team reviews information across your CDE, file stores, asset management systems and physical records against a structured framework.
3
Findings & validation
We validate findings with your team, confirm the evidence basis for each gap, and grade by severity and regulatory risk.
4
Report & handover
Delivery of the audit report, gap analysis and remediation plan, with a briefing for your senior team, board or legal advisers.
Regulatory context
The legal basis for building information obligations
"The Accountable Person must take all reasonable steps to prevent a major incident occurring at, or in, the higher-risk building and to reduce the severity of any such incident." Building Safety Act 2022, Section 83
The Building Safety Act 2022 places specific, enforceable obligations on Accountable Persons to hold, maintain and produce building information. These carry criminal penalties for non-compliance.
The Higher-Risk Buildings (Keeping and Provision of Information etc.) Regulations 2024 specify what must be held, how it must be structured, and when it must be provided to the Building Safety Regulator.
Know where you stand.
Get a clear, independent view of your compliance position, before a regulator, lender or insurer asks for it.
Assurance Services · From £15,000 · Larger portfolios £100,000+
Golden Thread Recovery
End-to-end reconstruction of golden thread information for buildings where records are missing, incomplete, fragmented across systems, or undocumented entirely. Designed for the thousands of existing buildings that fall under the BSA without the records to prove it.
Retrospective record reconstruction for existing buildingsHigher-risk buildingsBSA 2022 compliantRegulator-ready output
Overview
What is Golden Thread Recovery?
Most higher-risk buildings were designed, built and managed before the Golden Thread became a legal requirement. Their records are fragmented, spread across emails, shared drives, paper files and the memories of people who may no longer work there.
Golden Thread Recovery is a structured programme to locate, assess, reconstruct and organise those records into a coherent, compliant information baseline, building the thread that should have been there from the start.
The problem
A missing thread is not a defence. It is a liability.
The Building Safety Regulator does not accept gaps as inevitable for older buildings. Accountable Persons are expected to take active steps to reconstruct records where they are missing, and to document what cannot be recovered.
A structured recovery programme demonstrates that duty, and creates an evidenced baseline for future compliance.
What we do
The recovery programme
01
Information audit and gap mapping
A comprehensive sweep of all known information sources, CDEs, email archives, paper files, legacy systems, contractor handovers and O&M manuals, to map what is held and identify what is missing.
02
Stakeholder and supply chain engagement
We engage the original design team, principal contractor, specialist subcontractors and warranties providers to locate records held outside the client's own systems.
03
Document triage and verification
Recovered documents are assessed for authenticity, completeness and relevance. We identify records that are superseded, duplicated or unverifiable.
04
Structured organisation and CDE population
Verified records are organised into a structured, element-level information hierarchy aligned to floor, zone and element, ready for upload to your CDE.
05
Residual gap register and remediation
Where records cannot be recovered, we document the gap, assess the risk to the Safety Case, and recommend proportionate remediation, including physical inspection or professional opinions where appropriate.
Output
What you receive
Building surveys and physical verification
On-site inspection and physical verification of installed systems, confirming what is actually in place against what records claim.
Document recovery, validation and digitisation
Recovery of legacy records from all available sources, assessed for authenticity and completeness, and digitised into a structured, accessible format.
Retrospective compliant records
Where records cannot be recovered, we create compliant records to the standard the BSA requires, documented and evidenced to withstand Regulator scrutiny.
Structured digital archive
A complete, element-level information baseline owned by you — structured for your CDE and capable of supporting ongoing safety case management.
Sign-off documentation
Formal sign-off suitable for submission to the BSR, and for review by insurers, lenders and operators.
Clients
Who needs Golden Thread Recovery?
Building owners and PAPs
Owners of existing higher-risk buildings with incomplete or fragmented records who need a compliant information baseline.
Housing associations and local authorities
Registered providers and council landlords managing legacy portfolios where records have never been properly assembled.
Asset managers
Preparing portfolios for sale, refinance or operational transfer and needing verified, structured building information to support due diligence.
Start with what you have.
We find what is recoverable, organise what exists, and document what cannot be retrieved, giving you a defensible, structured baseline to build from.
Assurance Services · Monthly retainer · scoped to portfolio size
Building Safety Case Support
Ongoing independent support for organisations preparing, maintaining or defending a Building Safety Case. The Safety Case is not a one-off document — it is a living record that needs continuous verification, change control and audit-readiness. We provide that, on retainer.
