Dishpantry GDPR Compliance Policy

Dishpantry (“we”, “our”, or “us”) is committed to safeguarding your personal data and respecting your privacy. This policy explains how we collect, use, protect, and share personal information in accordance with the General Data Protection Regulation (GDPR) and related EU data‑protection laws.

1. Personal Data We Collect

When you interact with Dishpantry, we may collect the following types of personal data:

Email addresses – used for account registration, order confirmations, newsletters, and customer support.
Cookies and similar tracking technologies – including first‑party cookies that enable website functionality and third‑party cookies used by analytics providers.
Analytics data – anonymized or pseudonymized data collected through Google Analytics, Matomo, or other services to improve website performance and user experience.

2. How We Protect Your Data

Dishpantry employs a range of technical and organisational measures to protect personal data from loss, misuse, unauthorized access, alteration, or disclosure:

All data transmitted between your browser and our servers is encrypted using Transport Layer Security (TLS) 1.3 (HTTPS).
Our servers are hosted in secure, ISO‑27001‑certified data centres with physical access controls, fire suppression, and redundant power supplies.
We limit data retention to the minimum period necessary for the purposes outlined in this policy; for example, email addresses are retained for the duration of your account and any related orders, after which they are securely deleted.
Regular security audits and penetration testing are conducted to identify and remediate vulnerabilities.

3. Legal Basis for Processing

We process personal data based on the following lawful bases:

Consent – where you have explicitly opted in to receive marketing communications or newsletters.
Legitimate Interest – where we need to process data to provide and improve our services, such as fraud prevention, order fulfilment, and website optimisation.

4. Your GDPR Rights

Under the GDPR, you have the following rights regarding your personal data. Each right is illustrated with a Bootstrap icon for quick reference.

Right to Access

You may request a copy of the personal data we hold about you, including the categories of data, sources, and intended recipients.

Right to Rectification

If you believe any information is inaccurate or incomplete, you can request correction or completion of that data.

Right to Erasure (Right to be Forgotten)

Where applicable, you can ask us to delete your personal data, for example, if it is no longer necessary or if you withdraw consent.

Right to Restrict Processing

You may request that we limit the processing of your data, such as when you contest its accuracy or the legality of its use.

Right to Data Portability

We will provide your personal data in a structured, commonly used, and machine‑readable format, allowing you to transfer it to another service.

Right to Object

At any time, you can object to the processing of your data for direct marketing or profiling purposes.

Right to Withdraw Consent

You may withdraw previously given consent at any time; this will not affect the lawfulness of any processing conducted before withdrawal.

5. How to Exercise Your Rights

To exercise any of the above rights, please contact us at [email protected] with a brief description of your request. For example, you might write: “I would like to exercise my right to access my personal data.”

When contacting us, please provide sufficient information for us to verify your identity, such as your account email address, name, and any other details that help confirm you are the data subject.

We will respond to your request within 30 calendar days of receipt, and we will inform you if we need additional time or if we have fulfilled your request.

6. Contact Us

If you have any questions, concerns, or complaints about this policy or our data‑processing activities, feel free to reach out:

Email: [email protected]
Postal address: 123 Foodie Lane, Culinary City, 45678, USA

7. Updates to This Policy

We may update this GDPR Compliance Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a new “Last Updated” date. Your continued use of Dishpantry after any changes constitutes acceptance of the updated terms.

Last Updated: April 03, 2026