GDPR Compliance Policy
Effective Date: December 01, 2025
Website: savorymomrecipes.com
Data Protection Contact: gdpr@savorymomrecipes.com
What Personal Data We Collect
At savorymomrecipes we are committed to handling your personal data responsibly and transparently. The following categories of personal data may be collected when you interact with our site:
- Email addresses: Provided voluntarily when you subscribe to our newsletter, submit a comment, or request a recipe.
- Cookies and similar tracking technologies: Used to remember your preferences, analyse site usage, and deliver personalized content.
- Analytics data: Aggregated information such as page views, referral sources, and device type, collected via third‑party analytics services (e.g., Google Analytics).
Legal Basis for Processing
We process personal data on one or more of the following lawful bases under the General Data Protection Regulation (GDPR):
- Consent: When you voluntarily sign up for our newsletter or accept cookies, you give explicit consent for us to process your email address and tracking data for the purposes described.
- Legitimate Interests: We may process analytics data and non‑identifiable usage statistics to improve the functionality, security, and user experience of the website. This processing is balanced against your rights and interests.
How We Protect Your Data
- Encryption: All data transmitted between your browser and our servers is protected by SSL/TLS (HTTPS) encryption.
- Secure Servers: Our hosting environment employs firewalls, regular security patches, and intrusion‑detection systems.
- Limited Retention: Email addresses are retained only as long as you remain subscribed or until you request deletion. Cookies are set with a maximum lifespan of 12 months unless you delete them earlier. Analytics data is retained in an aggregated, non‑identifiable form for up to 24 months.
- Access Controls: Only authorised personnel have access to personal data, and they are required to adhere to strict confidentiality obligations.
Your GDPR Rights
Under the GDPR, you enjoy a series of rights concerning your personal data. Each right is described below with a corresponding icon for quick reference.
Right to Access
You may request a copy of the personal data we hold about you, together with information about how we process it. This includes the categories of data, the purposes of processing, and any recipients of your data.
Right to Rectification
If any of your personal data is inaccurate or incomplete, you have the right to have it corrected without undue delay.
Right to Erasure (Right to be Forgotten)
You may ask us to delete your personal data where there is no legitimate reason for continued processing, such as when you withdraw consent or when the data is no longer needed for the purpose it was collected.
Right to Restrict Processing
You can request that we limit the processing of your data while we verify the accuracy of the information, or if you are contesting its legality.
Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, machine‑readable format and to transmit that data to another controller without hindrance.
Right to Object
You may object to the processing of your data for direct marketing, profiling, or any other purpose that is based on legitimate interests. Upon objection, we will cease the processing unless we can demonstrate compelling legitimate grounds.
Right to Withdraw Consent
Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
How to Exercise Your Rights
To exercise any of the rights listed above, please follow these steps:
- Identify yourself: Provide your full name and the email address you used with our service. This helps us verify your identity and protect your data from unauthorised access.
- Specify the request: Clearly indicate which right you are invoking (e.g., “I would like to exercise my Right to Erasure”) and describe the data concerned, if applicable.
- Submit the request: Send your request via email to gdpr@savorymomrecipes.com. You may also use the contact form on our “Contact Us” page, referencing “GDPR Request”.
- Verification (if needed): We may ask for additional information (such as a recent transaction ID or a copy of a government‑issued ID) to confirm your identity.
- Response: We will acknowledge receipt of your request within 5 business days and provide a substantive response no later than 30 calendar days, unless a further extension is justified by the complexity of the request (in which case we will inform you of the extension and its reasons).
Retention Periods
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, as outlined below:
- Email subscriptions: Retained until you unsubscribe or request deletion.
- Cookies: Session cookies expire when you close your browser; persistent cookies have a maximum lifespan of 12 months.
- Analytics data: Stored in an aggregated, non‑identifiable format for up to 24 months for trend analysis.
Changes to This Policy
We review this GDPR Compliance Policy regularly. Any material changes will be posted on this page with an updated “Last Updated” date. Continued use of the website after such changes constitutes acceptance of the revised policy.
Contact Us
If you have any questions about this policy, your data, or how we process personal information, please contact our Data Protection Officer at gdpr@savorymomrecipes.com. We are committed to responding promptly and transparently.
