GDPR Compliance Policy

At flavorplatedaily.com, we are committed to protecting your privacy and complying with the European Union’s General Data Protection Regulation (GDPR). This policy explains what personal data we collect, how we use it, the legal bases for processing, and your rights as a data subject. If you have any questions or wish to exercise any of the rights described below, please contact us at [email protected].

1. Types of Personal Data We Collect

• Email Addresses: When you subscribe to our newsletter, register for an account, or place an order, we collect your email address to communicate with you about your account, order status, promotions, and other relevant updates.
• Cookies and Similar Technologies: We use cookies to improve your browsing experience, remember your preferences, and analyze site usage. This includes first‑party cookies (e.g., session cookies) and third‑party cookies from analytics providers.
• Analytics Data: Through services such as Google Analytics, we collect anonymous data on how visitors interact with our website (e.g., pages visited, time spent, referral sources). This helps us optimize content and improve user experience.

2. Legal Basis for Processing

We process your personal data on one or more of the following lawful bases:

• Consent: Where required, we obtain explicit consent—for example, when you sign up for our newsletter or agree to the use of cookies via a consent banner.
• Legitimate Interest: We rely on legitimate interest to provide, maintain, and improve our services, including website functionality, marketing, and security measures. We conduct a balancing test to ensure our interests do not override your privacy rights.
• Contractual Necessity: Processing is necessary for the performance of a contract with you, such as fulfilling orders or providing customer support.

3. How We Protect Your Data

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using HTTPS, ensuring confidentiality and integrity.
• Secure Servers: Our hosting environment is protected by industry‑standard firewalls, intrusion detection systems, and regular security audits.
• Access Controls: Only authorized personnel with a legitimate business need can access personal data. Access is logged and monitored.
• Retention Limits: We retain personal data only for as long as necessary to fulfill the purposes for which it was collected (e.g., up to 12 months after the last interaction, unless a longer retention period is required by law).

4. Your GDPR Rights

Under the GDPR, you have the following rights with respect to the personal data we hold about you:

Right to Access

You may request a copy of the personal data we hold about you, as well as information about how we process it. To exercise this right, please email [email protected] with a brief description of the data you wish to obtain.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you can request us to correct it. Send an email to [email protected] specifying the inaccuracies and the correct information.

Right to Erasure

You may ask for the deletion of your personal data, provided that no legal obligation requires us to retain it. Contact us at [email protected] with details of the data you wish to erase.

Right to Restrict Processing

If you believe the processing is incorrect or unlawful, you can request that we suspend further processing until the matter is resolved. Email [email protected] to initiate this request.

Right to Data Portability

You can obtain a structured, machine‑readable copy of your personal data and request that we transfer it to another controller. Please send a request to [email protected] indicating the format you prefer.

Right to Object

Under certain circumstances, you can object to the processing of your data—for instance, for direct marketing purposes. Notify us at [email protected], and we will stop processing unless we can demonstrate a compelling legitimate interest.

Right to Withdraw Consent

If you have provided consent for any processing activity, you can withdraw it at any time. This does not affect the lawfulness of any processing carried out before withdrawal. Contact us at [email protected] to withdraw your consent.

5. How to Exercise Your Rights

To exercise any of the rights listed above, please follow these steps:

1. Send a written request (email is acceptable) to [email protected] specifying the right you wish to exercise.
2. Include any relevant identifying information (e.g., email address, username) to help us locate your data.
3. If necessary, provide proof of identity (e.g., a scanned copy of a government ID). This is required only for certain rights such as data deletion or rectification to prevent unauthorized requests.
4. We will respond to your request within 30 days of receipt. In exceptional circumstances, we may extend this period by an additional 30 days, and we will inform you of the reason and the new deadline.

If you are unsatisfied with our response or believe we have not complied with the GDPR, you have the right to lodge a complaint with a supervisory authority in your country or the EU member state where you reside.

6. Data Retention and Deletion

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. For example:

• Email addresses are retained for up to 12 months after the last interaction, unless you request deletion earlier.
• Cookie data is stored for the duration of the session or the period specified in the cookie policy.
• Analytics data is anonymized and retained for 12 months to analyze trends.

Once the retention period expires, or upon your deletion request, we permanently delete the data from all active and backup storage systems.

7. Contact Information

For any inquiries about this policy or to exercise your rights, please contact:

GDPR Compliance Officer
flavorplatedaily
Email: [email protected]

We reserve the right to update this policy at any time. Any changes will be reflected above with an updated “Last Updated” date. We encourage you to review this policy periodically to stay informed about how we handle your personal data.