Ongoing assurance, not just a one-off reviewSafety Case lifecycleChange control oversightRegulator inspection ready
Overview
What is Building Safety Case Support?
The Building Safety Act does not end at registration. Accountable Persons have ongoing duties to keep the Safety Case current, manage changes that affect building safety, and be able to demonstrate compliance at any point in a building's life.
Building Safety Case Support provides an independent, retained assurance function, verifying that your Safety Case remains accurate, change control is operating correctly, and your building information is maintained to the standard the Regulator expects.
The challenge
A Safety Case is a live document. Most organisations treat it as an archive.
Changes to higher-risk buildings, planned works, reactive repairs, alterations to fire strategy, changes in tenancy or use, can affect the Safety Case. Without an active process for assessing and recording those changes, the Safety Case drifts out of date and the Golden Thread breaks.
We provide the independent oversight that keeps it current.
What we provide
The support programme
01
Safety Case review and verification
Periodic independent review of the Safety Case Report to verify accuracy, identify gaps and confirm the risk assessment remains current and proportionate.
02
Change control oversight
Independent assessment of proposed changes, design, maintenance, use, tenancy, against their potential impact on the Safety Case, with documented sign-off before work proceeds.
03
Golden Thread maintenance verification
Ongoing checks that new records, inspection reports, contractor sign-offs, test results, maintenance logs, are being added to the Golden Thread correctly and in real time.
04
Inspection and audit readiness
Preparation for Regulator inspections: structured evidence packages, compliance summaries and briefing support for your responsible individuals and legal team.
05
Incident and escalation support
Independent support in the event of a safety incident, regulatory notice or escalation, including evidence collation, timeline reconstruction and adviser liaison.
What you receive
What you receive
Independent safety case verification
Ongoing verification of safety case content against current regulatory expectations — not a one-off snapshot but a continuous assurance function.
Golden thread change control
Every revision to the underlying golden thread logged, validated and signed off — so the thread stays current and defensible as the building evolves.
Regular assurance reports
Written reports for accountable persons, executives and the BSR, providing a structured, evidenced record of compliance position at each reporting interval.
Direct support during reviews
On-hand support during BSR audits, insurer reviews and operator handovers — with evidence packages, briefings and adviser liaison as required.
Clients
Who benefits from Building Safety Case Support?
Accountable Persons and PAPs
Holding ongoing duty under the Building Safety Act and needing independent assurance they are meeting their statutory obligations at every stage.
Housing associations and asset owners
Managing portfolios of higher-risk buildings who need a scalable, retained assurance function across multiple buildings.
Building safety managers
In-house safety managers who need independent verification of their own work — providing the separation of duties that regulators and insurers expect.
Keep your Safety Case current.
We provide the independent oversight that gives duty holders confidence their Safety Case is accurate, their records are complete, and their building is ready for scrutiny.
Time-bound, scoped and delivered to your deadlineLender & insurer readyBoard-level reportingPortfolio or single asset
Overview
What is an Independent Assurance Review?
An Independent Assurance Review is a focused, time-bound engagement commissioned when a specific stakeholder, a lender, insurer, board, regulator or prospective purchaser, requires an independent expert view of a building's information, compliance position or Safety Case status.
Unlike a full audit, an IAR is scoped tightly around a defined question or set of questions, and delivered against a specific deadline to meet a transaction, reporting or regulatory timetable.
When it's needed
Decisions require evidence. Reviews provide it.
Lenders require comfort before releasing finance. Insurers need evidence of compliance before binding cover. Boards need an independent view before signing off a Safety Case Report. Acquirers need due diligence before exchange.
An Independent Assurance Review provides the structured, expert evidence each of those decisions requires.
What we review
Common review types
01
Pre-transaction building information due diligence
Independent review of building information ahead of a sale, acquisition or refinancing, giving lenders, investors and purchasers a structured view of what is held, what is missing and what remediation is required.
02
Cladding and façade record validation
Verification of cladding and external wall system records against as-built conditions, identifying gaps in fire safety documentation and supporting EWS1 processes and insurer requirements.
03
Fire stopping verification reviews
Review of passive fire protection records, installation certificates and inspection reports to confirm documented coverage and identify unverified or missing compartmentation records.
