top of page

DeeDee Privacy Policy

Last updated: 23rd May 2026
Effective date: 23rd May 2026

 

1. About this policy

This Privacy Policy explains how DeeDee App Ltd (“DeeDee”, “we”, “us”, “our”) collects, uses, stores and protects personal data when you use our website, mobile applications, web dashboard, and related services (together, the “Service”).

DeeDee is a digital compliance, operational management and due diligence platform designed for businesses across hospitality, leisure, retail, facilities management, sports venues and other operational environments.

This Privacy Policy is intended to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Where DeeDee provides the Service to a business customer, that business may act as the data controller for operational records entered into the platform by its staff, and DeeDee may act as a data processor on the customer’s behalf.

We are the data controller for the personal data we hold directly about you. Our details are:

• Company: DeeDee App Ltd
• Registered in: England and Wales
• Company number: 16367743
• Registered office: 12 Woodland View, Dore, Sheffield, S17 3LA
• Contact: Directors@deedeeapp.com

If you have any questions about this policy or how we handle your data, please contact us using the details above.

2. The data we collect

We collect and process the following categories of personal data:

Account information — your full name, email address, password (stored in hashed form), user role, business or company name, and optional profile picture.

Company and venue information — company name, addresses, contact details, business type, operating hours and company logo.

 

Compliance and operational data — temperature logs, checklists, incident reports, supplier records, document uploads, training records and related notes or photographs uploaded into the Service. This may include incidental personal data relating to employees or contractors.

 

Payment information — if you take out a paid subscription via our web dashboard, payment is processed by Stripe. We do not store your full payment card details. We retain billing and invoice information for accounting and tax purposes.

 

Technical and usage data — IP addresses, device information, operating system, app version, login activity, usage analytics, and diagnostic logs. Offline app usage may temporarily store data locally on the device until synchronisation occurs.

 

Special category data — in limited circumstances, users may enter special category personal data into the Service where necessary for food safety, workplace safety, or legal compliance purposes (for example, staff illness records or accident information). Where this occurs, processing is carried out only where necessary for employment, health and safety, public health, or legal compliance obligations under applicable UK data protection law.

 

3. How we use your data and our legal bases

We use personal data for the following purposes and lawful bases:

 

• To provide the Service, including account creation, authentication, record management and operational functionality — performance of a contract.
• To process payments and manage subscriptions — performance of a contract and compliance with legal obligations.
• To help customers manage compliance, operational due diligence, workplace safety and record-keeping obligations — performance of a contract and legitimate interests.
• To send service-related communications, security notifications and important updates — legitimate interests.
• To improve, maintain, secure and troubleshoot the Service — legitimate interests.
• To comply with legal obligations, including responding to lawful requests from regulators or law enforcement authorities.

 

Where we rely on legitimate interests, we assess that our interests are not overridden by your rights and freedoms. You may object to such processing at any time.

 

4. Who we share data with

We do not sell personal data. We share it only where necessary with:

 

• Other authorised users within your organisation, in line with role-based permissions.
• Service providers and processors acting on our behalf, including:
  ◦ eukhost Ltd (UK hosting provider)
  ◦ Stripe (payment processing)
  ◦ Email, analytics, monitoring and infrastructure providers required to operate the Service
• Professional advisers including lawyers, accountants and insurers.
• Regulators, courts, law enforcement or government authorities where required by law.
• Potential acquirers or investors in connection with a merger, acquisition, restructuring or financing event.

All processors are subject to written contractual obligations requiring them to protect personal data appropriately.

5. International transfers

Our primary hosting infrastructure is located within the United Kingdom.

 

Some service providers (such as Stripe and certain analytics or infrastructure providers) may process or transfer personal data outside the UK. Where this occurs, we rely on appropriate safeguards such as:

• UK adequacy regulations
• The UK International Data Transfer Agreement (IDTA)
• The UK Addendum to the EU Standard Contractual Clauses

 

to ensure personal data remains adequately protected.

6. How long we keep your data

We retain personal data only for as long as necessary for the purposes described in this policy:

 

• Compliance and operational records — typically retained for 4–5 years in line with operational, health and safety, food safety and general due diligence record-keeping expectations.
 

• Account information — retained for the life of the account and for a reasonable period afterwards.
 

• Audit logs and technical records — generally retained for up to 12 months.
 

• Billing and tax records — retained for at least 6 years as required by UK law.

 

Following account closure or deletion requests, certain information may remain temporarily within secure backups before permanent deletion or anonymisation.

 

Where accounts remain inactive or unpaid for extended periods, we may suspend or delete access in accordance with our Terms and Conditions and retention obligations.

 

7. Your rights

 

Under UK data protection law, you have the right to:

• Access personal data we hold about you
• Request correction of inaccurate or incomplete data
• Request deletion of your data
• Restrict processing in certain circumstances
• Request portability of applicable data
• Object to processing based on legitimate interests
• Withdraw consent where consent is relied upon

 

To exercise any of these rights, contact Directors@deedeeapp.com.

 

We may request proof of identity before responding to requests. We will normally respond within one month.

 

You also have the right to complain to the Information Commissioner’s Office (ICO):

Website: https://ico.org.uk
Telephone: 0303 123 1113

 

8. Security

We implement appropriate technical and organisational measures designed to protect personal data, including:

 

• Encryption of data in transit (TLS/HTTPS)
• Encryption at rest where supported by infrastructure
• Role-based access controls
• Secure password hashing and session management
• Restricted internal administrative access
• Monitoring and logging of critical systems where appropriate
• Regular backups and recovery procedures
• Standard server and infrastructure security practices

 

While no online service can guarantee absolute security, we continuously work to protect data using appropriate technical and organisational safeguards.

 

If a personal data breach occurs that is likely to affect your rights and freedoms, we will notify affected individuals and the ICO where legally required.

9. Children

The Service is intended for businesses and their staff and is not directed at children under 16.

We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us so we can remove it.

 

10. Cookies and similar technologies

The DeeDee mobile app may use local device storage to support offline functionality and maintain sign-in sessions.

The DeeDee web dashboard uses strictly necessary cookies and session technologies required for authentication and operation of core features.

Where non-essential cookies or analytics technologies are used, we will request consent through an appropriate cookie banner.

11. Third-party links

The Service may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties and we encourage you to review their own privacy notices before providing any personal data.

12. Changes to this policy

We may update this Privacy Policy from time to time.

Where material changes are made, we may notify users through the Service or by email before changes take effect.

The “Last updated” date at the top of this policy indicates when this document was last revised.

13. Contact us

If you have questions, requests, complaints or security concerns relating to this Privacy Policy or our handling of personal data, please contact:

DeeDee App Ltd
12 Woodland View, Dore, Sheffield, S17 3LA
Email: Directors@deedeeapp.com

Logo.jpg

The UK's latest HACCP compliance solution for commercial kitchens, restaurants, and catering operations. Professional food safety management made simple.

Kitchen Solutions

HACCP Compliance

Temperature Monitoring

Mobile Kitchen App

Pricing Plans

Support

Contact Support

Help Centre

Video Tutorials

Implementation Guide

Training Resources

Contact

hello@deedeeapp.com

DeeDee App Ltd

12 Woodland View

Dore

Sheffield

S17 3LA

Privacy Policy

Terms & Conditions

© 2026 by DeeDee App Website. All rights reserved.

bottom of page