GDPR Compliance Policy
Welcome to Flavormum (the “Site”). This GDPR Compliance Policy explains how we collect, use, protect and share your personal data in accordance with the European Union General Data Protection Regulation (GDPR). By using the Site, you acknowledge that you have read, understood and agreed to this policy.
1. Who We Are
Flavormum operates under the domain flavormum.link. For any GDPR‑related inquiries, please contact us at [email protected].
2. Data We Collect
We collect only the data that is necessary to provide a personalised, secure and enjoyable experience. The categories of personal data we collect include:
- Email addresses – used for account creation, login, password recovery, and occasional newsletters or updates.
- Cookies and similar technologies – used to remember your preferences, keep you logged in, and optimise the Site’s performance.
- Analytics data – including IP addresses, device type, operating system, and browsing behaviour, collected via Google Analytics (or similar) to improve our services and user experience.
3. How We Protect Your Data
Your privacy and security are paramount. We employ the following measures to safeguard your personal data:
- Transport Layer Security (TLS/SSL) – All data transmitted between your device and our servers is encrypted using TLS 1.3.
- Secure Servers and Firewalls – Our hosting environment is protected by industry‑standard firewalls, intrusion detection systems, and regular vulnerability scans.
- Access Controls – Only authorised personnel with a legitimate business need can access personal data. All staff undergo regular data protection training.
- Data Minimisation and Retention – We retain personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by law. Email addresses are deleted after 12 months of inactivity; analytics data is anonymised after 30 days.
4. Legal Basis for Processing
We process personal data on the following lawful bases:
- Consent – You explicitly consent to the collection of your email address when you register or subscribe to newsletters. Consent is freely given, specific, informed and unambiguous.
- Legitimate Interest – We rely on legitimate interest to use cookies and analytics for improving the Site’s performance, detecting security threats, and personalising your experience. We have conducted a balancing test to ensure that your interests are not outweighed by our legitimate interests.
5. Your GDPR Rights
Under the GDPR you have the following rights with respect to your personal data. For each right, we provide a brief explanation and how you can exercise it.
Right to Access – You can request a copy of the personal data we hold about you, along with details of how we process it, the purpose, and the recipients.
Right to Rectification – If your personal data is inaccurate or incomplete, you can ask us to correct it.
Right to Erasure (Right to be Forgotten) – You can request the deletion of your personal data, subject to legal or contractual obligations that may prevent it.
Right to Restrict Processing – You can ask us to limit the processing of your data, for example while we verify the accuracy of the information.
Right to Data Portability – You can receive your personal data in a structured, commonly used format and transfer it to another controller.
Right to Object – You can object to the processing of your data for direct marketing or profiling purposes.
Right to Withdraw Consent – You may withdraw consent at any time, and we will cease processing your data that was based on that consent.
6. How to Exercise Your Rights
To exercise any of the rights listed above, please send a written request to [email protected] including:
- Your full name and contact details.
- A clear statement of the right you are exercising.
- Any supporting documentation that can help us verify your identity (e.g., a copy of a government ID).
We will respond to your request within 30 days of receiving it. If you require a longer period, we will inform you of the reason and the expected date of completion.
7. Contact Us
For any questions, concerns or complaints regarding this policy or your personal data, please contact:
GDPR Contact
Email: [email protected]
8. Effective Date
This policy was last updated on April 03, 2026. We reserve the right to modify this policy at any time. Any changes will be posted on this page and will take effect immediately upon publication.