GDPR Compliance Policy

This policy explains how Kitchendishmagic (the “Website”) collects, uses, stores, and protects your personal data in compliance with the General Data Protection Regulation (GDPR). It also details the rights you have under the GDPR and how you can exercise them.

1. Personal Data We Collect

Kitchendishmagic collects the following personal data:

Email addresses – collected when you sign up for newsletters, create an account, or contact us.
Cookies and similar technologies – used to remember your preferences, track session activity, and personalize content.
Analytics data – collected via Google Analytics and Matomo to understand traffic patterns, page views, and user interactions.

2. Legal Basis for Processing

We process your personal data on the following lawful bases:

Consent – when you explicitly agree to receive marketing emails or allow cookies for personalization.
Legitimate interest – to improve our services, analyze website performance, and protect the security of our users.

3. How We Protect Your Data

We employ robust technical and organisational measures to safeguard your personal data:

SSL/TLS encryption – all data transmitted between your browser and our servers is encrypted.
Secure servers – hosted on reputable cloud providers with 24/7 monitoring, firewalls, and intrusion detection.
Limited retention – data is kept only as long as necessary for the purposes outlined in this policy (e.g., email addresses are stored for 12 months after the last interaction).
Access controls – only authorised staff have access to personal data, and all staff undergo regular privacy training.

4. GDPR Rights and How to Exercise Them

Under the GDPR, you have the following rights. Each right is illustrated with an icon for quick reference.

Right to Access

Request a copy of all personal data we hold about you.

Right to Rectification

Ask us to correct inaccurate or incomplete data.

Right to Erasure

Request deletion of your data (the “right to be forgotten”).

Right to Restrict Processing

Limit how we use your data while we verify its accuracy.

Right to Data Portability

Receive your data in a structured, machine‑readable format.

Right to Object

Object to certain types of processing, such as direct marketing.

Right to Withdraw Consent

Withdraw previously given consent at any time.

To exercise any of these rights, please contact us at [email protected]. Include a brief statement of your request and any necessary verification details (e.g., email address or username). We will respond within 30 days, as mandated by GDPR. If you need additional assistance, you may also contact our Data Protection Officer at the same email address.

5. Retention of Personal Data

We retain personal data for the period necessary to fulfil the purposes for which it was collected, including legal, accounting, and regulatory requirements. For example, email addresses used for newsletters are retained for 12 months after the last interaction, unless you request deletion sooner. Analytics data is anonymised and stored for 6 months to identify trends and improve user experience.

6. Data Security Measures

Kitchendishmagic uses industry‑standard security practices to protect your data:

Encryption – all data in transit is protected by TLS 1.3; stored data is encrypted at rest.
Access Restrictions – role‑based access controls limit who can view or edit personal data.
Regular Audits – we conduct quarterly security audits and penetration tests to identify and remediate vulnerabilities.

7. Contact Us

For any questions about this policy, to exercise your GDPR rights, or to report a data breach, please email [email protected]. Our Data Protection Officer will respond within 30 days.

Last Updated: April 03, 2026