GDPR Policy - Dailydishbites

1. Introduction

Dailydishbites (“we”, “our”, “us”) is committed to protecting the privacy and personal data of our website visitors, newsletter subscribers, and customers. This General Data Protection Regulation (GDPR) Compliance Policy explains how we collect, use, store, and share personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679) and the UK Data Protection Act 2018. By using our site (dailydishbites.com) you acknowledge that you have read and understood this policy.

2. Personal Data We Collect

Email Addresses: Collected when you subscribe to our newsletter, create an account, or place an order.
Cookies: We use first‑party and third‑party cookies to remember your preferences, track session activity, and analyze traffic.
Analytics Data: We employ tools such as Google Analytics and Matomo to gather aggregated visitor statistics, page views, and device information.

3. How We Protect Your Data

SSL Encryption: All data transmitted between your browser and our servers is protected by TLS 1.3 (HTTPS).
Secure Servers: We host our infrastructure on ISO 27001 certified cloud providers and maintain regular penetration testing.
Limited Retention: Personal data is retained only as long as necessary for the purposes stated in this policy or required by law. For example, email addresses are kept for 12 months after the last interaction unless you opt‑out sooner.

4. Legal Basis for Processing

We process personal data on the following lawful bases:

Consent: When you explicitly agree to receive marketing emails or to allow the use of cookies for personalized experiences.
Legitimate Interest: When we use analytics to improve website performance, detect fraud, and ensure the security of our services.

5. Your GDPR Rights

Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide a summary of the data, its purpose, and the recipients to whom it has been disclosed.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you may request corrections. We will update or correct the information promptly.

Right to Erasure

Also known as the “right to be forgotten”, you can ask us to delete your personal data. We will comply unless a legal obligation requires us to retain it.

Right to Restrict Processing

You may request that we limit how we use your data—for instance, if you believe it is inaccurate. During restriction, we will only store the data for the purpose of verifying its accuracy.

Right to Data Portability

You can obtain your personal data in a structured, commonly used, and machine‑readable format. We will provide the data in formats such as CSV or JSON.

Right to Object

If you wish to object to the processing of your data for direct marketing or profiling purposes, we will stop processing unless we can demonstrate compelling legitimate grounds.

Right to Withdraw Consent

You may withdraw consent at any time by following the unsubscribe link in our emails or by contacting us. Withdrawal does not affect the lawfulness of any processing carried out before the withdrawal.

6. How to Exercise Your Rights

To exercise any of the rights listed above, please send an email to [email protected] with a brief description of your request. For example:

Right to Access: “Please provide all personal data you hold about me.”
Right to Rectification: “I would like to correct my email address from [email protected] to [email protected].”
Right to Erasure: “I request the deletion of my data.”

For privacy‑related requests that require identity verification, we may ask for a copy of a government ID or other proof of identity. This is to prevent unauthorized access to personal data.

7. Response Time and Process

We will respond to your request within 30 days of receipt. If we need more time—such as when verifying your identity or gathering data from third parties—we will inform you of the delay and provide an updated estimate. Should you feel your request has not been adequately addressed, you may lodge a complaint with the relevant supervisory authority (e.g., the Information Commissioner’s Office in the UK or the Data Protection Authority in your EU Member State).

8. Contact Information

For any questions, concerns, or to exercise your GDPR rights, please contact our Data Protection Officer:

Dailydishbites Data Protection Officer
Email: [email protected]

9. Updates to This Policy

We reserve the right to update this GDPR Compliance Policy from time to time. Any changes will be posted on this page with an updated effective date. Your continued use of our site constitutes acceptance of the revised policy.

GDPR Compliance Policy