GDPR Compliance Policy – flavorkitchenwave

Last Updated: April 03, 2026

flavorkitchenwave (“we”, “our”, “us”) is committed to safeguarding the privacy and personal data of all users of our website flavorkitchenwave.com. This policy explains how we collect, use, store, and protect your data in full compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the UK Data Protection Act 2018.

1. What Data We Collect

• Email Addresses: When you subscribe to our newsletter, request a recipe, or contact us, we collect your email address to provide the requested service and to send you relevant updates.
• Cookies and Similar Technologies: We use first‑party cookies to remember your language preference, keep you logged in, and to analyze how visitors interact with the site.
• Analytics Data: We employ anonymized Google Analytics to understand traffic patterns and improve our website. No personal identifiers are stored in these analytics logs.

2. Legal Basis for Processing

Our processing activities are based on the following lawful bases:

• Consent: When you provide your email address or opt‑in to newsletters, we rely on your explicit consent to store and use that data for communication purposes.
• Legitimate Interest: The use of cookies and analytics is justified by our legitimate interest to improve user experience and website performance. We ensure that the benefits outweigh any privacy impact and provide clear opt‑out options.

3. How We Protect Your Data

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using HTTPS.
• Secure Servers: We host our data on encrypted, access‑controlled servers with regular security audits.
• Limited Retention: Email addresses are retained for a maximum of 3 years from the last interaction. Analytics and cookie data are stored for 12 months, while persistent cookies are kept for 2 years unless you delete them.
• Access Controls: Only authorized staff with a legitimate need can access personal data. All staff undergo privacy training.

4. Your GDPR Rights

Under the GDPR you have the following rights. We are committed to respecting and facilitating each of them:

• Right to Access: You may request a copy of any personal data we hold about you.
• Right to Rectification: If your data is inaccurate or incomplete, you can ask us to correct it.
• Right to Erasure: You may request the deletion of your personal data, subject to legal obligations.
• Right to Restrict Processing: You can ask us to limit the processing of your data while we verify its accuracy.
• Right to Data Portability: You can obtain your data in a structured, commonly used format and transfer it to another controller.
• Right to Object: You may object to the processing of your data for direct marketing or profiling purposes.
• Right to Withdraw Consent: You can withdraw any previously given consent at any time, and we will cease processing accordingly.

5. How to Exercise Your Rights

To exercise any of the above rights, please send a written request to:

flavorkitchenwave
Data Protection Officer
Email: [email protected]

When contacting us, please include:

• Your full name and contact details.
• A clear statement of the request (e.g., “I request access to all personal data we hold about me”).
• Any evidence that helps us identify you (e.g., the email address you used to sign up).

We will respond to your request within 30 calendar days. If we need more time to investigate or verify your identity, we will notify you and explain the reason for the delay. In exceptional cases, the response period may be extended by an additional 30 days, provided we inform you of the extension and its justification.

6. Contact & Feedback

If you have any questions about this policy, feel free to email us at [email protected]. For complaints, you may also contact the UK Information Commissioner’s Office (ICO) or the relevant supervisory authority in your jurisdiction.

7. Updates to This Policy

We may update this policy from time to time. Any changes will be posted on our website and the “Last Updated” date will be revised accordingly. We encourage you to review this policy periodically to stay informed about how we protect your data.

By using our website, you acknowledge that you have read, understood, and agreed to this GDPR Compliance Policy.