KitchenMoms GDPR Compliance Policy

1. Introduction

KitchenMoms (https://kitchenmoms.com) is committed to protecting the privacy and personal data of its users, visitors, and customers. This GDPR (General Data Protection Regulation) Compliance Policy explains how we collect, use, store, and safeguard personal data in accordance with Regulation (EU) 2016/679. By using our website, you acknowledge that you have read and understood the practices described below.

2. Data We Collect

KitchenMoms processes the following categories of personal data:

• Email address – collected when you subscribe to our newsletter, register for an account, or contact us via the website.
• Cookies and similar tracking technologies – used to remember your preferences, analyse traffic, and improve user experience.
• Analytics data – aggregated information such as IP address, browser type, device type, and pages visited, processed through third‑party analytics services.

We do not collect sensitive data (e.g., health information, racial or ethnic origin) unless you voluntarily provide it in a support request, in which case it is treated with the same level of protection as the data listed above.

3. Legal Basis for Processing

Our processing activities are grounded in the following lawful bases under GDPR:

• Consent – When you sign up for the newsletter or accept our cookie banner, you explicitly consent to the processing of your email address and tracking data for marketing and analytics purposes.
• Legitimate Interests – We process analytics data and use cookies to improve site performance, security, and user experience. These activities are necessary for the legitimate interests of KitchenMoms and are balanced against your fundamental rights and freedoms.

If we ever need to rely on a different legal basis (e.g., performance of a contract), we will clearly inform you at the point of collection.

4. How We Protect Your Data

Security is a top priority. KitchenMoms implements a layered approach to protect personal data:

• Transport Layer Security (TLS/SSL) – All data transmitted between your browser and our servers is encrypted using HTTPS.
• Secure Servers – Our hosting environment is hardened, regularly patched, and monitored 24/7 for suspicious activity.
• Limited Retention – Email addresses are retained only as long as you remain subscribed or until you request deletion. Analytics data is anonymised after 12 months.
• Access Controls – Only authorised personnel with a legitimate need can access personal data, and all access is logged.
• Regular Audits – We conduct periodic privacy and security audits to ensure ongoing compliance with GDPR.

5. Your GDPR Rights

Under GDPR, you enjoy a set of rights concerning your personal data. KitchenMoms respects each of these rights and provides clear mechanisms for you to exercise them.

• Right to Access

  You may request a copy of the personal data we hold about you, together with information about how we process it, the purposes of processing, and the recipients of your data.

• Right to Rectification

  If any of your personal data is inaccurate or incomplete, you can ask us to correct or complete it without undue delay.

• Right to Erasure (“Right to be Forgotten”)

  You may request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and no other legal basis applies.

• Right to Restrict Processing

  You can ask us to limit the processing of your data while we verify the accuracy of the data or while a dispute is being resolved.

• Right to Data Portability

  Upon request, we will provide your personal data in a structured, commonly used, and machine‑readable format, or transmit it directly to another controller where technically feasible.

• Right to Object

  You have the right to object, on grounds relating to your particular situation, to the processing of your data for direct marketing, profiling, or where we rely on legitimate interests.

• Right to Withdraw Consent

  Where processing is based on your consent, you may withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

6. How to Exercise Your Rights

To invoke any of the rights listed above, please contact our Data Protection Officer (DPO) using the details provided in Section 9. Your request should include:

1. Your full name and contact details (email address is sufficient for verification).
2. A clear description of the right you wish to exercise and the specific action you request.
3. Any supporting documentation that helps us identify your data (e.g., the email address used for subscription).

We will acknowledge receipt of your request within 5 business days and will provide a substantive response no later than 30 calendar days, unless a longer period is required due to the complexity or number of requests. In such cases, we will inform you of the extension and its justification within the initial 30‑day period.

7. Response Time

KitchenMoms adheres to the GDPR‑mandated maximum response period of 30 days for all requests concerning your personal data. If we need more time, we will extend the deadline by up to an additional 2 months, providing you with a clear explanation for the delay.

8. Changes to This Policy

We review this policy regularly and may update it to reflect changes in our practices, legal requirements, or technological developments. Any material changes will be posted on this page with an updated “Last Updated” date. Continued use of the KitchenMoms website after such updates constitutes acceptance of the revised policy.

9. Contact Information

If you have questions, concerns, or wish to exercise any of your GDPR rights, please reach out to our Data Protection Officer:

We aim to respond to all inquiries promptly and transparently, in line with GDPR requirements.