GDPR Policy - Dinnerbymum

GDPR Compliance Policy – Dinnerbymum

At Dinnerbymum (https://dinnerbymum.info) we respect your privacy and are committed to protecting the personal data you share with us. This policy explains how we collect, use, and safeguard your information in accordance with the General Data Protection Regulation (EU‑2016/679) and the UK GDPR.

1. Who We Are

Dine by Mum is an online platform that connects users with local chefs and home‑cooked meals. The data controller responsible for your personal data is Dinnerbymum Ltd, registered at 12 Culinary Way, London, UK, postal code W1D 4AA. For any GDPR‑related inquiries, please contact us at [email protected].

2. What Personal Data We Collect

We collect only the information necessary to deliver and improve our services. The categories of personal data we collect include:

Email addresses – used to create accounts, send newsletters, and provide customer support.
Cookies and similar technologies – used to remember your preferences, analyse site usage, and personalise content.
Analytics data – aggregated data from Google Analytics and other third‑party services to understand user behaviour and optimise the website.

3. Legal Basis for Processing

We rely on two lawful bases for processing your personal data:

Consent – You explicitly consent when you register an account, subscribe to newsletters, or accept our cookie policy.
Legitimate Interest – We process data to improve our services, comply with legal obligations, and protect the security of our users and platform.

4. Your Rights Under the GDPR

You have the following rights regarding your personal data. Each right is illustrated with a Bootstrap icon for quick reference.

Right to Access

You may request a copy of the personal data we hold about you.

Right to Rectification

Request correction of any inaccurate or incomplete data.

Right to Erasure

Ask us to delete your personal data where no legal obligation requires retention.

Right to Restrict Processing

Request that we limit the use of your data while we verify its accuracy.

Right to Data Portability

Receive your data in a structured, commonly used format.

Right to Object

Object to certain types of processing, including marketing communications.

Right to Withdraw Consent

Withdraw your consent at any time without affecting the legality of prior processing.

5. How We Protect Your Data

We implement robust technical and organisational measures to safeguard your personal information:

SSL/TLS Encryption – All data transmitted between your browser and our servers is encrypted using 256‑bit SSL/TLS.
Secure Servers – Our hosting infrastructure uses hardened operating systems, firewalls, and intrusion detection systems.
Access Controls – Only authorised staff with a legitimate business need can access personal data, and all access is logged.
Regular Security Audits – We conduct quarterly penetration tests and vulnerability assessments.

6. Data Retention

We retain personal data only for as long as necessary:

Email addresses are kept for the duration of your account and for up to 12 months after account closure.
Cookies and analytics data are stored for 30 days, with anonymised aggregates kept indefinitely for performance analysis.

7. Exercising Your GDPR Rights

To exercise any of the rights listed above, please contact our Data Protection Officer at [email protected]. Provide sufficient details to verify your identity and specify the request. We will respond within 30 days, as required by the GDPR.

8. Changes to This Policy

We may update this policy from time to time. The date of the latest update is shown at the top of this page. Any material changes will be communicated via email to users with active accounts or by posting a prominent notice on our website.

9. Contact Us

If you have any questions, concerns, or complaints about our data practices, please reach out to us at [email protected]. We are committed to resolving any issues promptly and transparently.

Last Updated: April 03, 2026