GDPR Compliance Policy

Effective Date: December 01, 2025

1. Introduction

At simplymomcooks (the “Website”), we are committed to protecting the privacy and personal data of our visitors, subscribers, and customers. This GDPR Compliance Policy explains how we collect, use, store, and protect personal data in accordance with the European Union General Data Protection Regulation (Regulation (EU) 2016/679 – “GDPR”). By using our services, you acknowledge that you have read and understood this policy.

2. Data We Collect

We only process personal data that is necessary for the legitimate purposes described below. The categories of data we collect include:

Email address – collected when you subscribe to our newsletter, register for an account, or contact us via the website.
Cookies and similar tracking technologies – used to remember your preferences, analyse site usage, and improve user experience.
Analytics data – aggregated information such as IP address, device type, browser, and pages visited, collected through Google Analytics and similar services.

We do not collect sensitive personal data (e.g., health information, political opinions) unless you voluntarily provide it, in which case it will be treated with the same level of protection.

3. How We Protect Your Data

We have implemented technical and organisational measures to safeguard personal data against unauthorised access, alteration, disclosure, or destruction:

SSL/TLS Encryption – all data transmitted between your browser and our servers is encrypted using HTTPS.
Secure Servers – our hosting environment is protected by firewalls, intrusion detection systems, and regular security patches.
Limited Retention – personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, after which it is securely deleted or anonymised.
Access Controls – only authorised personnel with a legitimate need can access personal data, and they are bound by confidentiality obligations.

While we strive to protect your information, no transmission over the Internet can be guaranteed to be 100 % secure. We encourage you to use strong, unique passwords and to keep your devices updated.

4. Legal Basis for Processing

We rely on the following lawful bases to process personal data under the GDPR:

Consent – when you voluntarily subscribe to our newsletter or opt‑in to marketing communications.
Legitimate Interests – for activities such as website security, analytics, and improving user experience, provided that your fundamental rights do not override these interests.

If we process data based on consent, you have the right to withdraw that consent at any time (see Section 6.7).

5. Your GDPR Rights

Under the GDPR, you enjoy a set of specific rights regarding your personal data. Each right is described below, together with an appropriate Bootstrap icon for quick visual reference.

Right to Access

You may request confirmation that we are processing your personal data and obtain a copy of the data we hold about you, together with information about the processing purposes, categories of data, recipients, and retention periods.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you have the right to have it corrected or completed without undue delay.

Right to Erasure (Right to be Forgotten)

You may ask us to delete your personal data when it is no longer necessary for the purposes for which it was collected, when you withdraw consent, or when you object to the processing and there are no overriding legitimate grounds.

Right to Restrict Processing

You can request that we limit the processing of your data while we verify its accuracy, or when you have exercised your right to object pending a review of the legitimate interests.

Right to Data Portability

You may receive your personal data in a structured, commonly used, machine‑readable format and transmit it to another controller without hindrance.

Right to Object

You have the right to object, on grounds relating to your particular situation, to processing that is based on legitimate interests or the performance of a task carried out in the public interest. This includes direct marketing activities.

Right to Withdraw Consent

Whenever we rely on your consent to process personal data, you may withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

6. How to Exercise Your Rights

To exercise any of the rights listed above, please follow these steps:

Send a written request to gdpr@simplymomcooks.com. Include your full name, a description of the right you wish to invoke, and any information that helps us verify your identity (e.g., the email address you used to register).
If you are requesting a copy of your data, please specify the preferred format (e.g., PDF, CSV).
For a withdrawal of consent or objection to marketing, you may also use the “unsubscribe” link found in any marketing email.
We will acknowledge receipt of your request within 5 business days and will act on it without undue delay.

We may ask for additional information to confirm your identity before fulfilling the request, in order to protect your privacy and prevent unauthorised disclosures.

7. Response Time

In accordance with Article 12 of the GDPR, we will respond to all verified requests within 30 calendar days. In complex cases, we may extend this period by a further two months, but we will notify you of any extension and the reasons for it within the initial 30‑day window.

8. Contact Information

If you have any questions about this policy, the data we hold, or how we process your personal information, please contact our Data Protection Officer (DPO) at:

Data Protection Officer
Email: gdpr@simplymomcooks.com
Website: https://simplymomcooks.com

9. Changes to This Policy

We may update this GDPR Compliance Policy from time to time to reflect changes in our practices, legal requirements, or technology. Any revisions will be posted on this page with a new “Last Updated” date. We encourage you to review the policy periodically.

Last Updated: December 01, 2025