Last updated: 2025-11-05

This document provides GDPR-aligned templates and guidance for your website. It is for informational purposes only and does not constitute legal advice.

1) DATA CONTROLLER

Controller: Comfort Kitchen Recipes

Website: https://comfortkitchenrecipes.com/

Contact email: [email protected]

If you are established outside the EU/EEA and regularly target or monitor EU/EEA residents, appoint an EU representative and list their contact details here.

2) PRIVACY POLICY (GDPR-READY)

This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you visit our website or interact with our content.

2.1 Categories of Personal Data We Process

• Usage/analytics data (IP address, device, browser, pages viewed, referrer, timestamps)

• Contact data (name, email) when you email us or submit a form

• Content data (comments, messages, recipe questions)

• Technical cookies and similar technologies (see Cookie Policy)

2.2 Sources of Data

We collect data directly from you (e.g., messages, forms) and automatically via your device when you access our site.

2.3 Purposes and Legal Bases

• Provide and secure the website — Legitimate interests / Contract necessity

• Respond to messages and support requests — Legitimate interests / Contract necessity

• Analytics to improve content and usability — Consent where required; otherwise legitimate interests with safeguards

• Compliance with legal obligations — Legal obligation

2.4 Retention

We keep personal data only as long as necessary for the purposes above. Typical retention: contact emails up to 24 months; analytics data per provider default or up to 26 months unless we need longer for security or legal reasons.

2.5 Sharing and Processors

We share personal data with service providers who process it on our behalf (e.g., hosting, analytics, email). We require processors to provide appropriate safeguards and process data only under our instructions.

2.6 International Transfers

If data is transferred outside the EU/EEA/UK, we use lawful transfer mechanisms (e.g., Standard Contractual Clauses) and supplementary measures where necessary.

2.7 Your Rights

• Access your personal data

• Rectify inaccurate or incomplete data

• Erase data (‘right to be forgotten’)

• Restrict or object to processing

• Data portability

• Withdraw consent at any time (where processing is based on consent)

• Lodge a complaint with your local supervisory authority

To exercise rights, contact us at [email protected]. We may need to verify your identity.

2.8 Children’s Privacy

Our website is not directed to children under 13. If you believe a child provided personal data, please contact us and we will delete it.

2.9 Changes to This Policy

We may update this policy from time to time. The latest version will always be posted on our website with the effective date.

3) COOKIE POLICY

This policy explains how we use cookies and similar technologies on our website.

3.1 What Are Cookies?

Cookies are small text files placed on your device to store data that can be retrieved by a web server in the domain that placed the cookie.

3.2 Types of Cookies We Use

• Strictly necessary cookies: Required for core site functions (e.g., security, load balancing).

• Performance/analytics cookies: Help us understand how visitors use the site (aggregated metrics).

• Functional cookies: Remember choices (e.g., preferences).

• Advertising/affiliate cookies (if used): Measure campaigns and track referrals.

3.3 Managing Cookies

Where legally required, we obtain your consent for non-essential cookies via a consent banner. You can manage preferences at any time via the banner link or your browser settings.

3.4 Cookie List (Example — Replace with Your Actual Providers)

• Hosting/CDN (strictly necessary)

• WordPress/Plugins (functional/essential)

• Analytics provider (e.g., Google Analytics) (performance)

• Affiliate/Ad partner if applicable (advertising)

4) CONSENT BANNER TEXT (COPY-PASTE)

We use cookies to enhance your browsing experience, serve content, and analyze traffic. Click “Accept all” to consent to non-essential cookies, or “Manage preferences” to choose which cookies to allow. See our Cookie Policy for details.

Suggested Buttons / States

• Accept all

• Reject non-essential

• Manage preferences

• Save choices

5) DATA SUBJECT REQUEST (DSR) PROCEDURE

Submit requests to: [email protected]

• Verify the requester’s identity (email confirmation or reasonable proof).

• Log the request date, type (access, erase, etc.), and data systems involved.

• Locate data across mailboxes, analytics, CMS, and processors; request exports/deletion from processors where applicable.

• Respond without undue delay and within one month (extendable by two months for complexity with notice).

• Provide responses securely; redact data relating to others where necessary.

• Record completion and retain minimal audit trail of the request.

6) PROCESSORS & DISCLOSURES (TEMPLATE LIST)

Replace or complete as applicable:

• Hosting provider / CDN — purpose: hosting and delivery; data: IP, logs; location: [country].

• Email service — purpose: communications; data: email, message; location: [country].

• Analytics provider — purpose: usage analytics; data: IP (possibly truncated), device info; location: [country].

• Affiliate network — purpose: attribution; data: cookie IDs; location: [country].

7) RECORDS OF PROCESSING ACTIVITIES (TEMPLATE)

Fill one row per processing activity:

8) DATA BREACH RESPONSE (SUMMARY)

1) Contain and assess impact; 2) Determine risk to individuals; 3) Notify supervisory authority within 72 hours if required; 4) Notify affected individuals when there is a high risk; 5) Document the incident and corrective actions.

9) CONTACT & COMPLAINTS

For privacy questions or requests, contact: [email protected]

EU/EEA residents can also lodge a complaint with their local Data Protection Authority.