Skip to main content

Privacy Policy

Last updated: 4 April 2026

This document explains how Audentry Ltd handles personal data across the website, demo enquiries, customer onboarding, user accounts, support, and the Audentry platform. It also explains when Audentry acts as a controller and when it acts as a processor on behalf of customer organisations.

1. Who we are

Audentry Ltd is a company registered in the United Kingdom.

Audentry provides food safety and compliance record software for hospitality businesses.

If you have any questions about this Privacy Policy or about how we handle personal data, you can contact us at support@audentry.com.

2. About this Privacy Policy

This Privacy Policy explains how Audentry Ltd collects, uses, stores and shares personal data:

  • when you visit our website;
  • when you submit a demo enquiry;
  • when we onboard a customer;
  • when invited users are added to Audentry;
  • when authorised users log in and use the Audentry platform; and
  • when you contact us for support.

It also explains when Audentry acts as a data controller and when Audentry acts as a data processor on behalf of customer organisations.

3. When Audentry acts as a controller

Audentry acts as a controller for personal data we use for our own business purposes, including:

  • handling demo enquiries;
  • customer onboarding and account administration;
  • sending invitations and password reset emails;
  • managing authorised access to the platform;
  • handling support requests;
  • maintaining necessary service communications; and
  • complying with our legal, regulatory and contractual obligations.

4. Personal data we collect as controller

4.1 Demo enquiries

When you complete our demo form, we collect company name, full name, work email address and phone number. We use this information to contact you about your request, arrange and deliver a demo, and respond to your enquiry.

4.2 Customer onboarding and invite setup

When a customer signs up to Audentry, we may collect customer company name, store or site names, names of admin users, admin email addresses, names of store users and store user email addresses. We use this information to set up the customer account structure, create or prepare authorised access, and send invitation links from within the Audentry platform.

Where we receive your details from your employer or another authorised customer contact rather than directly from you, we provide privacy information through the invitation process and related account activation flow.

4.3 Account and login data

When an Audentry user account is created and used, we collect and process name, work email address, store or site association, role or access level, authentication credentials including securely hashed passwords, and password reset related data where applicable. We use this information to create and manage user accounts, authenticate users, provide password resets, and maintain access control within the platform.

4.4 Support communications

If you contact us for support, we may collect your name, your registered email address, company or site details relevant to your request, the contents of your message, and any screenshots or attachments you choose to send. We use this information to respond to support requests, troubleshoot issues, and maintain service quality.

4.5 Service emails

We use your registered contact details to send necessary service communications, such as invitation emails, password reset emails and account or service related messages. We do not currently use your personal data for a marketing newsletter.

5. When Audentry acts as a processor

Audentry also processes personal data on behalf of customer organisations when they use the platform to create, manage and store operational records.

In relation to that customer entered operational data, the relevant customer organisation is generally the controller, and Audentry acts as the processor providing the software and related services on that customer’s instructions.

If you are a store user or employee whose details appear in records entered by your employer, your employer or organisation is normally responsible for deciding why that data is collected and for identifying the appropriate lawful basis for that processing.

6. Customer operational data processed through Audentry

Depending on how a customer uses Audentry, records entered into the platform may include:

  • temperature records;
  • opening and closing checklists;
  • cleaning logs;
  • equipment checks;
  • store visit records;
  • accident at work records;
  • return to work records;
  • allergen incident records;
  • foreign body incident records;
  • staff initials;
  • comments entered into records; and
  • timestamps, store identifiers and user linked audit information associated with those records.

Although a customer may intend to use initials only, initials and related record information may still identify an individual in context and can therefore amount to personal data.

Customers are responsible for deciding what information they enter into Audentry and for ensuring that they have an appropriate legal basis, and where necessary any additional legal condition, for any personal data or special category data they choose to process through the platform.

Audentry does not currently allow image uploads through the app.

7. Our lawful bases as controller

Where Audentry acts as controller, we rely on the following lawful bases as appropriate:

7.1 Legitimate interests

We may process personal data where it is necessary for our legitimate interests, including to respond to demo requests, onboard customer organisations and invited users, manage account administration, provide support, protect and operate our service, and send necessary service communications.

7.2 Contract

We may process personal data where it is necessary to perform a contract with a customer, or to take steps connected with providing the Audentry service and authorised platform access.

7.3 Legal obligation

We may process personal data where necessary to comply with legal or regulatory obligations, lawful requests, or to establish, exercise or defend legal claims.

8. Who we share personal data with

We may share personal data, where necessary, with:

  • our hosting and infrastructure providers;
  • our email delivery and communications providers;
  • our business email and domain related providers;
  • professional advisers;
  • regulators, courts, law enforcement or public authorities where required; and
  • customer organisations where this is part of providing the Audentry service.

Our current live production providers include Railway for hosting and database infrastructure, Resend for invitation and email delivery services, and GoDaddy for business email and related services.

9. International transfers

Audentry uses service providers that may process personal data outside the United Kingdom. Where personal data is transferred internationally, we take steps intended to ensure that appropriate safeguards are in place under applicable data protection law.

Our current Railway application and database region is configured in Amsterdam, Netherlands. Even where services are configured in Amsterdam, provider groups, support operations, legal entities or subprocessors may involve processing outside the UK.

10. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, unless a longer period is required by law, regulation, dispute handling or legal claims.

Our current retention periods are:

  • demo enquiries: up to 1 month;
  • invite details and unused invite links: up to 15 days, after which the link expires and a new request must be made;
  • support emails and support attachments: up to 6 months;
  • account and customer setup data: while the account remains active, and generally for up to 3 months after closure or deactivation in case the customer wishes to return;
  • customer operational records: between 6 months and 5 years depending on the record type and legal or operational requirements while the customer account remains active; and
  • closed customer data: generally deleted within 3 months after closure or deactivation, unless a longer period is required by law or for legal claims.

11. Security

We take reasonable technical and organisational steps to protect personal data against unauthorised access, loss, misuse or alteration.

For example, account passwords are stored in securely hashed form rather than readable plain text.

However, no system can be guaranteed to be completely secure, and you should also help protect your account by keeping login credentials confidential and using secure devices and networks.

12. Cookies and similar technologies

Audentry currently uses cookies or similar technologies that are necessary to operate authenticated user sessions in the app.

We do not currently use non essential analytics or marketing cookies on the website or app based on the current setup described above. If that changes, we will update this Privacy Policy and implement any consent mechanism required by law before using non essential cookies.

13. Your rights

Where Audentry acts as controller, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate personal data;
  • request erasure of your personal data in some circumstances;
  • request restriction of processing in some circumstances;
  • object to certain processing in some circumstances; and
  • request portability of certain personal data in some circumstances.

These rights are not absolute and may depend on the legal basis and the specific processing involved.

If Audentry is processing personal data only on behalf of a customer organisation as processor, we may need to direct your request to that customer organisation, or ask you to contact them directly, because they are usually the controller for that data.

14. Complaints

If you have a concern about how we use personal data, please contact us first at support@audentry.com.

You also have the right to complain to the UK Information Commissioner’s Office (ICO).

15. How we provide this notice

We make this Privacy Policy available on our website and intend to link to it wherever personal data is collected, including on relevant enquiry, invite, login and registration journeys.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to Audentry, our services, our providers, or legal requirements.

The latest version will always be made available through our website or service.

17. Contact

Audentry Ltd

Email: support@audentry.com