Privacy Policy

This Privacy Policy explains how LogYou App ("we", "us", "our") collects, uses, stores and protects personal information when you use the LogYou.app website, mobile app and related services (together, the "Service"). We are the data controller of personal data we collect about you.

Contact: hello@logyou.app

• Account information: name, email, password (hashed), role, sites you belong to.
• Operational records: the temperature, checklist, fire-safety, probe, risk-assessment, alcohol-training and refusal entries you log.
• Payment information: billing details handled by our payment processor (Stripe). We never see your full card number.
• Device & technical data: IP address, browser type, operating system, push notification token.
• Usage data: pages visited, actions taken, timestamps, for product improvement and audit purposes.
• Communications: messages you send us via the contact form, email or support channels.

• To provide, operate and maintain the Service.
• To authenticate users and protect your account.
• To process subscription payments and send invoices.
• To send transactional emails (account, billing, password resets) and push notifications for tasks due.
• To improve and develop new features.
• To comply with legal obligations (food-safety record retention, accounting, fraud prevention).
• To respond to your enquiries.

Our legal bases include performance of contract, our legitimate interests in running and improving the Service, compliance with legal obligations, and your consent (where required, e.g. push notifications).

We do not sell your personal data. We share data only with trusted processors required to deliver the Service:

• Hosting & database: Supabase (data hosted in the EU/UK region).
• Payments: Stripe Payments Europe Ltd.
• Email delivery: our transactional email provider for account and billing emails.
• Push notifications: Apple Push Notification service and Google Firebase Cloud Messaging.
• Analytics & error monitoring: privacy-respecting providers configured to anonymise IPs where possible.

We may also disclose information if required by law, court order, or to protect our rights and the safety of users.

We keep operational compliance records for as long as you are a customer plus the period required by UK food-safety, fire-safety and tax law (typically up to 6 years). Account data is kept while your account is active and for a short period after closure to handle billing disputes and legal claims. You can request earlier deletion subject to our legal retention duties.

Where data is transferred outside the UK or EEA, we rely on appropriate safeguards such as UK International Data Transfer Agreements or Standard Contractual Clauses with our processors.

We use industry-standard measures including TLS encryption in transit, encryption at rest, role-based access control, row-level security policies in the database, regular backups, and least-privilege administrative access. No method of transmission over the internet is 100% secure but we take protection seriously and will notify you and the ICO as required if a breach occurs.

You have the right to:

• Access a copy of your personal data.
• Rectify inaccurate data.
• Request erasure (subject to our retention duties).
• Restrict or object to processing.
• Data portability.
• Withdraw consent (e.g. push notifications) at any time.
• Complain to the UK Information Commissioner's Office (ico.org.uk).

To exercise any of these rights, email hello@logyou.app.

We use cookies and similar technologies that are strictly necessary to keep you signed in and to remember your preferences. We do not use third-party advertising cookies. Browser settings allow you to block cookies but doing so will limit core features.

The Service is intended for adults working in hospitality businesses. Users handling alcohol-training records must be 18 or over.

We may update this policy from time to time. Material changes will be notified to you by email or in-app notice.

Questions about this policy or your data? Email hello@logyou.app.