04
Handover readiness assessments
Pre-Gateway 3 and post-completion review of handover packages, confirming that golden thread documentation meets the standard required for registration and occupation.
05
Distressed asset record reconstruction
Focused recovery and reconstruction of building information for assets where records are severely depleted, supporting urgent compliance, sale or enforcement response.
Output
What you receive
Assurance report
A written report addressed to the commissioning party, scope, methodology, findings and conclusion, drafted for the specific audience.
Executive summary
A concise summary suitable for board papers, credit committee packs and transaction documentation.
Conditions and recommendations
A schedule of conditions, remediation requirements or further review recommendations, proportionate to the purpose of the review.
Who commissions an IAR
Who we work with
Lenders
Development finance, investment and social housing lenders requiring independent comfort on BSA compliance as a condition of drawdown or refinancing.
Insurers
Property insurers and their advisers seeking independent assessment ahead of cover decisions.
Boards and trustees
Executive teams and audit committees requiring independent expert reporting on their compliance position.
Acquirers and investors
Purchasers and investors seeking a structured due diligence view of a building's information baseline before exchange.
Commission a review on your timetable.
We scope, price and deliver Independent Assurance Reviews to meet specific deadlines, structured around the needs of the commissioning party, not a standard template.
Assurance Services · Scoped within an Audit, Recovery or Retainer engagement
Common Data Environment Oversight
We do not compete with CDE software vendors. We act as your independent information controller — verifying that whatever system you use is delivering compliant, audit-ready information.
Independent information controller, not your CDE vendorGovernance & access controlBSA information standardsOngoing or project-based
Overview
What is CDE Oversight?
A Common Data Environment is only as valuable as the governance around it. Without clear ownership, naming conventions, access controls, version management and quality standards, a CDE becomes a disorganised file store, not a Golden Thread.
CDE Oversight is an independent information controller function, sitting across your CDE to ensure that building information is structured, controlled, complete and genuinely capable of supporting your Safety Case and regulatory obligations.
The gap
A CDE platform is not the same as CDE governance.
Most organisations have a CDE platform. Very few have an independent function actively governing it. Documents are uploaded without version control. Access is granted inconsistently. Records are stored in folders that bear no relation to the building's element structure.
CDE Oversight closes the gap between having a platform and having a governed information environment.
What we manage
The oversight function
01
Information quality control
Ongoing quality control across your CDE — reviewing documents for completeness, correct categorisation and compliance with BSA information standards as they are uploaded and updated.
02
Verification of information integrity
Cross-referencing digital records against the building of record to confirm that what is held accurately reflects what was designed, built and installed.
03
Change control of golden thread documentation
Independent oversight of every revision to golden thread documentation — logged, validated and signed off so the thread remains accurate as the building evolves.
04
Audit trail creation and certification of readiness
Creation of a structured, evidenced audit trail and formal certification of CDE readiness for Regulator inspection, lender due diligence or insurer review.
05
Independent reporting to stakeholders
Regular written reports to PAPs, accountable persons and external stakeholders on the state of the CDE, outstanding gaps and compliance position.
Output
What you receive
Structured CDE framework
A documented information architecture, folder structure, naming conventions, metadata schema and access permissions, aligned to your building and the BSA information standard.
Ongoing governance function
A retained independent information controller role, regular quality checks, access audits, version control oversight and CDE readiness reports throughout.
Regulator-ready evidence pack
A structured evidence package demonstrating CDE governance, completeness and compliance, ready for the Regulator or for lenders and insurers.
Clients
Who benefits from CDE Oversight?
Housing associations
Registered providers managing multiple higher-risk buildings who need consistent, independent governance across a shared or federated CDE environment.
Local authorities
Council landlords whose information is held across legacy systems, multiple platforms or a fragmented mix of digital and physical records.
Developers at Gateway 3
Development companies preparing for Gateway 3 handover who need their CDE to meet the information standard required for building registration.
Managing agents
Agents and property managers who need independent oversight of the CDE to support their Accountable Person clients.
Govern your information, not just store it.
We turn a CDE from a file store into a governed, compliant information environment, one that stands up to Regulator scrutiny and supports your Safety Case at every stage.
The Building Safety Act 2022 places named, enforceable obligations on the people responsible for higher-risk buildings. We provide the independent assurance that lets duty holders prove their building information holds up, to residents, regulators, insurers and lenders alike.
