GDPR Compliance Policy

Last Updated: April 03, 2026

1. Introduction

Kitchenwhisker (“we”, “our”, “us”) is committed to protecting the privacy and personal data of all users, visitors, and customers of our website, kitchenwhisker.com. This policy explains how we collect, use, share, store, and protect personal information in compliance with the European Union’s General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. Data We Collect

We collect the following types of personal data:

• Email addresses – for newsletter subscriptions, order confirmations, and customer support.
• Cookies and similar technologies – to improve site functionality, analyze traffic, and personalize content.
• Analytics data – including IP addresses, device identifiers, and browsing behaviour via Google Analytics and other third‑party services.

3. Legal Basis for Processing

We rely on two lawful bases for processing personal data:

• Consent – when you explicitly opt‑in to receive marketing emails or use certain features that require personal data.
• Legitimate Interest – to maintain the security of our services, improve user experience, and comply with legal obligations.

4. How We Protect Your Data

Your data is safeguarded through:

• SSL/TLS encryption for all data transmitted between your browser and our servers.
• Secure, ISO 27001‑certified data centers with redundant power, fire suppression, and 24/7 monitoring.
• Role‑based access controls and multi‑factor authentication for all internal personnel who may access personal data.
• Data minimisation and limited retention: we keep personal data only for as long as necessary to fulfil the purposes stated in this policy or as required by law.

5. Your GDPR Rights

Under the GDPR, you have the following rights regarding your personal data. We provide icons for quick reference:

• Right to Access – You may request a copy of the personal data we hold about you.
• Right to Rectification – You can ask us to correct inaccurate or incomplete information.
• Right to Erasure – Also known as the “right to be forgotten,” you can request deletion of your data.
• Right to Restrict Processing – You may limit how we use your data, for instance during a dispute.
• Right to Data Portability – You can obtain your data in a structured, commonly used format for transfer to another service.
• Right to Object – You may object to processing for direct marketing or profiling purposes.
• Right to Withdraw Consent – You can withdraw consent at any time, and we will cease processing that data.

6. Exercising Your Rights

To exercise any of the rights above, please contact us at [email protected] with a brief description of your request. Include:

• Your full name and contact details.
• A description of the data you wish to access, correct, delete, or otherwise act upon.
• Any relevant identifiers (e.g., account number, email address) that help us locate your records.

We will respond to all legitimate requests within 30 days of receipt. If we need additional time, we will inform you of the reason and expected completion date. Should you be dissatisfied with our response, you have the right to lodge a complaint with a supervisory authority.

7. Data Retention

We retain personal data only for the period necessary to achieve the purposes for which it was collected, or as required by law. Typical retention periods are:

• Email addresses – up to 2 years after the last interaction unless you opt‑out earlier.
• Cookies – session cookies expire when the browser is closed; persistent cookies are deleted after 12 months.
• Analytics data – aggregated, anonymised data is retained for 12 months to improve site performance.

8. International Transfers

We may transfer personal data to servers located outside the European Economic Area (EEA). These transfers are conducted in compliance with GDPR safeguards, including Standard Contractual Clauses and adequate protection mechanisms.

9. Contact Information

If you have any questions about this policy or wish to exercise your rights, please reach out to:

GDPR Officer
Kitchenwhisker
Email: [email protected]

We appreciate your trust and are dedicated to ensuring your personal data is handled responsibly and transparently.