Sign in Start free trial

Privacy & data protection

How FireDoor Suite handles your data.

This Privacy Notice explains how FireDoorApp.co.uk (“we”, “us”) processes personal data in FireDoor Suite, including workspace accounts, inspection data, Stripe billing and support. It is written with UK GDPR / EU GDPR in mind.

  • Most inspection and client data is controlled by the workspace owner (your organisation).
  • We use account, billing, and security logs to provide and protect the service.
  • Card details are handled by Stripe; FireDoor Suite does not store full card numbers or security codes.

In most cases we provide the platform and act as a data processor for your workspace; your organisation controls the data it enters into FireDoor Suite.

This page is a high‑level overview of how the service works, not legal advice. Your own organisation remains responsible for its compliance obligations.

Privacy overview

Designed for UK/EU fire door data

Workspace‑level control Each customer gets an isolated tenant with its own users, inspections, and documents.
Account & workspace data Used to provide and secure the app.
Inspections, doors & documents Controlled by your organisation as workspace owner.
Stripe billing & audit logs Stored to meet billing, audit and security obligations.

Section 1 of 3

1. Who this notice covers

FireDoor Suite is a multi‑tenant platform used by fire door contractors, FM teams, and housing providers. Each workspace holds its own data.

  • Workspace owners: the organisation that set up the workspace is usually the data controller for inspections, doors, remedials, and client records stored in that workspace.
  • Platform provider: we operate the FireDoor Suite infrastructure and act as a data processor for most in‑app data, and as controller for our own account, billing, and service‑level logs.
  • End users and client contacts: this includes team members using the app, portal users, and client contacts named on inspections, quotes, RAMs, and invoices.

If you are a resident, leaseholder, or client contact and have questions about inspections carried out at your building, your first point of contact is usually the organisation that commissioned the work.

Workspaces

Isolated tenants per customer

Separate client data per workspace Role‑based user access Audit and activity logs

Each tenant workspace holds its own inspections, doors, remedials, quotes, RAMs, invoices, and portal users. Data is not mixed between tenants.

Section 2 of 3

2. Data we process and why we use it

The platform stores different kinds of personal data depending on how your organisation uses it, and we use that data for a small number of clear purposes.

Accounts & workspace

Team and tenant details

When you register or invite users into a workspace we process:

What this includes
  • Account details such as name, email address, password (stored as a secure hash), and role.
  • Workspace and company details such as workspace name, organisation name, and configuration preferences.
  • Login, session, and authentication details needed to keep accounts secure (including tenant keys and security cookies).

Operational data

Inspections, doors, clients & properties

FireDoor Suite is built to hold inspection‑related records, including:

What this includes
  • Client and property records, including organisation names, property names, addresses and contact names/phone numbers/emails.
  • Inspection, door and remedial data, including notes, photo uploads, floorplans, fail reasons, tags and labels.
  • Quotes, RAMs, invoices, and client portal activity linked to those inspections and doors.

Billing & Stripe

Subscription and invoice data

When a workspace owner chooses a paid plan or sends invoices we process:

What this includes
  • Subscription and usage metrics, such as seat counts, doors inspected and PDFs generated.
  • Invoice details, including client billing contact details, invoice line items, status and history.
  • Stripe‑related identifiers such as customer IDs, subscription IDs, Checkout Session IDs and payment intent IDs.

Card details are handled by Stripe. FireDoor Suite does not store full card numbers or security codes.

Logs & support

Security, audit and support data

To protect the service and help teams resolve issues we keep:

What this includes
  • Door tag scan logs with door IDs, scan method (QR/NFC/public), IP address and browser user agent.
  • Workspace analytics and audit trails that show which users performed certain actions in the app.
  • Support tickets, messages and attachments when you contact us through the help area.

Why we use this data (legal bases)

We rely on a small number of straightforward legal bases under UK GDPR / EU GDPR.

Contract: providing the FireDoor Suite service

We process personal data where it is necessary to enter into and perform our contract with a workspace owner or trial user.