Building Safety Act 2022 alignedHigher-risk buildingsUK-wideIndependent & impartial
Overview
Different roles. The same accountability.
The dutyholder regime touches the whole life of a building, from the developer who builds it, to the contractor who hands it over, to the owner who operates it for decades afterwards.
Each role carries a distinct legal obligation, but they share one test: can you produce accurate, complete and structured building information when it is asked for? That is the test we help you pass.
Why it matters
Information is now a legal duty, not paperwork.
Under the Act, failing to hold, maintain or produce required information is an enforcement matter that can carry criminal liability, and the consequences land on named individuals, not just organisations.
Whichever role you hold, an independent view of your position is the difference between demonstrating compliance and discovering a gap at the worst possible moment.
Housing & public sector
Assurance for those who own and operate homes
If you hold higher-risk residential stock, you are the Accountable Person, responsible for the golden thread and a defensible safety case for every building, often across information inherited from decades of different systems and contractors.
Housing associations
Portfolio-wide assurance across your higher-risk stock, recovering missing or fragmented historic records, structuring the golden thread building by building, and supporting the preparation and upkeep of Safety Case Reports so your stock stands up to Regulator scrutiny and resident requests.
Local authorities & councils
Independent assurance for council-owned and ALMO-managed higher-risk buildings, establishing what you actually hold against your statutory obligations, prioritising remediation by regulatory risk, and producing evidence your members, internal audit and the Regulator can rely on.
Development & industry
Verification for those who build and hand over
The gateway regime makes building information a condition of progress, and the records you create or accept follow the asset for the rest of its life. We make sure they are complete and defensible before they become someone's liability.
Developers
Gateway 2 and Gateway 3 readiness, verifying that your building information is complete and structured for approval and completion, and that the golden thread handed to the Accountable Person is genuinely accepted, reducing the risk of rejected applications, delayed occupation and post-handover liability.
Principal contractors
Independent verification across your supply chain, confirming that subcontractor records, test certificates, as-built information and O&M data are complete, traceable and handover-ready, so gaps are closed before practical completion rather than discovered after it.
Asset owners & operators
Building information due diligence on acquisition, verification of what you are being asked to accept at handover, and the ongoing reporting and golden thread regime that keeps you compliant through operation, because the information you inherit becomes your liability.
The audience for your records
Who your information has to satisfy
Building information is no longer an internal record. It is produced on request for, and relied upon by, a widening circle of third parties, each of whom can hold you to account for what you cannot show.
Residents
The Act gives residents the right to request safety information about their building, and places engagement obligations on the Accountable Person.
The Building Safety Regulator
Can request records at any time and expects them to be structured, complete and verifiable, with enforcement powers where they are not.
Insurers
Building safety and professional indemnity cover is increasingly conditional on demonstrable evidence of compliant building information.
Lenders & funders
Lending, valuation and refinancing decisions hinge on records that prove a building's safety position can be evidenced, not asserted.
Buyers & conveyancers
Sales and fire-safety enquiries depend on the information you can produce, missing records stall transactions and erode value.
How we work with you
A clear path, whatever your role
Every engagement follows the same disciplined route, from confirming exactly what the law asks of you to leaving you with evidence you can defend.
1
Identify the duty
We confirm which roles and obligations apply to you and to each of your buildings under the Act and supporting regulations.
2
Assess the position
An independent, structured review of the information you currently hold, benchmarked against those obligations.
3
Close the gaps
Recovery, reconstruction and structuring of missing information, graded and prioritised by regulatory risk.
4
Stand up to scrutiny
Reporting and assurance you can put in front of a regulator, resident, insurer, lender or buyer with confidence.
Not sure where you sit?
Tell us about your buildings and your role, and we will show you exactly which obligations apply, and where you stand against them today.
You are the Accountable Person for buildings that have existed far longer than the current compliance regime. Portfolio-wide golden thread assurance that works with what you have, and closes the gaps you don't yet know about.
Building Safety Act 2022 alignedHigher-risk residential stockPortfolio-scaleIndependent & impartial
Overview
The Accountable Person's information burden.
Housing associations managing higher-risk residential buildings carry named, enforceable obligations under the Building Safety Act 2022. The golden thread must be maintained building by building, and a Safety Case Report must be prepared and kept current for every building on your register.
