How does LogSmart help with audits?

LogSmart keeps tamper-proof digital records so audits are faster and easier.

Can I customize templates?

Yes. Use built-in templates or customize them to match your operation.

Data is stored securely in the cloud with access controls for your team.

Privacy Policy

Last updated: March 2026

1. Introduction

LogSmart.app ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital food safety and logging system.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By using LogSmart.app, you agree to the collection and use of information in accordance with this policy.

For the purposes of UK GDPR, LogSmart.app is the data controller for personal data processed through the Service.

2. Information We Collect

2.1 Personal Information

When you register for LogSmart.app, we collect:

Name and contact details (email address, phone number)
Company information (company name, registration number)
Company address and location details
Login credentials (username, encrypted password)
Role and permission settings within your organization

2.2 User-Generated Data

Through our service, we collect:

Food safety logs and compliance records
Temperature monitoring data
Inspection reports and audit trails
Staff schedules and time entries
Site-specific data for multi-location businesses
AI-generated templates and custom configurations

2.3 Automatic Data Collection

We automatically collect:

Device information (browser type, operating system)
IP address and location data
Usage statistics and analytics
Cookie data (see our Cookie Policy)
Access logs and security events

3. How We Use Your Information

We use the collected information for:

Providing and maintaining our food safety logging service
Authenticating users and managing access to your account
Processing and storing compliance records and audit logs
Enabling collaboration between team members and roles
Generating reports and analytics for your business
Improving our service through usage analysis
Sending service updates, security notices, and support communications
Complying with legal and regulatory obligations
Preventing fraud and ensuring security

4. Legal Basis for Processing (UK GDPR)

We process your personal data under the following legal bases:

Contract: Processing is necessary to provide our services to you
Legitimate Interests: Improving our service and ensuring security
Legal Obligation: Complying with food safety regulations and record-keeping requirements
Consent: For optional features where we request it

5. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

Within your organization: Authorized team members based on their roles and permissions
Service providers: Trusted third parties who assist us in operating our service (cloud hosting and infrastructure)
Legal requirements: When required by law or to protect our rights
Business transfers: In connection with a merger, acquisition, or sale of assets

All third-party processors are bound by data processing agreements and GDPR compliance requirements.

Our current infrastructure providers include Cloudflare (Workers) and Oracle Cloud VPS for hosting and application infrastructure.

6. Data Storage and Security

Your data is stored securely on our Cloudflare Workers and Oracle Cloud VPS infrastructure with:

Encryption in transit (TLS/SSL)
Encryption at rest
Regular security updates and monitoring
Access controls and authentication requirements
Regular backups and disaster recovery procedures

We retain your data only as long as necessary to provide our services and comply with legal obligations.

7. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy. Typical retention periods include:

Account data: Kept while your account is active and for up to 12 months after closure
Food safety logs and compliance records: Kept for up to 6 years to meet regulatory record-keeping requirements
Support communications: Kept for up to 24 months for service quality and dispute resolution
Security logs: Kept for up to 12 months for security monitoring and incident response

After these periods, data is securely deleted or anonymized unless you request earlier deletion or we are required by law to retain it longer.

8. Your Data Protection Rights (UK GDPR)

You have the following rights regarding your personal data:

Right of access: Request copies of your personal data
Right to rectification: Request correction of inaccurate data
Right to erasure: Request deletion of your data ("right to be forgotten")
Right to restrict processing: Request limitation of data processing
Right to data portability: Request transfer of your data to another service
Right to object: Object to processing of your data
Right to withdraw consent: Withdraw consent at any time

To exercise these rights, please contact us at team@logsmart.app

9. International Data Transfers

LogSmart.app operates from Plymouth, UK. Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for any international transfers, including Standard Contractual Clauses approved by the UK government. Cloudflare and Oracle may process data in multiple regions depending on service configuration and resilience needs.

10. Cookies

We use a single essential authentication cookie to keep you signed in and secure. We do not use analytics or marketing cookies. See our Cookie Policy for details.

11. Marketing Communications

We do not currently send marketing communications. If this changes, we will update this policy and provide you with appropriate opt-in choices.

11. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects for individuals.

12. Children's Privacy

Our service is intended for business users and is not directed to children. We do not knowingly collect personal information from children. If you become aware that a child has provided us with data, please contact us and we will take steps to delete such information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: team@logsmart.app
Address: LogSmart.app, Plymouth, United Kingdom

You also have the right to complain to the Information Commissioner's Office (ICO) if you are concerned about how we handle your personal data.