This privacy policy explains how AquaAssure collects, uses, and protects your personal data. AquaAssure is operated by Danny Andrews, based in Liverpool, United Kingdom. All data is hosted on UK servers and processed in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
What we collect
When you use AquaAssure, we collect the information you provide directly: your name, email address, organisation name, and the operational data you record (water test readings, equipment maintenance logs, incident reports, sign-offs). We also collect basic technical information such as your IP address, browser type, and access timestamps for security and diagnostic purposes.
How we use it
We use your personal data to provide and improve the AquaAssure service, to authenticate you and your team, to deliver compliance reports and alerts, and to respond to support requests. We do not sell your data, share it with advertisers, or transfer it outside the United Kingdom.
Data storage
All data is stored on UK-based servers operated by Supabase Inc. (with row-level security enforced at the database level). Data is encrypted in transit (TLS 1.3) and at rest (AES-256). We retain operational data for the duration of your subscription plus 90 days after cancellation in read-only mode, then permanently delete it.
Your rights
Under UK GDPR you have the right to access, correct, export, or delete your personal data. You also have the right to object to processing or to restrict it in certain circumstances. To exercise any of these rights, contact us at the address below. We will respond within 30 days.
Contact
For questions about your data or this policy, email info@aquaassure.co.uk. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.