MumRecipeBox GDPR Compliance Policy

MumRecipeBox (https://mumrecipebox.com) is committed to protecting the personal data of its users and complying with the European Union’s General Data Protection Regulation (GDPR). This policy explains what personal data we collect, why we collect it, how we protect it, and the rights you have under the GDPR.

1. Data We Collect

We collect and process the following categories of personal data:

• Email address: Used for newsletter subscriptions, account creation, password resets, and to send you updates about new recipes, features, or promotional offers.
• Cookies and similar technologies: We place essential cookies to keep you logged in, and analytical cookies (e.g., Google Analytics) to understand how visitors use our site and improve the user experience.
• Analytics data: Includes IP address (anonymised where possible), device type, browser, pages visited, and time spent on each page.

2. Legal Basis for Processing

Our processing activities are based on the following lawful grounds under GDPR:

• Consent: When you voluntarily subscribe to our newsletter or accept non‑essential cookies, you give explicit consent for us to process your email address and related data.
• Legitimate interest: We use legitimate interest to process analytical data for improving site performance, security, and user experience. This interest is balanced against your rights and freedoms, and you may object at any time (see Section 5).

3. How We Protect Your Data

We employ a range of technical and organisational measures to safeguard personal data:

• SSL Encryption: All data transmitted between your browser and our servers is encrypted using HTTPS (TLS 1.2+).
• Secure Servers: Our hosting environment is protected by firewalls, intrusion detection systems, and regular security patches.
• Limited Retention: Email addresses are retained only as long as you remain subscribed or until you request deletion. Analytical data is retained for a maximum of 24 months in an aggregated, anonymised form.
• Access Controls: Only authorised personnel with a legitimate need can access personal data, and they are bound by confidentiality agreements.

4. Your GDPR Rights

Under the GDPR, you enjoy the following rights. Each right is accompanied by a Bootstrap icon for quick visual reference.

• Right to Access

  You may request a copy of the personal data we hold about you, along with information about how we process it.

• Right to Rectification

  If any of your personal data is inaccurate or incomplete, you can ask us to correct or complete it without undue delay.

• Right to Erasure (Right to be Forgotten)

  You may request the deletion of your personal data where there is no compelling reason for us to retain it, such as when you unsubscribe from our newsletter.

• Right to Restrict Processing

  You can ask us to limit the way we use your data while we verify the accuracy of the data or assess a request for erasure.

• Right to Data Portability

  You have the right to receive your personal data in a structured, commonly used, machine‑readable format and to transmit it to another controller.

• Right to Object

  You may object to the processing of your data for direct marketing, profiling, or where we rely on legitimate interests.

• Right to Withdraw Consent

  If processing is based on your consent, you can withdraw that consent at any time, without affecting the lawfulness of processing before the withdrawal.

5. How to Exercise Your Rights

To exercise any of the rights listed above, please follow these steps:

1. Send a written request to our Data Protection Officer at gdpr@mumrecipebox.com. Include your full name, the email address you use on MumRecipeBox, and a clear description of the right you wish to invoke.
2. Provide proof of identity (e.g., a scanned government ID) if we need to verify that the request is coming from the data subject.
3. If you are requesting erasure, specify whether you also want us to delete any data held by third‑party services (e.g., mailing list providers).
4. We will acknowledge receipt of your request within 5 business days and aim to complete the action within the statutory 30‑day period.

6. Response Time

All requests will be processed in accordance with the GDPR’s 30‑day deadline. In complex cases, we may extend the period by a further two months, but we will inform you of any extension and the reasons for it within the initial 30‑day window.

7. Contact Information

If you have any questions about this policy, the data we hold, or wish to exercise any of your rights, please contact us:

MumRecipeBox Data Protection Officer
Email: gdpr@mumrecipebox.com
Website: https://mumrecipebox.com

8. Changes to This Policy

We may update this GDPR Compliance Policy from time to time to reflect changes in our practices or legal requirements. Any revisions will be posted on this page with a new “Last Updated” date. We encourage you to review the policy periodically.

Last Updated: December 01, 2025