GDPR Compliance Policy
Effective Date: December 06, 2025
Website: https://dailyfoodmix.com
Contact for Data‑Protection Queries: gdpr@dailyfoodmix.com
1. Introduction
DailyFoodMix ("we", "our", "us") is committed to protecting the personal data of our users in accordance with the European Union General Data Protection Regulation (EU) 2016/679 (GDPR). This policy explains what personal data we collect, why we process it, how we protect it, and the rights you have under the GDPR.
2. Personal Data We Collect
We collect only the data that is necessary to provide and improve our services:
- Email address: Used for newsletter subscriptions, account creation, and communication regarding your preferences.
- Cookies & similar technologies: Session cookies, analytics cookies (e.g., Google Analytics), and preference cookies that help us understand how visitors interact with our site.
- Analytics data: Aggregated information such as page views, referral sources, and device types. This data is never linked to personally identifiable information.
3. Legal Basis for Processing
Under the GDPR, we may only process personal data when we have a lawful basis. For DailyFoodMix, the following bases apply:
- Consent (Article 6(1)(a)): When you voluntarily sign up for our newsletter or accept cookies, you give us explicit consent to process your email address and cookie data.
- Legitimate Interests (Article 6(1)(f)): We process analytics data and use cookies to improve website performance, security, and user experience. Our legitimate interests are balanced against your rights and freedoms.
4. How We Protect Your Data
We employ a range of technical and organisational measures to safeguard personal data:
- Encryption (SSL/TLS): All data transmitted between your browser and our servers is encrypted using HTTPS.
- Secure Servers: Our hosting environment is hosted in ISO‑27001 certified data centres with firewalls, intrusion detection, and regular security patches.
- Limited Retention: Email addresses are retained only for as long as you remain subscribed or until you request deletion. Cookie data is automatically cleared after 12 months unless you extend the period via your preferences.
- Access Controls: Only authorised personnel with a legitimate need can access personal data, and all access is logged and reviewed regularly.
5. Your GDPR Rights
As a data subject, you enjoy the following rights under the GDPR. Each right is accompanied by a Bootstrap Icon for quick visual reference.
Right to Access
You may request confirmation that we are processing your personal data and obtain a copy of that data, together with the purposes of processing, categories of data, and recipients.
Right to Rectification
If any of your personal data is inaccurate or incomplete, you have the right to have it corrected without undue delay.
Right to Erasure (Right to be Forgotten)
You may ask us to delete your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.
Right to Restrict Processing
You can request that we limit the processing of your data while we verify the accuracy of the data or while a dispute is being resolved.
Right to Data Portability
You may receive your personal data in a structured, commonly used, machine‑readable format and transmit it to another controller.
Right to Object
You have the right to object, on grounds relating to your particular situation, to the processing of your personal data for direct marketing or legitimate interest purposes.
Right to Withdraw Consent
Where processing is based on consent, you may withdraw that consent at any time, without affecting the lawfulness of processing carried out before the withdrawal.
6. How to Exercise Your Rights
To exercise any of the rights listed above, please follow these steps:
- Send a written request to gdpr@dailyfoodmix.com. Include your name, the email address associated with your account (if applicable), and a clear description of the right you wish to invoke.
- We may ask for additional information to verify your identity before fulfilling the request. This step is essential to protect your data from unauthorised access.
- Once verified, we will act on your request without undue delay and in any case within 30 calendar days. In exceptional cases, we may extend this period by a further two months, but you will be informed of the extension and the reasons for it.
- If you are not satisfied with our response, you have the right to lodge a complaint with a supervisory authority, such as the Data Protection Authority in your EU member state.
7. Data Retention Periods
We retain personal data only for as long as necessary:
- Email addresses: Retained while you remain subscribed or until a deletion request is received.
- Cookies & analytics data: Session cookies expire at the end of the browsing session; persistent cookies are retained for up to 12 months unless you delete them earlier via your browser settings.
8. International Transfers
All processing takes place on servers located within the European Economic Area (EEA). If a transfer outside the EEA becomes necessary, we will ensure that appropriate safeguards (e.g., Standard Contractual Clauses) are in place.
9. Updates to This Policy
We may amend this GDPR Compliance Policy from time to time to reflect changes in our practices or legal requirements. Any revisions will be posted on this page with an updated “Last Updated” date. We encourage you to review the policy regularly.
If you have any questions about this policy or wish to discuss any aspect of your personal data, please contact our Data Protection Officer at gdpr@dailyfoodmix.com.
