← Back to EHO App

1. Who We Are and Our Role

EHO App is operated by EHOapp ("we", "us", "our").

Under UK GDPR, our role depends on the type of data:

• Data Controller: We are the controller for venue owner account data, email addresses, and payment information — data we collect directly to provide the service.
• Data Processor: For data entered by the venue into the app (staff names, compliance records, fitness-to-work logs, equipment details), the food business is the Data Controller and EHOapp acts as Data Processor, processing this data on the venue's behalf and according to their instructions.

Our obligations as a Data Processor are set out in the Data Processing section of our Terms of Service.

Contact: support@ehoapp.com

2. What Data We Collect

We collect only the data necessary to operate the service:

Data	Purpose	Basis
Email address	Account creation, authentication, transactional emails	Contract
Venue/business name	Identifying your premises within the app	Contract
Staff names	Attributing compliance records to individuals	Contract
Compliance records	Core service — food safety record keeping	Contract
Equipment details	Temperature monitoring (fridge/freezer/hot-hold names)	Contract
Supplier and dish names	Allergen and delivery record keeping	Contract
Bank account details (via GoCardless)	Direct Debit payment processing	Contract

We do not collect:

• Browsing or analytics data — we use no tracking scripts, pixels, or analytics tools
• Cookies — the app does not set any cookies. Firebase Auth uses browser local storage for session tokens, and the app may cache compliance data locally for offline functionality. This data remains on your device and is synced to Firestore when a connection is restored.
• Location data
• Device identifiers or advertising IDs

3. How We Use Your Data

Your data is used solely to provide and operate the EHO App service:

• Creating and managing your account
• Storing and displaying your compliance records
• Processing subscription payments
• Sending transactional emails (verification, password reset, staff invitations)

We do not use your data for marketing, profiling, or automated decision-making. We will never send unsolicited marketing emails.

4. Legal Basis for Processing

Under UK GDPR, we process your personal data on the following bases:

• Contract performance (Article 6(1)(b)) — processing necessary to deliver the service you signed up for
• Legal obligation (Article 6(1)(c)) — where required by law (e.g. tax records for payment transactions)
• Legitimate interest (Article 6(1)(f)) — service security, fraud prevention, and responding to support requests

5. Special Category Data (Health Data)

EHO App includes a "fitness to work" check that may involve recording whether staff members have symptoms of illness (e.g. vomiting, diarrhoea). Under UK GDPR Article 9, health data is classified as Special Category Data and is subject to stricter processing rules.

As Data Processor, EHOapp hosts this data on behalf of the venue. The venue (as Data Controller) is solely responsible for:

• Ensuring they have a lawful basis to record staff health data (typically "necessary for reasons of public interest in the area of public health" under Article 9(2)(i), or "necessary for carrying out obligations in the field of employment" under Article 9(2)(b))
• Informing their staff about what health data is being recorded and why
• Handling any data subject access requests from their staff relating to this data

EHOapp does not access, analyse, or share fitness-to-work data beyond securely storing it on the venue's behalf.

6. Third-Party Services

We share data only with the following services, strictly as necessary to operate the app:

Service	Purpose	Data Shared	Location
Google Firebase (Authentication & Firestore)	User authentication and data storage	Email, venue data, compliance records	EU (europe-west)
GoCardless	Direct Debit payment processing	Bank details (collected directly by GoCardless)	UK/EU
Resend	Transactional email delivery	Email address, email content	US (EU-US Data Privacy Framework)

We do not sell, rent, or trade your personal data to any third party. We do not share data with advertisers, data brokers, or social media platforms.

7. Data Storage and Security

Your data is stored in Google Cloud Firestore with the following protections:

• Encryption in transit (TLS) and at rest
• Firestore security rules restrict access — users can only read/write their own venue data
• Firebase Authentication manages credentials (passwords are hashed, never stored in plain text)
• Cloud Functions run in a secured environment with secret management for API keys

8. Data Retention

• Free plan: Compliance records older than 90 days are automatically deleted nightly. Open corrective actions are never deleted regardless of age.
• Pro plan: All records are preserved from your upgrade date onwards for the duration of your subscription.
• After cancellation: Your data remains on the free plan. The 90-day retention policy applies going forward.
• Account deletion: Upon request, we will permanently delete your account and all associated data within 30 days. This action is irreversible.

9. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Rectification — request correction of inaccurate data
• Erasure — request deletion of your data ("right to be forgotten")
• Portability — receive your data in a structured, machine-readable format (CSV export is available on the Pro plan)
• Restriction — request that we limit processing of your data
• Objection — object to processing based on legitimate interest

To exercise any of these rights, contact us at support@ehoapp.com. We will respond within 30 days.

10. Young Workers

EHO App is designed for food business operators and their staff. We do not directly collect data from children.

In the UK hospitality industry, individuals under 16 may be employed for light duties and could use the app to log compliance tasks. Where an employer provisions a staff account for an individual under 16, the employer (as Data Controller) is responsible for ensuring they have appropriate lawful basis and any necessary parental or guardian consent for that individual's use of the service.

11. International Transfers

Your core data is stored in Firebase's EU region (europe-west). Transactional emails are processed by Resend, which operates under the EU-US Data Privacy Framework. GoCardless processes payments within the UK/EU.

Where data is transferred outside the UK, we ensure appropriate safeguards are in place as required by UK GDPR.

12. Data Breaches

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

• Notify the Information Commissioner's Office (ICO) within 72 hours
• Notify affected users without undue delay
• Document the breach and remedial actions taken

13. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office:

ICO: ico.org.uk/make-a-complaint
Helpline: 0303 123 1113

14. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via the app or email. The effective date at the top of this page indicates when the policy was last updated.

15. Contact

For privacy-related questions or to exercise your data rights:

Email: support@ehoapp.com
Website: ehoapp.com