GDPR Compliance Policy

Daily Plate Kitchen (“we”, “us”, “our”) is committed to protecting the personal data of our visitors, customers, and partners in accordance with the General Data Protection Regulation (EU Regulation 2016/679 – “GDPR”). This policy explains what personal data we collect, why we process it, how we safeguard it, and how you can exercise your GDPR rights.

1. Information We Collect

We collect only the data that is necessary for the legitimate operation of our website and services. The categories of personal data we process are:

• Email address – provided voluntarily when you subscribe to our newsletter, request a recipe, or contact us.
• Cookies and similar tracking technologies – used to remember your preferences, analyse site traffic, and improve user experience. This includes first‑party session cookies, analytics cookies (Google Analytics), and consent‑management cookies.
• Analytics data – aggregated information such as pages visited, time spent on site, and referral source. This data is anonymised where possible.

2. Legal Basis for Processing

We process personal data only when we have a valid legal basis under the GDPR:

• Consent – when you voluntarily sign up for our newsletter or accept cookies, you give us explicit consent to process your email address and tracking data.
• Legitimate interest – we use legitimate interest to improve the website’s performance, analyse traffic patterns, and prevent fraud. Your rights and interests always take precedence, and you may object at any time (see Section 5).

3. How We Protect Your Data

We have implemented technical and organisational measures to ensure a high level of data security:

• SSL encryption – all data transmitted between your browser and our servers is protected by HTTPS (TLS 1.2+).
• Secure servers – our hosting environment is hosted in data centres that comply with ISO 27001 and undergo regular security audits.
• Limited retention – email addresses are retained only for as long as you remain subscribed or until you request deletion. Analytics data is stored for a maximum of 24 months in an anonymised form.
• Access controls – only authorised personnel with a legitimate business need can access personal data, and they are required to sign confidentiality agreements.
• Regular testing – we perform vulnerability scans and penetration testing on a quarterly basis.

4. Your GDPR Rights

Under the GDPR you enjoy a set of specific rights regarding your personal data. Each right is listed below with a Bootstrap icon for easy identification.

• Right to Access

  You may request a copy of the personal data we hold about you, together with information about how we process it.

• Right to Rectification

  If any of your personal data is inaccurate or incomplete, you can ask us to correct or complete it without undue delay.

• Right to Erasure (“Right to be Forgotten”)

  You may request the deletion of your personal data where there is no legal requirement for us to retain it (e.g., you unsubscribe from our newsletter).

• Right to Restrict Processing

  You can ask us to limit the way we use your data while we verify the accuracy of the information or while a dispute is being resolved.

• Right to Data Portability

  You have the right to receive your personal data in a structured, commonly used, machine‑readable format and to transmit it to another controller.

• Right to Object

  You may object to the processing of your data for direct marketing, profiling, or any other legitimate‑interest basis. We will cease processing unless we demonstrate compelling legitimate grounds.

• Right to Withdraw Consent

  If we rely on your consent to process data (e.g., newsletters or cookies), you can withdraw that consent at any time without affecting the lawfulness of processing before the withdrawal.

5. How to Exercise Your Rights

To exercise any of the rights listed above, please follow these steps:

1. Send a written request to gdpr@dailyplatekitchen.com. Include your full name, a clear description of the right you wish to invoke, and any relevant details that will help us identify your data (e.g., the email address you used to subscribe).
2. We may ask for additional verification to confirm your identity, especially for requests involving erasure or data portability.
3. We will acknowledge receipt of your request within 5 business days and will act on it without undue delay, and in any case within 30 calendar days, as required by the GDPR.
4. If we need more time (e.g., due to the complexity of the request), we will inform you of the extension and the reasons for it within the initial 30‑day period.

6. Response Time

All GDPR‑related requests are handled in accordance with the statutory deadline of 30 days from the date we receive the request. In exceptional circumstances, this period may be extended by a further two months, and you will be notified of the extension and the reasons for it.

7. Contact Information

If you have any questions about this policy, the data we process, or how we protect your privacy, please contact our Data Protection Officer at:

Email: gdpr@dailyplatekitchen.com
Website: https://dailyplatekitchen.com

8. Updates to This Policy

We review this GDPR Compliance Policy regularly and may update it to reflect changes in legislation, our processing activities, or best practice. The date of the most recent revision is shown below.

Last Updated: December 06, 2025