Last Updated: April 03, 2026
You have the right to obtain confirmation from mymumdish as to whether or not personal data relating to you is being processed, and if it is, to receive a copy of that data. This includes information such as the categories of data processed, the purposes of processing, the recipients of your data, and the period for which the data will be stored.
To exercise this right, please send an email to [email protected] with a brief description of the data you wish to access. We will respond within 30 days, providing you with the requested information in a commonly used format (e.g., PDF or CSV).
If you find that any personal data we hold about you is inaccurate or incomplete, you can request that we correct it. This right covers all data that is processed for any purpose, including email addresses, preferences, and analytics data.
To request rectification, email [email protected] with the specific details you believe are incorrect. We will review your request and make necessary corrections within 30 days.
Also known as the “right to be forgotten,” this allows you to ask us to delete your personal data when it is no longer necessary for the purposes it was collected, or if you withdraw consent and no other legal basis applies.
Submit an erasure request to [email protected]. We will confirm the data in question, verify your identity, and delete it from all active databases and backups within 30 days, unless a legal obligation requires us to retain it (e.g., statutory record‑keeping).
You may ask us to pause the processing of your data if you contest its accuracy or if the processing is unlawful. While the restriction is in place, we may retain the data but will not use it for any purpose other than to comply with legal obligations or to respond to disputes.
Email [email protected] to request restriction. We will evaluate the request and, if granted, will limit processing for up to 30 days, after which we will either delete the data or resume normal processing if the restriction no longer applies.
You can obtain the personal data we hold about you in a structured, commonly used, and machine‑readable format. This enables you to transfer the data to another service provider if you wish.
Request portability by emailing [email protected]. We will provide the data in a standard format (e.g., CSV, JSON) within 30 days, ensuring the data is accurate, up to date, and complete.
If you object to the processing of your personal data for legitimate interests or for direct marketing, we must cease processing that data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
To exercise this right, email [email protected]. We will review the objection and either stop the processing or provide a detailed justification for continuing, all within 30 days.
If you have given us consent to process your data (e.g., for newsletters or marketing), you can withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing based on consent prior to withdrawal.
Send an email to [email protected] stating your wish to withdraw. We will promptly remove you from all marketing lists and stop further processing based on that consent within 30 days.
SSL/TLS Encryption: All data transmitted between your browser and our servers is protected with 256‑bit SSL/TLS encryption, ensuring that personal data cannot be intercepted in transit.
Secure Servers: We host our services on dedicated, hardened servers with regular security audits, intrusion detection systems, and automatic patch management. Access to personal data is restricted to authorized personnel only, following the principle of least privilege.
Limited Retention: Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected. For example, email addresses are kept for 12 months after the last interaction unless you request deletion. Analytics data is anonymized and stored for a maximum of 90 days.
Backups and Disaster Recovery: Data backups are encrypted and stored in geographically separate locations. We conduct regular disaster‑recovery drills to ensure data integrity and availability.
We rely on two primary legal bases for processing personal data:
All GDPR rights can be exercised by contacting us via the following methods:
When contacting us, please provide enough information for us to verify your identity (e.g., full name, email address, and a brief description of the request). We will acknowledge your request within 5 business days and respond fully within 30 days, as mandated by GDPR.
Under the GDPR, we commit to responding to all legitimate requests within 30 days from the date we receive them. If additional time is required (e.g., to verify identity or consult with legal counsel), we will inform you of the delay and the new expected completion date.
If you have any questions about this policy, your data, or your rights, feel free to reach out to our dedicated GDPR team:
Email: [email protected]
Phone: +1 (555) 123‑4567
By continuing to use our services, you acknowledge that you have read, understood, and agree to the terms outlined in this GDPR Compliance Policy. If you do not agree with any part of this policy, please cease using our services immediately.
Get our latest recipes delivered to your inbox.