GDPR Privacy Policy

Privacy Policy (GDPR-Compliant) for Sublime Cake

Effective Date: 23/10/2024

1. Introduction

Welcome to SublimeCake.com. We are committed to protecting your personal data and respecting your privacy in accordance with the EU General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit or use our website sublimecake.com (the “Website”).

2. Data Controller and Contact Information

For the purpose of GDPR, the data controller is:

[email protected].

If you have any questions about this Privacy Policy or your personal data, please contact us at the details above.

3. Personal Data We Collect

We may collect and process the following types of personal data about you:

  1. Contact Information: Such as name, email address, and any information you provide when using our contact forms or subscribing to our newsletter.
  2. Account Data: If you create an account on our Website, we may collect login details (username, email address, password).
  3. Usage Data: Information about how you use our Website, such as time and duration of visit, pages visited, recipes clicked, and similar navigational data.
  4. Technical Data: IP address, browser type, operating system, device information, and other technology on the devices you use to access our Website.
  5. Cookie Data: Information stored in cookies and similar technologies (see Section 6 below).

4. How We Use Your Personal Data

We process your personal data for one or more of the following purposes:

  1. To Provide Our Services: To display recipes, articles, and related content, and to maintain a functional Website.
  2. To Manage Your Account: If you create an account, we use your data to administer login, preferences, and general account management.
  3. Communication and Support: To respond to your inquiries, send service-related communications, and provide customer support.
  4. Marketing and Newsletters: To send you promotional materials, newsletters, or updates about new recipes, events, or special offers (with your prior consent where required by law).
  5. Website Analytics: To improve our Website performance, user experience, and content relevance using tools like Google Analytics or similar services.
  6. Legal Obligations: To comply with legal obligations, respond to legal requests, and prevent fraud or abuse of our services.

5. Legal Basis for Processing (GDPR Article 6)

We only process your personal data when we have a valid legal basis, including:

  • Consent (Art. 6(1)(a) GDPR): Where you have given us explicit consent to process your data (e.g., signing up for our newsletter).
  • Contract (Art. 6(1)(b) GDPR): Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation (Art. 6(1)(c) GDPR): Where we need to comply with a legal requirement (e.g., bookkeeping).
  • Legitimate Interests (Art. 6(1)(f) GDPR): Where processing is necessary to pursue our legitimate interests (such as ensuring the security of our Website, improving our services, fraud prevention) and your interests or fundamental rights and freedoms do not override those interests.

6. How We Share Your Personal Data

We may share your personal data with:

  1. Service Providers: Third-party vendors who help us operate our Website, IT services, payment processors, email platform providers, analytics providers, etc. We ensure these vendors are GDPR-compliant and only process data per our instructions.
  2. Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, user data may be transferred.
  3. Legal and Regulatory Authorities: If required to do so by law or court order, or if such disclosure is necessary to (i) comply with legal processes, (ii) enforce our agreements and policies, (iii) respond to claims, or (iv) protect our rights, property, or personal safety.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and use personal data about you. Cookies help us:

  • Provide essential Website functionality
  • Remember your preferences
  • Analyze Website usage to improve performance and user experience
  • Deliver relevant content and advertisements

You can manage or disable cookies at any time through your browser settings; however, if you choose to reject cookies, certain functionalities of our Website may not be available or work properly.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Account Data: Retained as long as your account remains active or as needed to provide our services.
  • Marketing Data: Until you unsubscribe from our mailing list or otherwise request deletion.
  • Legal/Regulatory Requirements: Data may be retained to comply with our legal or contractual obligations, dispute resolutions, and enforcement of agreements.

9. International Data Transfers

We are based in [insert your location or “the European Economic Area (EEA)” if relevant]. If we transfer personal data outside the EEA to countries that do not provide the same level of data protection as the GDPR, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) to protect your personal data.

10. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: You have the right to request access to the personal data we hold about you.
  • Right to Rectification: You can ask us to correct incomplete or inaccurate personal data.
  • Right to Erasure (“Right to be Forgotten”): You can request the deletion of your personal data under certain circumstances.
  • Right to Restrict Processing: You have the right to request that we temporarily or permanently stop processing all or some of your personal data.
  • Right to Data Portability: You can request a copy of your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object at any time to the processing of your personal data under certain conditions.
  • Right to Withdraw Consent: Where we rely on your consent to process your personal data, you can withdraw that consent at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request in compliance with GDPR timelines.

If you believe that our processing of your personal data is not in compliance with GDPR, you have the right to lodge a complaint with your local data protection supervisory authority.

11. Data Security

We implement appropriate technical and organizational security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. However, no transmission over the Internet is entirely secure, and we cannot guarantee the absolute security of your personal data.

12. Children’s Privacy

Our Website is not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us so we can delete the data.

Our Website may contain links to other websites or services not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal data.

14. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will post any changes on this page and, if the changes are significant, we may provide a more prominent notice.

15. Contact Us

If you have any questions about this Privacy Policy or if you would like to make a complaint, please contact us at: [email protected].