GDPR Compliance Policy

Effective Date: December 01, 2025

Website: https://easyrecipesecrets.com

Contact for Data‑Protection Queries: gdpr@easyrecipesecrets.com

1. Introduction

easyrecipesecrets (the “Site”) is committed to protecting the personal data of its visitors, subscribers, and users in accordance with the European Union General Data Protection Regulation (EU) 2016/679 (GDPR). This policy explains what personal data we collect, how we use it, the legal bases for processing, the security measures we have in place, and the rights you enjoy under the GDPR.

2. Personal Data We Collect

We collect only the data that is necessary to provide you with a functional, secure, and personalized experience. The categories of personal data we process include:

• Email address – collected when you subscribe to our newsletter, request a recipe, or contact us via the contact form.
• Cookies and similar tracking technologies – used to remember your preferences, analyse site usage, and improve performance. This includes first‑party session cookies, analytics cookies (Google Analytics), and consent‑management cookies.
• Analytics data – aggregated information such as page views, device type, browser, IP address (anonymised after collection), and referral source. This data helps us understand how visitors interact with the Site and optimise content.

3. Legal Basis for Processing

We rely on the following lawful bases under Article 6 of the GDPR:

• Consent (Article 6(1)(a)) – When you voluntarily provide your email address for newsletters or recipe updates, you give explicit consent for us to process that information for the stated purpose.
• Legitimate Interests (Article 6(1)(f)) – The use of cookies and analytics data is necessary for the legitimate interest of maintaining, securing, and improving the Site’s functionality and user experience. We balance this interest against your privacy rights and provide an easy opt‑out mechanism.

4. How We Protect Your Data

We employ a range of technical and organisational measures to ensure the confidentiality, integrity, and availability of personal data:

• SSL/TLS Encryption – All data transmitted between your browser and our servers is encrypted using HTTPS (TLS 1.2 or higher).
• Secure Servers – Our hosting environment is protected by firewalls, intrusion‑detection systems, and regular security patches.
• Limited Retention – Email addresses are retained only as long as you remain subscribed or until you request deletion. Analytics data is anonymised after 12 months, and cookies are automatically cleared according to the duration set in the cookie’s lifespan.
• Access Controls – Only authorised personnel with a legitimate need to access personal data are granted permission, and they must adhere to strict confidentiality obligations.
• Data Breach Procedures – In the unlikely event of a breach, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

5. Your GDPR Rights

Under the GDPR, you have the following rights concerning your personal data. Each right is explained in plain language, and we have provided a convenient icon for quick reference.

• Right to Access – You may request a copy of the personal data we hold about you, together with information about how we process it. This includes the purposes of processing, categories of data, and any recipients of your data.
• Right to Rectification – If any of your personal data is inaccurate or incomplete, you have the right to have it corrected or completed without undue delay.
• Right to Erasure (“Right to be Forgotten”) – You may ask us to delete your personal data when it is no longer necessary for the purposes for which it was collected, you withdraw consent, or you object to the processing and there are no overriding legitimate grounds.
• Right to Restrict Processing – You can request that we limit the way we use your data while we verify the accuracy of the data, or while a dispute about the processing is being resolved.
• Right to Data Portability – You may receive your personal data in a structured, commonly used, machine‑readable format and transmit it to another controller without hindrance.
• Right to Object – You may object to the processing of your data for direct marketing, scientific/historical research, or statistical purposes. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.
• Right to Withdraw Consent – Where processing is based on your consent, you can withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

6. How to Exercise Your Rights

To exercise any of the rights listed above, please follow these steps:

1. Send a written request to our Data Protection Officer at gdpr@easyrecipesecrets.com. Include your name, the email address you used with us, and a clear description of the right you wish to invoke.
2. If you are requesting access, rectification, erasure, restriction, or data portability, you may be asked to provide proof of identity (e.g., a scanned ID) to prevent unauthorised disclosures.
3. We will acknowledge receipt of your request within 5 business days and aim to complete the action within 30 calendar days, as required by Article 12 of the GDPR.
4. If we need additional time (e.g., because the request is complex or we have received many requests), we will inform you of the extension and the reasons for it within the initial 30‑day period.

7. Response Time

All legitimate requests will be processed within 30 days of receipt. In exceptional circumstances, the deadline may be extended by a further two months, but you will be notified of any extension and the reasons for it.

8. International Data Transfers

Our servers are located within the European Economic Area (EEA). If we ever need to transfer personal data outside the EEA, we will ensure that appropriate safeguards (e.g., Standard Contractual Clauses) are in place, guaranteeing an equivalent level of protection.

9. Updates to This Policy

We review this GDPR Compliance Policy regularly. Any material changes will be posted on this page with an updated “Last Updated” date. Continued use of the Site after changes indicates your acceptance of the revised policy.

10. Contact Information

If you have any questions about this policy, the processing of your personal data, or wish to lodge a complaint, please contact us at:

Alternatively, you may contact the supervisory authority in your EU member state if you believe your rights under the GDPR have been infringed.