Privacy Policy
Last updated: 11 June 2026
SafeServe Kitchen is a food safety compliance app for UK food businesses. This policy explains what data we collect, how we use it, and your rights under UK data protection law (UK GDPR).
1. Who We Are
SafeServe Kitchen is operated by SafeServe Group. If you have any questions about this policy, please contact us at contact@safeservesolutions.co.uk.
2. What Data We Collect
We collect only the data needed to provide the food safety compliance service. This includes:
- Account information — your name and email address, used to create and manage your login.
- Business information — your restaurant or food business name and location.
- Food safety records — data you enter into the app, including temperature logs, cleaning records, delivery records, staff training records, allergen information, and any other compliance records you create.
- Staff names — names entered when logging checks or signing off tasks. We do not collect staff email addresses or any other personal details.
- Crash and error reports — if the app crashes or encounters an error, we automatically collect technical information about the crash (device type, app version, error details). This is used solely to fix bugs. We use Sentry for this purpose and strip any personal identifiers before the report is sent.
3. How We Use Your Data
We use the data we collect to:
- Provide and maintain the SafeServe Kitchen app and portal
- Display your compliance history, reports, and audit trail
- Send you important notifications about the service (e.g. account or billing issues)
- Diagnose and fix technical problems using crash reports
- Comply with our legal obligations
We do not use your data for advertising, and we do not sell your data to any third party.
4. Legal Basis for Processing
We process your data on the following legal bases under UK GDPR:
- Contract — processing is necessary to provide the service you have subscribed to.
- Legitimate interests — crash reporting and error monitoring, to maintain a reliable and secure service.
- Legal obligation — where we are required to retain records by law.
5. Data Storage and Security
Your data is stored securely using Supabase, a cloud database provider. Data is encrypted in transit (TLS) and at rest. Access is restricted by Row Level Security policies so that each business can only access their own records.
Crash reports are processed by Sentry (sentry.io). Personal identifiers are removed before any crash data is transmitted. Sentry's privacy policy is available at sentry.io/privacy.
6. Data Retention
We retain your data for as long as your account is active. Food safety records are retained for a minimum of 3 years, which aligns with UK food safety regulatory guidance. If you close your account, we will delete your personal data within 30 days, except where we are required by law to retain it longer.
7. Sharing Your Data
We do not share your personal data with third parties except:
- Service providers — Supabase (data storage) and Sentry (crash reporting), who act as data processors under our instruction.
- Legal requirements — if we are required to disclose data by law, court order, or regulatory authority.
8. Your Rights
Under UK GDPR, you have the right to:
- Access — request a copy of the personal data we hold about you.
- Correction — ask us to correct inaccurate data.
- Deletion — ask us to delete your personal data (subject to legal retention requirements).
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interests.
- Restriction — ask us to restrict how we process your data in certain circumstances.
To exercise any of these rights, please contact us at contact@safeservesolutions.co.uk. We will respond within 30 days.
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
9. Children's Privacy
SafeServe Kitchen is a business-to-business service intended for use by food businesses and their staff. It is not directed at children under the age of 13. We do not knowingly collect personal data from children.
10. Changes to This Policy
We may update this policy from time to time. If we make material changes, we will notify you via the app or by email. The date at the top of this page will always reflect the most recent version.
11. Contact Us
For any privacy-related queries, please contact: