GDPR Compliance Policy
DailyCookFlavor (accessible at https://dailycookflavor.com) is committed to protecting the privacy and personal data of its users in accordance with the European Union General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679). This policy explains what personal data we collect, why we collect it, how we protect it, and the rights you have under the GDPR. By using our website, you acknowledge that you have read and understood the information set out below.
1. Data We Collect
We process only the data that is necessary for the legitimate purposes described in this policy. The categories of personal data we collect include:
- Email address – collected when you subscribe to our newsletter, request a recipe, or contact us.
- Cookies and similar tracking technologies – used to remember your preferences, analyse site traffic, and improve user experience.
- Analytics data – aggregated information such as page views, device type, and referral source, obtained through Google Analytics and similar services.
2. Legal Basis for Processing
We rely on the following lawful bases for processing your personal data:
- Consent – When you voluntarily provide your email address or accept our cookie banner, you give explicit consent for us to process that data for the stated purposes.
- Legitimate interest – We process analytics data and use essential cookies to maintain the security, performance, and functionality of the website, which constitutes a legitimate interest under Article 6(1)(f) of the GDPR.
3. How We Protect Your Data
Security is a top priority at DailyCookFlavor. We have implemented technical and organisational measures to safeguard your personal data, including:
- SSL encryption – All data transmitted between your browser and our servers is protected by HTTPS (TLS 1.2+).
- Secure servers – Our hosting environment is hardened, regularly patched, and monitored 24/7 for suspicious activity.
- Limited retention periods – Email addresses are retained only as long as you remain subscribed or until you request deletion. Analytics data is anonymised after 12 months, and cookie identifiers are cleared after 30 days unless renewed.
- Access controls – Only authorised personnel with a legitimate need to know can access personal data, and they are bound by confidentiality agreements.
4. Your GDPR Rights
Under the GDPR you enjoy a set of rights that give you control over your personal data. Each right is described below, accompanied by a Bootstrap icon for quick visual reference.
-
Right to Access – You may request a copy of the personal data we hold about you, together with information about how we process it.
-
Right to Rectification – If any of your personal data is inaccurate or incomplete, you can ask us to correct or complete it without undue delay.
-
Right to Erasure (Right to be Forgotten) – You may request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.
-
Right to Restrict Processing – You can ask us to limit the way we use your data while we verify the accuracy of the information or while we assess a legal claim.
-
Right to Data Portability – You have the right to receive your personal data in a structured, commonly used, machine‑readable format and to transmit it to another controller.
-
Right to Object – You may object, on grounds relating to your particular situation, to processing of your data for direct marketing, scientific/historical research, or statistical purposes.
-
Right to Withdraw Consent – Where processing is based on your consent, you can withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
5. How to Exercise Your Rights
To exercise any of the rights listed above, please submit a written request to our Data Protection Officer at gdpr@dailycookflavor.com. In your request, include:
- Your full name and contact details (email address used for registration, if applicable).
- A clear description of the right you wish to invoke (e.g., “I request a copy of all personal data you hold about me”).
- Any additional information that will help us verify your identity (e.g., a recent subscription confirmation email).
We will acknowledge receipt of your request within 5 business days and will aim to provide a substantive response within 30 calendar days**, as required by the GDPR. In complex cases, the deadline may be extended by up to two further months; you will be informed of any such extension and the reasons for it.
6. Data Retention
We retain personal data only for as long as necessary:
- Email addresses – retained until you unsubscribe or request deletion, after which we delete the data within 14 days.
- Cookies – session cookies expire when your browser is closed; persistent cookies are automatically cleared after 30 days unless renewed.
- Analytics data – stored in an aggregated, non‑identifiable form for up to 12 months, after which it is automatically purged.
7. International Transfers
All processing takes place on servers located within the European Economic Area (EEA). If a transfer outside the EEA becomes necessary (e.g., for a third‑party service), we will ensure that appropriate safeguards such as Standard Contractual Clauses are in place, guaranteeing an equivalent level of protection.
8. Contact Information
For any questions, concerns, or requests related to this GDPR policy, please contact our Data Protection Officer:
DailyCookFlavor – Data Protection Officer
Email: gdpr@dailycookflavor.com
9. Changes to This Policy
We review this policy regularly and may update it to reflect changes in our practices or legal requirements. Any material changes will be posted on this page with a new “Last Updated” date. Continued use of the website after such changes constitutes acceptance of the revised policy.
Last Updated: December 06, 2025
