GDPR Policy
Last updated: July 23, 2025
This GDPR Policy explains how Daily Dish Lab (“we,” “us,” “our”) processes Personal Data of individuals located in the European Economic Area (EEA), the United Kingdom (UK), and Switzerland when they use dailydishlab.com (the “Site”).
1. Data Controller & Contact
Controller: Daily Dish Lab
Address: 155 N 1st Ave, Hillsboro, OR 97124, USA
Email: contact@dailydishlab.com
(If you appoint an EU/UK representative or Data Protection Officer, list their details here.)
2. What Personal Data We Collect
| Category | Examples | Source | Purpose |
|---|---|---|---|
| Identification & Contact | Name, email address | You (contact forms, comments, newsletter sign-up) | Responding to inquiries, sending newsletters |
| Technical & Usage | IP address, browser type, device info, pages viewed, referral URLs | Automatic via cookies/analytics | Site performance, analytics, security |
| Interaction Data | Comments, recipe ratings, feedback | You | Displaying comments, moderating content |
| Marketing & Preferences | Newsletter opens/clicks, cookie consent choices | You / email service provider | Personalizing emails, honoring consent choices |
| Transaction Data (if applicable) | Billing address, limited payment info (handled by processors) | You / payment processor | Fulfilling purchases, bookkeeping |
We do not intentionally collect special category data (e.g., health, religion). Please avoid submitting such information.
3. Legal Bases for Processing
We rely on one or more of the following legal bases:
- Consent (Art. 6(1)(a)) for non-essential cookies, newsletters, marketing emails.
- Contract (Art. 6(1)(b)) to provide requested services (e.g., deliver a paid product).
- Legitimate Interests (Art. 6(1)(f)) for site security, spam prevention, basic analytics (where legally allowed).
- Legal Obligation (Art. 6(1)(c)) for bookkeeping, tax compliance.
4. How We Use Your Data
- Operate, maintain, and improve the Site.
- Communicate with you (respond to messages, send newsletters you opted into).
- Analyze performance and user behavior to improve content.
- Protect against fraud, spam, and abuse.
- Comply with legal obligations.
5. Cookies & Similar Technologies
We use cookies as described in our Cookie Policy. Non-essential cookies are only set with your consent (via the cookie banner or settings). You can withdraw consent at any time (see Section 8).
6. Data Sharing & Processors
We may share Personal Data with:
- Service providers / processors (e.g., email newsletter platforms, analytics providers, hosting companies) under data processing agreements.
- Legal authorities if required by law.
- Business transferees in case of merger, acquisition, or asset sale.
We do not sell your Personal Data.
7. International Transfers
Your data may be transferred to and processed in countries outside the EEA/UK (e.g., the United States). Where required, we use appropriate safeguards such as:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- UK International Data Transfer Addendum (IDTA).
- Other legally recognized mechanisms.
Contact us for a copy of the relevant safeguards.
8. Your Rights (EEA/UK/Swiss Residents)
You have the right to:
- Access your Personal Data.
- Rectify inaccurate or incomplete data.
- Erase your data (“right to be forgotten”) in certain cases.
- Restrict processing under specific conditions.
- Object to processing based on legitimate interests or direct marketing.
- Data Portability (receive data in a structured, commonly used format).
- Withdraw Consent at any time (affects future processing).
- Lodge a Complaint with your local supervisory authority (e.g., ICO in the UK, CNIL in France).
Exercising Your Rights
Email contact@dailydishlab.com with your request. We may need to verify your identity. We respond within one month (may be extended by two months for complex requests).
9. Data Retention
We keep Personal Data only as long as necessary to fulfill the purposes outlined or to comply with legal obligations. Typical retention periods:
- Analytics data: up to 26 months (check provider settings).
- Newsletter records: until you unsubscribe + a minimal period to honor opt-outs.
- Comments: indefinitely (unless you request deletion).
- Transaction data: as required by tax/accounting laws.
10. Security
We implement reasonable technical and organizational measures to protect your data (HTTPS, access controls, limited personnel access). No method of transmission or storage is 100% secure.
11. Children’s Privacy
The Site is not directed to children under 16 (or the age defined by local law). We do not knowingly collect Personal Data from children. If you believe we have received such data, contact us to delete it.
12. Automated Decision-Making
We do not engage in automated decision-making producing legal or similarly significant effects on you.
13. Changes to This Policy
We may update this GDPR Policy to reflect legal, technical, or business changes. The “Last updated” date indicates the latest revision.
14. Contact
Questions or requests regarding this policy:
Daily Dish Lab
155 N 1st Ave, Hillsboro, OR 97124, USA
Email: contact@dailydishlab.com