For most associations, that means working across decades of fragmented records, multiple legacy systems, and information created by contractors who no longer exist. We audit what you hold, recover what is missing and structure what remains into a defensible position.
Why it matters now
The Regulator is actively requesting records.
The Building Safety Regulator has statutory powers to request building information at any time and without notice. Associations that cannot produce complete, structured records face enforcement action — including improvement notices, special measures designation and, ultimately, criminal liability for named individuals on your board and senior team.
An independent view of your position, building by building, is the difference between demonstrating compliance and discovering a gap at the worst possible moment.
What we deliver
Portfolio assurance, building by building.
Every engagement is scoped to your stock, your regulatory position and your existing records. Typically covering:
01
Golden Thread audit and gap analysis
An independent review of the information you hold for each higher-risk building against the completeness standard the Regulator expects, with every gap evidenced, graded by regulatory risk and mapped to a remediation action.
02
Historic record recovery
Reconstruction of missing or incomplete records from surviving documentation, contractor archives, planning and building control files, and on-site inspection, prioritised by building registration status and risk.
03
Golden Thread structure and handover
Organisation of recovered and verified records into a structured digital golden thread, element-level and version-controlled, ready to be maintained by your in-house team or transferred to a CDE.
04
Safety Case Report support
Working alongside your team or appointed principal accountable person to prepare and peer-review the Safety Case Report required for each higher-risk building, including the building safety risk assessment and resident engagement records.
05
Ongoing assurance and change control
Retainer-based support to maintain your golden thread through planned maintenance, major works and building changes, ensuring records stay current and defensible as your stock evolves.
Who asks to see your records
The audiences your information has to satisfy.
Building information for housing associations is no longer an internal record. It is reviewed by, and relied upon by, a widening group of third parties — each of whom can hold your organisation to account.
The Building Safety Regulator
Can request records for any registered higher-risk building at any time and expects them to be complete, structured and immediately accessible.
Residents
The Act gives residents of higher-risk buildings the right to request safety information and places direct engagement obligations on the Accountable Person.
Insurers
Building and professional indemnity insurance for housing associations is increasingly conditional on demonstrable evidence of compliant building information.
Lenders & treasury
Covenant compliance, refinancing and bond issuance increasingly depend on an evidenced building safety position across your portfolio.
Internal audit & boards
Boards carry personal liability. Independent assurance is the evidence your governance framework, internal audit and non-executives need to fulfil their duty of care.
How we work
From first call to defensible position.
A structured engagement designed to give you clarity fast and evidence that lasts.
1
Scoping
We confirm the number and registration status of your higher-risk buildings, your current records position and your most pressing regulatory exposure.
2
Audit
An independent, building-by-building review of what you hold, benchmarked against the Act, the Regulator's expectations and any existing Safety Case Reports.
3
Recovery & structure
Missing records recovered, verified and organised into a structured golden thread, prioritised by risk and the urgency of your regulatory position.
4
Assurance report
A written assurance report and prioritised action plan, suitable for your board, your regulator and any lender or insurer who asks to see it.
Not sure where your portfolio stands?
Tell us about your stock, and we will show you exactly where your regulatory exposure lies and what it would take to close it.
Council-owned and ALMO-managed higher-risk buildings carry the same enforceable obligations as any registered provider. We establish what you actually hold, prioritise remediation by regulatory risk, and produce evidence your members, internal audit and the Regulator can rely on.
Building Safety Act 2022 alignedCouncil & ALMO stockPortfolio-scaleIndependent & impartial
Overview
The council's position as Accountable Person.
Where a local authority or ALMO is the registered Accountable Person for a higher-risk building, it carries the same legal obligations as any registered provider under the Building Safety Act 2022. That means a golden thread maintained building by building, a current Safety Case Report for every registered building, and the ability to produce complete, structured records on request from the Regulator.
For most councils, that obligation spans stock built across multiple decades, records held across planning, housing, assets and estates teams, and buildings managed by arm's length bodies operating with varying levels of information maturity.
The governance dimension
Members and officers carry personal exposure.
Unlike private sector duty holders, local authorities operate under an additional layer of political and governance accountability. Members on housing and scrutiny committees need assurance that the authority's building safety position is defensible, not just declared. Internal audit needs independent evidence, not officer self-assessment.
