GDPR Policy - Mydinnerjoy

MyDinnerJoy GDPR Compliance Policy

MyDinnerJoy (“we”, “our”, “us”) is committed to protecting your privacy and ensuring the lawful processing of your personal data in accordance with the European Union General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679). This policy explains what personal data we collect, how we use it, the legal bases for our processing activities, and your rights as a data subject. By using our website (mydinnerjoy.info) you acknowledge that you have read and understood this policy.

1. Data We Collect

Email addresses: Collected when you sign up for newsletters, create an account, or request information. This data is used to communicate with you and provide personalized content.
Cookies and Similar Technologies: We use first‑party cookies to remember your preferences, session information, and to improve your browsing experience. Third‑party cookies are employed for analytics and advertising purposes.
Analytics Data: We collect anonymous usage data via Google Analytics and Matomo to understand how visitors interact with our site. This includes page views, session duration, and device information.

2. How We Protect Your Data

SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS, ensuring confidentiality and integrity.
Secure Servers: We host our services on reputable cloud providers that implement industry‑standard physical and logical security controls, including firewalls, intrusion detection, and regular security audits.
Access Controls: Only authorized personnel with a legitimate business need are granted access to personal data. Role‑based access and two‑factor authentication are enforced.
Retention Policy: Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected. Email addresses are kept for the duration of the subscription or until you request deletion. Cookies are automatically deleted after their defined lifespan, and analytics data is anonymized and stored for a maximum of 12 months.
Data Breach Response: In the unlikely event of a data breach, we follow GDPR’s notification requirements and will inform affected individuals and supervisory authorities within 72 hours, where applicable.

3. Legal Basis for Processing

We process your personal data on one of the following lawful bases:

Consent: When you voluntarily provide your email address or opt‑in to receive communications, we rely on your explicit consent. You may withdraw consent at any time via the link in the communications or by contacting us.
Legitimate Interest: We process data for purposes such as improving website functionality, providing personalized content, and conducting analytics. We have conducted a Legitimate Interest Assessment (LIA) to ensure that our interests do not override your rights and freedoms.
Contractual Necessity: When you are a registered user, we process your data to fulfill our contractual obligations, such as managing your account and delivering content.

4. Your GDPR Rights

Right to Access

You may request a copy of the personal data we hold about you, including the purposes of processing and the categories of data. We will provide this information in a structured, commonly used format within 30 days.

Right to Rectification

If any personal data is inaccurate or incomplete, you can request that we correct it promptly. We will verify your identity before making changes.

Right to Erasure (Right to Be Forgotten)

You may ask us to delete your personal data, provided no legal obligation requires us to retain it. We will remove the data from all active systems and, where feasible, from backups.

Right to Restrict Processing

In certain circumstances, you can request that we limit the use of your personal data. During this period, we may store the data but will not process it further.

Right to Data Portability

You may obtain your personal data in a machine‑readable format and transfer it to another controller, subject to legal constraints.

Right to Object

You can object to the processing of your data for direct marketing, profiling, or other purposes. Once we receive your objection, we will cease processing unless we can demonstrate compelling legitimate grounds.

Right to Withdraw Consent

Consent can be withdrawn at any time by contacting us or using the unsubscribe links in our communications. Withdrawal does not affect the legality of processing that was carried out before the withdrawal.

5. How to Exercise Your Rights

To exercise any of the rights above, please send a written request to [email protected]. Your request should include:

Your full name and contact details.
A brief description of the data you wish to access, correct, delete, or restrict.
Any supporting documentation that can help us verify your identity (e.g., a copy of a government‑issued ID).

We will respond to your request within 30 days of receipt. If we need additional time to investigate, we will inform you of the delay and the reason for it.

6. Contact Information

For any questions, concerns, or complaints regarding this policy or our data processing activities, please contact our Data Protection Officer:

Email: [email protected]
Address: MyDinnerJoy, 123 Culinary Avenue, Food City, 45678, Country

7. Effective Date

This GDPR Compliance Policy was last updated on April 03, 2026. We reserve the right to update this policy as required by law or to reflect changes in our data processing activities. Any updates will be posted on this page and, where appropriate, communicated to you directly.