GDPR Compliance Policy

DishMealHub (the “Site”) is committed to protecting the privacy and personal data of all visitors and users in accordance with the General Data Protection Regulation (GDPR). This policy explains what personal data we collect, why we collect it, how we protect it, and your rights under the GDPR. If you have any questions or concerns, please contact us at [email protected].

Last Updated: April 03, 2026

Data We Collect

Contact Information: Email addresses submitted through contact forms, newsletter sign‑ups, or support requests.
Cookies & Tracking: Technical cookies that enable site functionality, analytics cookies that collect anonymous usage data, and marketing cookies if you opt‑in to targeted advertising.
Analytics: We use Google Analytics (with IP anonymization) to monitor traffic patterns and improve user experience. No personally identifiable data is stored in these analytics services.

How We Protect Your Data

All data transmitted to and from the Site is protected with HTTPS (SSL/TLS) to prevent interception. Personal data is stored on secure, access‑controlled servers located in the European Economic Area. We employ industry‑standard encryption at rest, multi‑factor authentication for administrative access, and regular penetration testing to identify and remediate vulnerabilities. Data retention periods are strictly limited:

Email addresses: retained for 12 months after the last interaction unless you request deletion.
Cookies: session cookies are deleted when the browser is closed; persistent cookies are deleted after 6 months.
Analytics: aggregated data is retained for 1 year for trend analysis.

Legal Basis for Processing

We process personal data on the following lawful bases:

Consent: When you voluntarily provide your email address to receive newsletters or updates, you give explicit consent for us to contact you. You may withdraw this consent at any time.
Legitimate Interest: We process data necessary for the operation of the Site, such as analyzing user interactions to improve functionality and security. This interest is balanced against your privacy rights and is documented in our internal data protection impact assessment.

Your GDPR Rights

Under the GDPR, you have the following rights regarding your personal data. Each right is illustrated with a Bootstrap icon for easy reference.

Right to Access

You may request a copy of all personal data we hold about you, including the purposes of processing, categories of data, recipients, and retention periods.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you can ask us to correct it promptly.

Right to Erasure

You may request the deletion of your personal data, subject to legal obligations or legitimate interests that require retention.

Right to Restrict Processing

You can ask us to limit how we process your data, for instance while we verify the accuracy of the information.

Right to Data Portability

You may receive your personal data in a structured, commonly used format and transfer it to another controller.

Right to Object

You can object to processing of your data for direct marketing or profiling purposes.

Right to Withdraw Consent

At any time, you may withdraw consent that you previously gave, and we will stop processing your data for that purpose.

How to Exercise Your Rights

To exercise any of the rights above, please contact us at [email protected] with the following information:

Your full name and contact details.
Specific request (e.g., “I would like a copy of all data I have provided”).
Proof of identity if requested (e.g., a scanned copy of a passport or driver’s license).

We will acknowledge receipt of your request within 5 business days and provide a response within 30 days, in line with GDPR requirements. If your request is complex, we may extend the period by an additional 30 days, but we will inform you of any delay and the reasons for it.

Response Time and Escalation

All GDPR requests will be processed within 30 calendar days of receipt. Where we need more time, we will notify you within 5 days of receiving your request and explain the reason for the delay. If you are not satisfied with our response or feel your rights have not been respected, you can file a complaint with the supervisory authority in your country or with the European Data Protection Board.

Updates to This Policy

DishMealHub may update this GDPR Compliance Policy from time to time. We will notify you of significant changes by posting a notice on the Site or by sending an email to the address we have on file. The “Last Updated” date at the top of this policy will reflect the most recent revision.

Contact Information

For any questions about this policy, your personal data, or to exercise your GDPR rights, please email us at [email protected]. We will respond as quickly as possible and provide the information or action requested in a clear, concise manner.