We provide the independent, written assurance that separates a defensible compliance position from an assertion — and that survives external scrutiny.
What we deliver
Assurance structured for the public sector.
Every engagement is designed to produce evidence that works for your internal governance framework and withstands external regulatory scrutiny:
01
Building information audit across registered stock
An independent, building-by-building review of what the authority holds against the completeness standard the Regulator expects, with gaps evidenced, graded by risk and mapped to a prioritised remediation programme.
02
Cross-departmental records review
We work across housing, planning, assets and ALMO to establish a single picture of what information exists, where it is held and whether it is in a form the Regulator would accept.
03
Historic record recovery
Reconstruction of missing records from building control archives, planning files, contractor documentation and on-site inspection, prioritised by registration status and regulatory risk.
04
Safety Case Report support
Independent support for the preparation and peer review of Safety Case Reports across your registered buildings, including resident engagement records and building safety risk assessments.
05
Board and member reporting
A written assurance report and executive summary designed for presentation to cabinet, housing committee and internal audit, providing the governance evidence your oversight structure requires.
Who scrutinises your records
The audiences your information has to satisfy.
Council building information is reviewed by a more demanding audience than most duty holders face. Each has powers or expectations that require you to produce structured, complete and verifiable records.
The Building Safety Regulator
Can request records for any registered building at any time. Enforcement powers include improvement notices, special measures and prosecution of named officers.
Members & scrutiny committees
Elected members with housing and scrutiny responsibilities need independent evidence, not officer assurance, that the authority's building safety position is defensible.
Internal audit
Internal audit functions increasingly include building safety information as a material governance risk. Independent external assurance is the evidence they need to sign off the position.
Residents
The Act gives residents the right to request safety information and places direct engagement obligations on the Accountable Person.
External auditors & inspectorates
Building safety compliance is within scope for external audit, Ofsted equivalent inspections and any review commissioned by the Secretary of State.
How we work
Independent assurance structured for public accountability.
We work within your governance framework, not around it.
1
Scope & structure
We identify every higher-risk building in your portfolio, its registration status and the departments holding relevant records.
2
Cross-departmental audit
An independent review of records held across housing, planning, assets and ALMO, benchmarked against the Regulator's expectations.
3
Recovery & remediation
Missing records recovered and structured into a prioritised programme with ownership assigned to the right teams.
4
Governance reporting
Written assurance report and executive summary ready for housing committee, internal audit and the Regulator.
Not sure where your stock stands?
Tell us about your registered buildings and your current records position, and we will show you exactly where your exposure lies.
Gateway 2 and Gateway 3 readiness, with the independent verification that gives duty holders the confidence to apply, complete and hand over. Building information that is genuinely accepted, not just submitted.
The gateway regime changes the relationship between building information and programme. At Gateway 2, the Regulator must be satisfied that building information is sufficiently complete and structured before work begins. At Gateway 3, a Completion Certificate cannot be issued until the golden thread is verified and accepted by the incoming Accountable Person.
For developers, that means building information is no longer a handover formality. It is a pre-condition of build consent and a condition of occupation. Gaps discovered at the gateway create delays, liability and, in some cases, the need to undo completed work to access information that should have been captured at the time.
The developer's liability
The records you create follow the asset for its entire life.
Golden thread records created during construction become the foundation of the Accountable Person's compliance position for the life of the building. If those records are incomplete, incorrectly structured or missing key elements at handover, the liability for reconstruction falls on whoever accepted them — and the evidence trail leads back to the developer who created them.
Independent verification before submission and before handover is the protection a developer needs at both gateways.
What we deliver
Gateway readiness, from design to handover.
01
Gateway 2 information readiness review
An independent review of the building information package against the Regulator's expectations at the building control application stage, identifying gaps before submission and reducing the risk of application rejection or a request for further information that stalls your programme.
02
Construction-phase golden thread oversight
Periodic assurance during construction that information is being captured at the right level of detail, element by element, and that the CDE is structured to meet handover requirements — so Gateway 3 is not a scramble.
03
Gateway 3 handover verification
An independent completeness check of the full golden thread package before submission for the Completion Certificate — covering as-built records, O&M information, fire and structural documentation, and the resident engagement pack — so the Regulator and incoming Accountable Person receive information that can genuinely be accepted.