  • Creating and administering workspaces, user accounts and subscriptions.
  • Storing and presenting inspections, doors, remedials, RAMs, quotes and invoices inside the app and client portal.
  • Sending essential service emails such as invites, password resets and important notices about your workspace.

Legitimate interests: security, reliability and improvement

We process some data where it is necessary for our legitimate interests, balanced against your rights and expectations.

  • Maintaining security, including logging door tag scans, login events and error reports.
  • Generating anonymised or aggregated analytics to understand how features are used and where workflows can be improved.
  • Responding to support requests and operating admin dashboards that surface cross‑tenant health and error information.

Legal obligations: billing, tax and compliance

We keep some records to comply with our own legal and regulatory responsibilities.

  • Maintaining billing and invoice records for tax and accounting purposes.
  • Recording plan choices, Stripe subscription status and payment outcomes.

Consent: optional updates and marketing

Where we send optional product updates or similar communications directly, we do so only with appropriate consent or soft‑opt‑in and you can opt out at any time.

Workspace owners remain responsible for their own use of contact details (for example, when exporting data from FireDoor Suite to send their own mailings).

Section 3 of 3

3. Cookies, storage and data location

FireDoor Suite uses a small number of technical cookies and storage mechanisms to keep you signed in, remember your workspace and support offline‑friendly workflows.

Technical cookies

Workspace and session cookies

We use strictly‑necessary cookies such as:

  • The PHP session cookie (for example FIRE_DOOR_SUITE) to keep you signed in across requests.
  • firedoor_tenant, firedoor_tenant_scope and firedoor_tenant_sig to remember which workspace you are working in and to protect tenant selection.
  • firedoor_cache_version to version your device’s offline caches for the current workspace login (for example, when you choose “Clear offline cache” in Settings).

These cookies are used only to provide the service and are not used for third‑party advertising or cross‑site tracking.

Local storage & offline

Device‑side queues

Where enabled, FireDoor Suite can queue inspection data offline on your device so it can be synced when connectivity returns.

  • Offline queues are stored in browser storage (such as IndexedDB or localStorage) and are tied to your device and browser profile.
  • Offline queues and cached pages are scoped to your workspace and user account within this browser profile.
  • Queued data is submitted back to the workspace as part of your normal use of the app, or can be removed using “Clear offline cache” in Settings (this clears cached pages and any offline drafts for your current workspace login on this device).
  • Even with scoping, anyone with access to your device and browser profile may be able to view cached copies. Protect devices accordingly (for example, OS login protection and disk encryption where appropriate).

Hosting & processors

Where data is stored

FireDoor Suite is designed for UK/EU teams and typically stores data in UK/EU regions.

  • Core application and database hosting is provided by reputable infrastructure providers.
  • File storage (for example, photos and floorplans) may use cloud object storage in a UK or EU region.
  • Stripe acts as a separate processor for payments and subscription billing.

Where we rely on service providers outside the UK or EU, we use appropriate safeguards such as standard contractual clauses or equivalent measures.

Your rights and how to contact us

If you are in the UK or EU, you generally have rights to access, correct, delete and port your personal data, and to object to or restrict certain types of processing.

  • Access and correction: you can ask to see and update personal data held about you in FireDoor Suite, usually by contacting your workspace owner or admin.
  • Deletion and retention: you can ask for deletion where we no longer need data; some records must be retained for legal, tax, or audit reasons.
  • Objection and restriction: you can object to certain uses of your data (for example, direct marketing) or ask us to limit processing in specific situations.
  • Complaints: you can raise concerns with your local data protection authority if you believe your rights have been infringed. In the UK this is the Information Commissioner’s Office (ICO).

To exercise your rights in relation to FireDoor Suite, please contact your workspace owner in the first instance. For questions about how the platform itself handles data, you can also reach us via the in‑app Support area.

Need to discuss data handling in more detail?

We can walk through where data lives in FireDoor Suite, how Stripe is used for billing, and how to export records for your own retention policies.

Best next step: run a test building through your trial and review the resulting records together with your compliance lead.

Start 7‑day trial Talk to us