GDPR Compliance Policy

Effective Date: December 01, 2025

Contact for Data Protection Queries: gdpr@recipesbymums.com

1. Introduction

recipesbymums (the “Site”) is committed to protecting the privacy and personal data of its visitors, subscribers, and users in accordance with the EU General Data Protection Regulation (GDPR). This policy explains what personal data we collect, why we collect it, how we process and protect it, and the rights you have under the GDPR.

2. Personal Data We Collect

Email address: Provided voluntarily when you sign up for our newsletter, download a recipe ebook, or submit a comment.
Cookies & similar technologies: Used to remember your preferences, keep you logged in, and analyse site usage.
Analytics data: Aggregated information such as IP address, browser type, device type, and pages visited, collected via Google Analytics and other services.

3. Legal Basis for Processing

We rely on the following lawful bases to process your personal data:

Consent (Article 6(1)(a)): When you explicitly agree to receive newsletters or marketing communications.
Legitimate Interests (Article 6(1)(f)): For website security, fraud prevention, and improving user experience through analytics.
Performance of a Contract (Article 6(1)(b)): When you request a downloadable resource that requires us to process your email address.

4. How We Protect Your Data

We employ a layered security approach to keep your personal data safe:

SSL Encryption: All data transmitted between your browser and our servers is encrypted using HTTPS (TLS 1.3).
Secure Servers: Our hosting environment is hosted in EU‑based data centres with regular security audits, firewalls, and intrusion‑detection systems.
Limited Retention: Email addresses are retained only for as long as you remain subscribed or until you request deletion. Analytics data is anonymised after 24 months.
Access Controls: Only authorised personnel with a legitimate need can access personal data, and all staff receive GDPR training.
Data Breach Procedures: In the unlikely event of a breach, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

5. Your GDPR Rights

Under the GDPR you enjoy the following rights. Each right is accompanied by a Bootstrap icon for quick identification.

Right to Access

You may request a copy of the personal data we hold about you, together with information about how we process it.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you can ask us to correct or complete it.

Right to Erasure (Right to be Forgotten)

You may request the deletion of your personal data where there is no compelling reason for us to retain it.

Right to Restrict Processing

You can ask us to limit the way we use your data while we verify the accuracy of the information or while a dispute is being resolved.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine‑readable format and to transmit it to another controller.

Right to Object

You may object to the processing of your data for direct marketing, profiling, or where processing is based on legitimate interests.

Right to Withdraw Consent

If we rely on your consent for processing, you may withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

6. How to Exercise Your Rights

To exercise any of the rights listed above, please follow these steps:

Send a written request to gdpr@recipesbymums.com. Include your full name, the email address you use on the Site, and a clear description of the right you wish to invoke.
If you are requesting access, rectification, erasure, or data portability, please provide a form of identification (e.g., a copy of a government‑issued ID) to verify your identity.
We will acknowledge receipt of your request within 5 business days and aim to complete the action within 30 calendar days, unless a longer period is justified under Article 12(3) GDPR.
If we need additional information to verify your identity or to clarify the request, we will contact you promptly.
You will receive a written response detailing the outcome of your request, any data we have provided, or the reasons for any refusal (e.g., legal obligations that require us to retain the data).

7. Data Retention Periods

We retain personal data only for as long as necessary:

Email subscriptions: Retained until you unsubscribe or request deletion.
Cookies & analytics: Session cookies are deleted when your browser is closed; persistent cookies are kept for a maximum of 12 months. Aggregated analytics data is retained for up to 24 months before being fully anonymised.
Contact form submissions: Stored for 12 months for follow‑up and quality assurance.

8. International Data Transfers

All processing takes place within the European Economic Area (EEA). If a transfer outside the EEA becomes necessary (e.g., using a third‑party email service), we will ensure an adequate level of protection by relying on Standard Contractual Clauses approved by the European Commission.

9. Changes to This Policy

We may update this GDPR Compliance Policy from time to time to reflect changes in our practices or legal requirements. Any material changes will be posted on this page with an updated “Last Updated” date. Continued use of the Site after such changes constitutes acceptance of the revised policy.

10. Supervisory Authority

If you believe that we have not complied with the GDPR, you have the right to lodge a complaint with a supervisory authority, such as the Information Commissioner’s Office (ICO) in the United Kingdom or the relevant authority in your EU member state.

This policy was prepared on December 01, 2025 and reflects the current data‑processing activities of recipesbymums. For any further questions, please contact us at gdpr@recipesbymums.com.