Privacy Policy

Last updated: 21 January 2026

This Privacy Policy explains how CompliChef™ (a trading name of Nicholas Richards) collects, stores, and uses your personal data across the Portal, KitchenPortal, StaffPortal, and RecruitPortal.

1. Who We Are

CompliChef™ is operated by Nicholas Richards in the United Kingdom.
Contact: privacy@complichef.co.uk

2. Data We Collect

  • Account details (name, email, organisation, password — hashed)
  • Compliance data (logs, checklists, training, temperature data)
  • Recruitment data (job ads, applications, notes)
  • Billing data (via third-party providers like PayPal)
  • Technical/usage data (IP address, browser, device, activity)

3. How We Use Your Data

  • To provide access to all CompliChef™ platforms
  • To generate HACCP and compliance reports
  • To process payments, subscriptions and credits
  • To support business operations and customer service
  • To improve platform performance and security

4. Legal Basis

  • Contractual necessity (your subscription)
  • Legitimate interests (platform security & improvement)
  • Legal obligations (billing records)
  • Consent (marketing emails)

5. Data Retention & Regulatory Obligations

We retain personal data only for as long as necessary to provide our services, meet contractual commitments, and comply with legal and regulatory obligations.

Certain categories of data — including compliance logs, HACCP records, temperature logs, training records, audit history, and account activity — may be retained after account closure where required for:

  • UK food safety and regulatory requirements
  • Responding to lawful requests from authorities (e.g. EHOs, FSA, police)
  • Legal claims, dispute resolution, or enforcement matters

Account deletion does not automatically erase data that must be retained by law.

6A. Disclosure to Regulatory & Law Enforcement Authorities

We may disclose relevant data where required to do so by law, court order, or lawful request from regulatory or enforcement authorities.

Such disclosures are limited to what is legally required and are logged for accountability. We do not provide informal, unauthorised, or voluntary access to customer data.

7. Security

All data is encrypted in transit (HTTPS), stored securely, and access-controlled. No system is 100% secure — users must also protect their account credentials.

8. Your Rights (UK GDPR)

  • Right to access
  • Right to correction
  • Right to deletion (subject to legal, regulatory, and contractual retention obligations)
  • Right to data portability
  • Right to object
  • Right to withdraw consent

9. Cookies

CompliChef uses cookies for authentication, session security and usage analytics.

10. Recruitment Data

If you use CompliChef Recruit, you act as the data controller for candidate data. We process that data on your behalf as a data processor.

11. Updates to This Policy

We may update this Privacy Policy periodically. Continued use of the platform means acceptance of updated terms.

12. Contact

Questions or requests?
Email: privacy@complichef.co.uk