GDPR Compliance Policy
Effective date: December 01, 2025
mumrecipeguide (https://mumrecipeguide.com) is committed to protecting the privacy and personal data of its visitors, subscribers, and users in accordance with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679). This policy explains what personal data we collect, why we process it, how we protect it, and the rights you have under the GDPR.
1. Data We Collect
We collect only the data that is necessary for the legitimate purposes described below. The categories of personal data we process are:
- Email address – when you subscribe to our newsletter, request a recipe, or contact us via the contact form.
- Cookies & similar tracking technologies – to remember your preferences, analyse site usage, and improve user experience.
- Analytics data – aggregated information such as page views, device type, and referral source collected through Google Analytics (IP addresses are anonymised).
2. How We Use Your Data
We process personal data for the following lawful purposes:
- Consent – sending newsletters, promotional emails, and responding to enquiries you initiate.
- Legitimate interest – maintaining website security, improving functionality, and analysing traffic patterns to enhance the overall user experience.
3. Legal Basis for Processing
Under the GDPR, each processing activity must have a legal basis. For mumrecipeguide these are:
- Consent (Article 6(1)(a)) – you voluntarily provide your email address and expressly agree to receive communications.
- Legitimate interest (Article 6(1)(f)) – we have a genuine interest in protecting the site, preventing fraud, and improving service quality.
- Legal obligation (Article 6(1)(c)) – where required by tax, accounting, or consumer protection laws.
4. Data Security Measures
We employ a range of technical and organisational safeguards to protect your personal data:
- SSL/TLS encryption – all data transmitted between your browser and our servers is encrypted using HTTPS.
- Secure servers – hosted in data centres that comply with ISO 27001 and SOC 2 standards.
- Limited retention – email addresses are retained only as long as you remain subscribed or until you request deletion. Analytics data is stored in an aggregated, anonymised form for a maximum of 24 months.
- Access controls – only authorised personnel with a legitimate need can access personal data, and all access is logged.
- Regular audits – periodic security reviews and vulnerability scans are performed to identify and remediate risks.
5. Your GDPR Rights
As a data subject, you enjoy a series of rights under the GDPR. Each right is listed below with a brief description and an icon for quick reference.
-
Right to Access – You may request confirmation that we are processing your personal data and obtain a copy of that data, together with information about the processing purposes, categories, and recipients.
-
Right to Rectification – If any of your personal data is inaccurate or incomplete, you have the right to request correction or completion without undue delay.
-
Right to Erasure (“Right to be Forgotten”) – You may ask us to delete your personal data where there is no longer a lawful basis for processing, such as when you unsubscribe from the newsletter.
-
Right to Restrict Processing – You can request that we limit the way we use your data while we verify the accuracy of the information or resolve a dispute.
-
Right to Data Portability – You may receive your personal data in a structured, commonly used, machine‑readable format and transmit it to another controller.
-
Right to Object – You may object to processing based on legitimate interests or direct marketing. Upon objection, we will cease the relevant processing unless we can demonstrate compelling legitimate grounds.
-
Right to Withdraw Consent – Where processing is based on your consent (e.g., newsletter subscription), you can withdraw that consent at any time, without affecting the lawfulness of processing based on consent before withdrawal.
6. How to Exercise Your Rights
To exercise any of the rights listed above, please contact our Data Protection Officer (DPO) using the details below. Your request will be acknowledged within 5 business days and we will act on it without undue delay, and in any event within 30 calendar days of receipt, as required by the GDPR.
When contacting us, please provide:
- Your full name and, if applicable, the email address associated with your mumrecipeguide account.
- A clear description of the right you wish to invoke (e.g., “I would like to exercise my right to erasure”).
- Any additional information that will help us verify your identity (e.g., a recent email you received from us).
7. Contact Information
If you have questions about this policy, need clarification on any of your rights, or wish to lodge a complaint, please contact our DPO directly:
Data Protection Officer – mumrecipeguide
Email: gdpr@mumrecipeguide.com
8. Complaints to a Supervisory Authority
If you believe that your data protection rights have been infringed, you have the right to lodge a complaint with a supervisory authority in the EU member state where you reside, work, or where the alleged infringement took place. For residents of the United Kingdom, the relevant authority is the Information Commissioner’s Office (ICO).
9. Policy Updates
We review this GDPR Compliance Policy regularly and will update it when necessary to reflect changes in our practices, legal requirements, or technology. The “Last Updated” date at the top of this page indicates the most recent revision. Continued use of mumrecipeguide after a change constitutes acceptance of the revised policy.
10. International Transfers
All personal data is processed within the European Economic Area (EEA). If a transfer outside the EEA becomes necessary (e.g., for third‑party service providers), we will ensure appropriate safeguards such as Standard Contractual Clauses are in place, guaranteeing an equivalent level of protection.
11. Children’s Privacy
Our services are intended for individuals aged 16 and older. We do not knowingly collect personal data from children under the age of 16. If we become aware that such data has been inadvertently collected, we will promptly delete it.
12. Data Retention Schedule
| Data Category |
Retention Period |
Reason for Retention |
| Email address (newsletter subscribers) |
Until unsubscribed or request deletion |
Communication and marketing compliance |
| Cookies & analytics identifiers |
Maximum 24 months (anonymised) |
Statistical analysis and site optimisation |
| Contact form submissions |
30 days after resolution |
Customer support and record keeping |
We appreciate your trust in mumrecipeguide and are dedicated to handling your personal information responsibly and transparently.
