GDPR Compliance Policy

Site: Kitchenmealhub
Contact Email: [email protected]
Last Updated: April 03, 2026

1. Purpose and Scope

Kitchenmealhub (the “Company”) respects your privacy and is committed to protecting the personal data you share with us. This GDPR Compliance Policy explains how we collect, use, store, and share your data, and describes your rights under the General Data Protection Regulation (EU) 2016/679. The policy applies to all users of our website kitchenmealhub.com and any services we provide through the site.

2. Types of Personal Data We Collect

Email addresses: Collected when you register, subscribe to newsletters, or place an order.
Cookies: We set first‑party cookies to remember your preferences and session information. Third‑party analytics cookies (e.g., Google Analytics) are also used for aggregate traffic analysis.
Analytics data: IP addresses, device type, browser type, operating system, referral URLs, and time stamps are collected automatically through our web analytics tools to improve site performance and user experience.

3. Legal Basis for Processing

We process your data under the following lawful bases:

Consent: For marketing communications, newsletters, and optional personalization features. You may withdraw consent at any time.
Legitimate Interest: To provide, improve, and secure our services, including fraud prevention, analytics, and customer support.
Contractual Necessity: To fulfil orders, process payments, and communicate with you about your account or service.

4. How We Protect Your Data

Encryption & Secure Transport: All data transmitted between your browser and our servers is protected by TLS 1.3 (HTTPS). Stored data is encrypted at rest using industry‑standard AES‑256 encryption.

Secure Servers & Access Controls: We host our services on reputable cloud providers with multi‑factor authentication, intrusion detection, and regular penetration testing. Access to personal data is restricted to authorized personnel on a need‑to‑know basis.

Limited Retention: Personal data is retained only as long as necessary for the purpose it was collected. For example, email addresses are kept for 24 months after the last interaction unless you request deletion sooner.

5. Your GDPR Rights

Under the GDPR you have the following rights. We are committed to respecting each right and will respond to any request within 30 calendar days. If you need more time, we will inform you in advance.

Right to Access

You may request a copy of the personal data we hold about you, including the categories of data, the purposes of processing, and the recipients of your data.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you can request us to correct it. Provide the corrected information and we will update our records promptly.

Right to Erasure

You can ask us to delete your personal data, provided there is no legal obligation to retain it. This includes removal from newsletters, marketing lists, and backups where feasible.

Right to Restrict Processing

You may request that we suspend the processing of your data, for example during a dispute about the accuracy of the information or if you want to temporarily stop marketing communications.

Right to Data Portability

You can obtain your personal data in a structured, commonly used format (e.g., CSV, JSON) and transfer it to another data controller if you wish.

Right to Object

You may object to the processing of your data for direct marketing or profiling purposes. If you object, we will stop using your data for those purposes unless we can demonstrate a compelling legitimate interest.

Right to Withdraw Consent

If you provided consent for any processing activity, you can withdraw that consent at any time. We will immediately cease processing based on that consent and inform you of any further actions needed.

6. How to Exercise Your Rights

To exercise any of the rights above, please contact us at [email protected] with the following information:

Your full name and contact details (email address, phone number).
A brief description of the request (e.g., “I would like to access all personal data we hold about me”).
Any relevant supporting documents or identification to verify your identity (e.g., a scanned copy of a government ID).

For large or complex requests, we may contact you to clarify details. We will keep you informed of the status of your request and provide a final response within 30 calendar days.

7. Data Retention Policy

Personal data is retained only for as long as necessary to fulfil the purpose it was collected. Typical retention periods are:

Email addresses: 24 months after the last interaction, unless you request deletion.
Cookies: Session cookies are deleted when the session ends; persistent cookies are retained for 12 months.
Analytics data: Aggregated data is kept for 12 months, individual data is anonymised or deleted after 6 months.

8. Contact & Complaints

If you believe we are not complying with GDPR or have concerns about how we handle your data, you can file a complaint with the UK Information Commissioner’s Office (ICO). Our contact details are:

Email: [email protected]
Postal Address: Kitchenmealhub Ltd., 12 Foodie Lane, London, EC1V 4TH, United Kingdom

9. Updates to This Policy

We may update this policy from time to time. Any changes will be posted on this page with a revised “Last Updated” date. We encourage you to review the policy periodically to stay informed about how we protect your privacy.