04
Accountable Person acceptance support
Working with the incoming Accountable Person and their team to facilitate information acceptance at handover, reducing the risk of rejected transfers that delay occupation and trigger defect liability disputes.
What is at stake at each gateway
The cost of a gap at the wrong moment.
The consequences of inadequate building information under the gateway regime are programme consequences, not just compliance ones.
Rejected Gateway 2 application
A Regulator refusal or request for further information at Gateway 2 stops the clock on your build consent and delays the start of principal contractor works.
Delayed Completion Certificate
Gateway 3 cannot be passed without an accepted golden thread. Every day without a Completion Certificate is a day you cannot legally allow occupation.
Rejected handover
If the incoming Accountable Person refuses to accept the golden thread, the developer retains liability for it until the transfer is completed.
Post-occupation liability
Information gaps that are not identified at handover do not disappear. They resurface as enforcement findings or insurance conditions against the asset's future value.
Lender and funder exposure
Development finance and forward purchases increasingly include building safety information as a condition of drawdown and completion.
How we work
Verification that keeps your programme moving.
1
Gateway position review
We confirm your programme timeline, gateway stage and current information position to scope the right intervention.
2
Information audit
An independent review of your building information package against the Regulator's submission requirements for that gateway.
3
Gap closure
Missing information identified, recovery actions assigned and tracked, and CDE structure aligned to handover requirements.
4
Verification sign-off
Written assurance that the golden thread package is complete, structured and ready for Regulator submission or Accountable Person acceptance.
Approaching a gateway?
Tell us your programme position and we will tell you exactly where your information package stands and what it needs before submission.
Independent verification across your supply chain. Every subcontractor record confirmed complete, traceable and handover-ready — so gaps are closed before practical completion, not discovered after it.
The principal contractor's information obligation.
As principal contractor on a higher-risk building, you are responsible for the building information created by your supply chain. That includes ensuring that every subcontractor captures their records at the right level of detail, in a format the developer and eventual Accountable Person can accept, and that nothing is missing at practical completion.
In practice, that obligation falls across dozens of specialist subcontractors, each with different levels of record-keeping maturity, using different formats, and working to deadlines that do not always align with information completeness. The gap only becomes visible when it is too late to close it without delay or dispute.
Where the risk sits
Information gaps surface at the worst possible moment.
A missing test certificate, an undocumented variation, a fire-stopping record that cannot be tied to the element it covers — each one is a gap that can prevent practical completion, delay Gateway 3, or create a defect liability that outlasts the contract.
Independent verification during construction and at final account is the protection a principal contractor needs: confirmation that the information package you are handing to the developer is genuinely complete, before it becomes your liability to remediate after occupation.
What we deliver
Supply chain verification, from appointment to handover.
01
Subcontractor information requirements review
An independent review of your supply chain information requirements and the mechanisms you have in place for capturing, verifying and aggregating subcontractor records into the principal golden thread — identifying systemic gaps before construction is complete.
02
Construction-phase record verification
Periodic, independent checks of subcontractor submissions against the information requirements for each trade and element, so gaps are identified and closed during the works rather than at practical completion.
03
Pre-handover completeness audit
A structured, element-by-element review of the full information package before handover to the developer — covering test certificates, as-installed drawings, O&M data, fire-stopping records and material certifications — confirming that what you are handing over can genuinely be accepted.
04
Defect and gap remediation support
Where records cannot be located, we work with your supply chain and their subcontractors to recover, reconstruct or re-certify, with a documented audit trail of what was done and why.
The trades where records matter most
Where information gaps carry the highest risk.
On a higher-risk building, some trades carry a disproportionate share of the golden thread obligation. These are the records the Regulator and Accountable Person will scrutinise first.
Fire stopping & compartmentation
Element-level photographic evidence, test certificates and third-party inspection records that can be tied to a specific location within the building.
Mechanical & electrical
As-installed drawings, commissioning records, test certificates and O&M manuals that match the installed system — not the specification.
Structural & facade
Materials certifications, installation records and as-built drawings that confirm what was actually built against what was specified and consented.
Insulation & fit-out
Product certifications, installation records and photographic evidence that confirm materials compliance for every element concealed during the works.
Fire doors & passive protection
Third-party inspection records, hardware certifications and installation evidence that the installed product matches the fire strategy.
