Data Processing Agreement
Last updated: 14 June 2026 · Trades Office Limited (No. 17181500), trading as PlateProof · ICO: ZC133896
This Data Processing Agreement (“DPA”) forms part of the agreement between Trades Office Limited trading as PlateProof (“PlateProof”, “Processor”) and the customer using the Service (“Customer”, “Controller”). It applies where PlateProof processes personal data on the Customer’s behalf and is intended to satisfy Article 28 of the UK GDPR. Where the EU GDPR applies to the Customer, this DPA is read to give equivalent effect and the Standard Contractual Clauses referenced below apply to relevant transfers.
1. Roles
The Customer is the data controller; PlateProof is the data processor. The Customer is responsible for determining the lawful basis for processing, ensuring data accuracy, providing required privacy notices, and ensuring lawful use of the Service. PlateProof processes personal data only on the Customer’s documented instructions, which include the actions, uploads and requests the Customer makes through the Service, except where required by law.
2. Scope of Processing (Article 28(3))
| Subject matter | Processing personal data to deliver the PlateProof allergen-compliance and evidence service |
| Duration | The term of the subscription, plus the retention period in Section 9 |
| Nature of processing | Capture and storage of images and records; AI-assisted allergen identification; recording and time-stamping of human sign-offs; generation of allergen cards and compliance records; retrieval, use and deletion |
| Purpose | Providing allergen-compliance, record-keeping and evidence functionality on the Controller's instruction |
| Types of personal data | Account user identity (name, email); the names of staff who review and sign off declarations; and any individuals incidentally appearing in uploaded photographs of packaging or dishes |
| Categories of data subjects | The Customer's personnel and account users; and any other individuals incidentally referenced in uploaded content. The Service is not designed to process diner / end-consumer health data |
3. AI Processing
PlateProof uses Anthropic to assist with allergen identification from images and dish names. Data submitted through the Service is not used to train general-purpose AI models. AI outputs are assistive suggestions and are reviewed and signed off by the Customer before reliance.
4. Confidentiality
Persons authorised by PlateProof to process personal data are subject to confidentiality obligations and access data only on a need-to-know basis. PlateProof currently operates as a sole-founder business with restricted administrative access.
5. Security Measures
- encryption in transit (TLS) and at rest
- database row-level security isolating each organisation's records
- authentication with available multi-factor protection
- audit logging of key actions
- restricted administrative access
- and EU-hosted managed cloud infrastructure (Supabase, Vercel)
6. Sub-Processors
PlateProof engages a small number of approved sub-processors, listed in the Sub-Processors Policy. PlateProof will give at least 30 days’ notice before appointing a new sub-processor involving new international transfers, and ensures sub-processors are subject to appropriate data protection obligations.
7. International Transfers
Database, authentication and storage are EU-hosted. Some processing (AI allergen identification by Anthropic) occurs in the United States, safeguarded by the UK International Data Transfer Agreement (IDTA) and, where the EU GDPR applies, the EU Standard Contractual Clauses (SCCs), or an equivalent lawful mechanism.
8. Data Subject Rights, Breach & DPIA Assistance
PlateProof will provide reasonable assistance to the Customer in responding to data subject requests, and in meeting obligations under UK GDPR Articles 32–36 (security, breach notification and Data Protection Impact Assessments). Where PlateProof receives a data subject request relating to Customer-controlled data, it will forward it to the Customer within 5 business days. PlateProof will notify the Customer without undue delay and within 72 hours of becoming aware of a personal data breach affecting Customer personal data.
9. Retention & Deletion
Signed declarations and their supporting evidence are retained as the Customer’s compliance record for the term of the subscription. Following termination, Customer data remains available for export for a defined period (currently 90 days), after which it may be deleted unless retention is required by law or requested by the Customer. On written request after the retention period, PlateProof will confirm deletion in writing.
10. Audit
PlateProof will provide reasonable written information to demonstrate compliance with this DPA. Enterprise customers may request a security review or independent audit by prior written arrangement, on reasonable notice, in a manner that protects the confidentiality and security of other customers.
11. Liability, Changes, Governing Law
Liability under this DPA is subject to the limitation of liability in the Terms of Service. PlateProof may update this DPA with reasonable notice of material changes. This DPA is governed by the laws of England and Wales.
12. Contact
privacy@plateproof.io · Trades Office Limited, trading as PlateProof · Company No. 17181500 · Hexham, Northumberland, United Kingdom · ICO Registration ZC133896.
Enterprise note: a large customer’s procurement may require a negotiated DPA / master agreement with bespoke audit, security and liability terms. This DPA is the standard baseline and can be supplemented by such an agreement.