CompliChef™ Privacy Policy

Last updated: 6 December 2025

This Privacy Policy explains how CompliChef™ (a trading name of Nicholas Richards) collects, stores, and uses your personal data across the Portal, KitchenPortal, StaffPortal, and RecruitPortal.

---

1. Who We Are

CompliChef™ is operated by Nicholas Richards in the United Kingdom. Contact: privacy@complichef.co.uk

2. Data We Collect

• Account details (name, email, organisation, password — hashed)
• Compliance data (logs, checklists, training, temperature data)
• Recruitment data (job ads, applications, notes)
• Billing data (via third-party providers like PayPal)
• Technical/usage data (IP address, browser, device, activity)

3. How We Use Your Data

• To provide access to all CompliChef™ platforms
• To generate HACCP and compliance reports
• To process payments, subscriptions and credits
• To support business operations and customer service
• To improve platform performance and security

4. Legal Basis

• Contractual necessity (your subscription)
• Legitimate interests (platform security & improvement)
• Legal obligations (billing records)
• Consent (marketing emails)

5. Data Retention

We keep data only as long as necessary to deliver services, meet compliance requirements, and fulfil legal obligations (such as tax).

6. Data Sharing

We share data only with trusted third-party providers such as:

• Hosting & infrastructure
• Payment processors
• Email services
• Error monitoring & analytics

7. Security

All data is encrypted in transit (HTTPS), stored securely, and access-controlled. No system is 100% secure — users must also protect their account credentials.

8. Your Rights (UK GDPR)

• Right to access
• Right to correction
• Right to deletion (when applicable)
• Right to data portability
• Right to object
• Right to withdraw consent

9. Cookies

CompliChef uses cookies for authentication, session security and usage analytics.

10. Recruitment Data

If you use CompliChef Recruit, you act as the **data controller** for candidate data. We process that data on your behalf as a **data processor**.

11. Updates to This Policy

We may update this Privacy Policy periodically. Continued use of the platform means acceptance of updated terms.

12. Contact

Questions or requests? Email: privacy@complichef.co.uk