Privacy Policy — SCI Verification

Last updated: 29 April 2026

This privacy policy describes how the SCI Verification mobile application ("the App", "we", "us") collects, uses, stores, and protects personal data. The App is operated by Supply Chain In-Sites Ltd ("SCI"), 2 Station Avenue, Bridlington, East Yorkshire, UK, YO16 4LZ (Company No. 13150053).

The App is a field data-collection tool used by approved field workers ("you", "the user") to perform verification audits — for example, deer-stalker compliance under the British Quality Wild Venison (BQWV) scheme, or low-carbon agricultural audits.

1. Data Controller

Supply Chain In-Sites Ltd is the data controller for personal data processed through the App. For any privacy-related questions, contact us at info@scinsites.com.

2. What we collect

CategoryExamplesWhy we collect it
Identity & contactFull name, address, postcode, mobile phone numberTo register you, identify your audit submissions, and contact you about approval status
AuthenticationOne-time SMS code (OTP), biometric authorization (Face ID / Touch ID / fingerprint)To verify your identity and unlock the App. Biometric data never leaves your device.
Profile / professionalSelfie photo, certifications (e.g. DSC Level 2), insurance certificates, policy documents, estate name and addressTo verify your eligibility under the relevant verification scheme
Audit contentPhotographs of evidence (carcass tags, vehicles, storage, products), GPS coordinates, timestamps, free-text answers to scheme-specific questions, temperatures, weights, ammunition detailsTo produce the audit submission required by the scheme
Device & technicalDevice model, OS version, app version, anonymized crash reportsTo diagnose problems and improve the App
LocationGPS coordinates captured during active audit sessionsTo geotag the audit and verify it was performed on the correct site

3. Lawful basis for processing

We process your data on the following bases under the UK GDPR / EU GDPR:

4. Who we share your data with

We share data only with the third-party processors needed to operate the App:

We do not sell your data and we do not share it with advertisers.

5. International transfers

Some of our processors (Twilio, Cloudinary) are based outside the UK / EEA. Where data is transferred outside the UK / EEA we rely on the European Commission's Standard Contractual Clauses (or equivalent UK clauses) to ensure adequate protection.

6. How long we keep your data

7. Security

8. Your rights

Under UK / EU GDPR you have the right to:

9. Children

The App is intended for adult professionals working in regulated supply chains. We do not knowingly collect data from anyone under 18.

10. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of this page reflects the latest revision. Material changes will be communicated through the App.

11. Contact

Supply Chain In-Sites Ltd
2 Station Avenue, Bridlington
East Yorkshire, UK, YO16 4LZ
Email: info@scinsites.com