Privacy Policy

Effective date: 29 April 2026 | Version: 1.1

BHACCP is committed to protecting your privacy. This document explains how we collect, use, and safeguard your data when you use the BHACCP mobile application and web service.

1. Data We Collect

Account data: username, email address (@bhaccp.ba), PIN code (stored in hashed form)
Business data: name of food establishment, address
HACCP records: all data you enter (temperatures, cleaning logs, health inspections, visitor records, etc.)
Technical data: device type, operating system, IP address (for security purposes)
Usage data: login timestamps, completed records

2. How We Use Your Data

Providing the digital HACCP record-keeping service
Generating PDF inspection reports
Sending daily reminder push notifications
Managing your subscription and account
Improving application quality and customer support
Fulfilling legal obligations

We never sell, rent, or share your data with third parties for commercial purposes.

3. Data Storage and Security

Your data is stored on secure cloud infrastructure provided by Supabase (SOC 2 Type II certified), with encryption in transit (TLS 1.2+) and at rest (AES-256). Servers are located in EU data centres (Frankfurt, Germany) in compliance with GDPR requirements.

4. Payments

Subscription payments are processed by Paddle (Paddle.com, Inc.), acting as the Merchant of Record. BHACCP does not store credit card or banking details. All financial data is handled exclusively within Paddle's secure, PCI DSS-compliant environment.

5. Your Rights (GDPR)

Right of access: request a copy of all your data
Right to rectification: request correction of inaccurate data
Right to erasure: request deletion of your account and all associated data
Right to portability: receive your data in a machine-readable format
Right to object: object to certain forms of data processing

To exercise your rights, contact us at: bhaccp@gmail.com

6. Push Notifications

BHACCP sends push notifications solely for daily reminders to complete food safety records. You can disable notifications at any time through the app settings or your device settings.

7. Cookies

The BHACCP mobile application does not use cookies. We do not use user-behaviour tracking tools that share data with third parties.

8. Changes to This Policy

We will notify you of significant changes via email or in-app notification. Continued use of the application constitutes acceptance of the updated policy.

9. Supervisory Authority

You have the right to lodge a complaint with the Personal Data Protection Agency of Bosnia and Herzegovina (AZLP).

Privacy Contact

BHACCP
Email: bhaccp@gmail.com
Web: pantzolabs.com/bhaccp