How we work
Verification that protects your practical completion.
1
Programme review
We confirm your programme timeline, the trades on site and the current state of subcontractor information capture.
2
Supply chain audit
An independent check of subcontractor submissions by trade, identifying gaps and confirming which records are complete, incomplete or missing entirely.
3
Gap remediation
Missing records chased, recovered or reconstructed with your supply chain, with a documented trail of every action taken.
4
Handover verification
Written confirmation that the information package is complete and ready for developer acceptance — before practical completion, not after.
Approaching practical completion?
Tell us your programme and supply chain position, and we will confirm exactly what your information package needs before handover.
Due diligence on acquisition, verification of what you are being asked to accept at handover, and the ongoing assurance regime that keeps you compliant through operation. The information you inherit becomes your liability.
Acquisition due diligenceHandover acceptanceOngoing complianceIndependent & impartial
Overview
The moment you accept the asset, you accept the information.
Whether you are acquiring an existing higher-risk building or accepting handover of a newly completed one, the building information you receive at that moment becomes your compliance baseline. Any gaps, errors or missing records in what you inherit are now your obligation to hold, maintain and produce on request.
For institutional investors, fund managers and operators taking on a portfolio of higher-risk assets, the information risk can be material: incomplete golden threads, unresolved fire safety records or missing Safety Case documentation represent both a regulatory liability and a financial exposure that should be quantified before the transaction completes.
The operator's ongoing obligation
The golden thread does not stop at handover.
Once you are the Accountable Person, the obligation to maintain accurate and complete building information is continuous. Every planned maintenance activity, material change or variation to the building must be reflected in updated records. The golden thread you received at acquisition or handover is not a static archive — it is a live compliance position that evolves with the building.
We provide the assurance that your records stay current, structured and defensible through operation — not just at the point of transfer.
What we deliver
From acquisition to ongoing operation.
01
Pre-acquisition building information due diligence
An independent assessment of the building information position of an asset or portfolio before transaction completion — identifying gaps, quantifying the cost of remediation and confirming whether the records are in a condition that can be accepted and maintained as the new Accountable Person.
02
Handover acceptance review
Independent verification of the golden thread package you are being asked to accept at completion — confirming that it is complete, correctly structured and sufficient to support your ongoing compliance obligations before you sign off the transfer.
03
Post-acquisition gap remediation
Where records are incomplete or missing at the point of transfer, we recover, reconstruct and structure the outstanding information, creating a defensible baseline from which your ongoing compliance can be maintained.
04
Ongoing golden thread maintenance
Retainer-based support to keep your golden thread current through operation — capturing changes, updating records following planned maintenance and major works, and maintaining the Safety Case for each registered building.
05
Lender and insurer reporting
Independent assurance reports structured for lenders, insurers and investors who require evidence of compliant building information as a condition of finance, cover or valuation.
Who asks to see your records
The audiences your information must satisfy through operation.
As Accountable Person, your building information is a live obligation that is reviewed by a growing range of third parties across the operating life of the asset.
The Building Safety Regulator
Can request records at any point in the building's operating life and expects them to be current, structured and immediately accessible — not last updated at handover.
Insurers
Building and professional indemnity insurance is increasingly conditional on demonstrated compliance with golden thread obligations, reviewed at renewal and following claims.
Lenders & funders
Refinancing, valuation and covenant compliance increasingly depend on a quantified, evidenced building safety position, not a declaration.
Residents
The Act gives residents the right to request safety information and places direct engagement obligations on the Accountable Person throughout the period of operation.
Buyers & conveyancers
Fire-safety enquiries on sale and the ability to produce a complete golden thread directly affect transaction speed, value and the ability to dispose of the asset.
How we work
Assurance from acquisition through operation.
1
Asset review
We confirm the registration status, existing records position and any known compliance issues for the asset or portfolio.
2
Due diligence or handover audit
An independent review of the building information against the standard required for ongoing compliance as Accountable Person.
3
Gap remediation
Missing records recovered and structured into a compliant golden thread, with a documented audit trail of the work carried out.
4
Ongoing assurance
Retainer-based maintenance of your golden thread through operation, with periodic reporting for lenders, insurers and your board.
Acquiring an asset or accepting a handover?
Tell us about the asset and your timeline. We will confirm what the building information position looks like and what it will take to make it defensible.
