GDPR Compliance Policy

Effective as of December 06, 2025

What This Policy Covers

This GDPR (General Data Protection Regulation) Compliance Policy explains how dailymealspot (https://dailymealspot.com) collects, uses, stores, and protects personal data of individuals located in the European Economic Area (EEA). It also outlines your statutory rights under GDPR and how you can exercise them.

For any questions or to exercise your rights, please contact us at: gdpr@dailymealspot.com.

Data We Collect

Email address – provided when you sign up for newsletters, create an account, or request support.
Cookies & similar technologies – used to remember preferences, analyse traffic, and personalize content.
Analytics data – aggregated information such as page views, device type, and referral source collected through Google Analytics and a self‑hosted analytics solution.

We only process data that is necessary for the purposes described below and never sell personal data to third parties.

How We Protect Your Data

SSL/TLS Encryption – All data transmitted between your browser and our servers is protected by HTTPS (TLS 1.3).
Secure Servers – Our hosting environment is hardened with firewalls, intrusion detection, and regular security patches.
Limited Retention – Personal data is retained only as long as necessary for the purpose it was collected. Email addresses are deleted 24 months after the last interaction unless you have an active subscription.
Access Controls – Only authorized personnel with a legitimate business need can access personal data, and all access is logged.
Data Breach Procedures – In the unlikely event of a breach, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

Legal Basis for Processing

We rely on the following lawful bases under GDPR:

Consent – When you voluntarily subscribe to our newsletter or accept optional cookies, you give explicit consent for those specific purposes.
Legitimate Interests – For activities such as security monitoring, fraud prevention, and improving website performance, we process data based on a legitimate interest that does not override your fundamental rights.

If you withdraw consent, we will cease the related processing while retaining data that is required for other lawful purposes (e.g., legal obligations).

Your GDPR Rights

Right to Access

You may request a copy of the personal data we hold about you, together with information about how we process it.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you can ask us to correct or complete it without undue delay.

Right to Erasure (Right to be Forgotten)

You may request the deletion of your personal data where there is no overriding legal reason for us to keep it.

Right to Restrict Processing

You can ask us to limit the way we process your data while we verify its accuracy or while a dispute is being resolved.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine‑readable format and to transmit it to another controller.

Right to Object

You may object to the processing of your data for direct marketing, scientific/historical research, or any other legitimate interest that we rely on.

Right to Withdraw Consent

Where processing is based on consent, you can withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before the withdrawal.

To exercise any of these rights, please send a written request to gdpr@dailymealspot.com. Include sufficient information to verify your identity (e.g., the email address used on our site) and a clear description of the action you are requesting.

We will acknowledge receipt of your request within 5 business days and aim to complete the action within 30 calendar days, in line with GDPR Article 12. In exceptional cases where the request is complex or numerous, we may extend the period by up to two further months, but we will inform you of any extension and the reasons for it within the initial 30‑day period.

Retention Periods

We retain personal data only for as long as necessary:

Email addresses – 24 months after the last interaction, unless you maintain an active subscription.
Cookies & analytics identifiers – 12 months, after which they are automatically deleted or anonymised.

When the retention period expires, the data is securely destroyed or anonymised so that it can no longer be linked to an individual.

International Transfers

All personal data is stored on servers located within the European Economic Area (EEA). If a transfer outside the EEA becomes necessary (e.g., for technical support), we will ensure an adequate level of protection through Standard Contractual Clauses or other approved mechanisms.

Changes to This Policy

We review this policy regularly. Any material changes will be posted on this page with an updated “Last Updated” date. Continued use of the site after such changes constitutes acceptance of the revised policy.

Contact Information

If you have any concerns about how we handle your personal data or wish to lodge a complaint, you may contact our Data Protection Officer at:

DailyMealSpot – Data Protection Officer
Email: gdpr@dailymealspot.com

You also have the right to lodge a complaint with a supervisory authority in your member state, such as the Data Protection Commissioner of your country.