FCOS · Food Compliance OS

← Home

Privacy Policy

How FCOS (Food Compliance OS) handles personal data.

Last updated: 2026-05-08

Who we are

This Privacy Policy describes how FCOS (Food Compliance OS) (“FCOS”, “we”) processes personal data in connection with our B2B nutrition labeling platform and related websites and services (the “Service”).

Controller / entity placeholder. The legal entity responsible for processing may be listed as FCOS / Food Compliance OS until your registered company name and jurisdiction are confirmed with counsel.

Data we collect

We may process:

  • Account and profile data: such as name, email, phone, company name, address, and business attributes you provide at signup or in your profile.
  • Customer content: product, SKU, ingredient, nutrition, and labeling information you enter into the Service.
  • Technical and usage data: such as IP address, device/browser information, timestamps, and diagnostic logs needed to operate and secure the Service.
  • Communications: messages you send to support or in-product notifications we send to you.

How we use personal data

We use data to:

  • provide, maintain, and improve the Service;
  • authenticate users, enforce security, and prevent abuse;
  • communicate about the Service, including service and legal notices;
  • comply with law and respond to lawful requests;
  • analyze aggregated or de-identified usage to understand product performance.

Where GDPR/UK GDPR applies, we rely on appropriate legal bases such as contract performance, legitimate interests (with balancing), and consent where required.

Sharing and subprocessors

We use infrastructure and service providers to host and operate the Service. Depending on your deployment, subprocessors may include:

  • Hosting / application platform (e.g. Vercel or similar) for web delivery;
  • Database (e.g. Neon Postgres or comparable) for application data;
  • Email providers for transactional messages such as verification and password reset;
  • other vendors strictly necessary for security, analytics, or support, under appropriate agreements.

We do not sell personal data. We may disclose information if required by law or to protect rights, safety, and security.

International transfers: if personal data is transferred across borders, we implement safeguards such as Standard Contractual Clauses where required. Details should be aligned with your counsel and actual hosting regions.

Retention

We retain personal data for as long as needed to provide the Service and for legitimate business purposes such as security, backups, and legal compliance. Retention periods vary by data category and may be configured for enterprise customers where applicable.

Security

We implement technical and organizational measures designed to protect personal data, including access controls and encryption in transit where supported. No method of transmission or storage is completely secure.

Your rights

Depending on your location, you may have rights to access, correct, delete, or export personal data, or to object to or restrict certain processing. You may also withdraw consent where processing is consent-based. To exercise rights, contact us using the details below. You may lodge a complaint with a supervisory authority.

Contact

For privacy requests, contact the administrator of your FCOS workspace or the address provided in your subscription documentation. A dedicated privacy inbox (e.g. privacy@example.com) should replace this placeholder before production use.

See also our Terms of Service.