Privacy & GDPR Compliance Policy – Kitchenflavorbox
Kitchenflavorbox is committed to protecting the privacy of our users and customers. This policy explains how we collect, use, store, and share personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws. By accessing or using our website (https://kitchenflavorbox.com), you acknowledge that you have read and understood this policy.
Last Updated: April 03, 2026
1. Who We Are
Website: Kitchenflavorbox
Contact Email for Privacy Matters: [email protected]
Legal Basis for Processing: We process personal data on the basis of your consent and legitimate interest. We also comply with any legal obligations that require us to process data.
2. What Data We Collect
We gather the following types of personal data:
- Email Addresses: When you subscribe to newsletters, place orders, or create an account, we collect your email address to communicate with you.
- Cookies and Similar Technologies: We use first‑party cookies to remember your preferences and to provide a personalized experience. Third‑party cookies from analytics services help us understand traffic patterns.
- Analytics Data: Through tools such as Google Analytics and Matomo, we collect anonymized data on how visitors interact with our site (pages viewed, time spent, device type, etc.). This data is aggregated and does not identify individuals.
3. How We Protect Your Data
We employ industry‑standard technical and organizational measures to safeguard personal data:
- SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher.
- Secure Servers: We host our website on secure, regularly patched servers with firewalls and intrusion detection systems.
- Limited Data Retention: Personal data is retained only as long as necessary for the purpose it was collected. For example, email addresses are kept until you unsubscribe or request deletion.
- Access Controls: Only authorized staff with a legitimate business need can access personal data, and all access is logged.
4. Your GDPR Rights
Under the GDPR, you have the following rights regarding your personal data. Below we provide icons for each right and a brief description of how you can exercise them.
-
Right to Access: You can request a copy of the personal data we hold about you, including the purposes of processing and the categories of data.
-
Right to Rectification: If any of your personal data is inaccurate or incomplete, you may request that we correct it.
-
Right to Erasure (Right to be Forgotten): You may ask us to delete your personal data, subject to certain legal exceptions (e.g., contractual obligations).
-
Right to Restrict Processing: You can request that we limit how we use your data, for example, if you contest its accuracy.
-
Right to Data Portability: You may obtain your data in a structured, commonly used format and transfer it to another controller.
-
Right to Object: You can object to our processing of your data, especially for direct marketing or profiling purposes.
-
Right to Withdraw Consent: If we rely on your consent to process your data, you may withdraw that consent at any time without affecting the lawfulness of processing based on past consent.
5. How to Exercise Your Rights
To exercise any of the rights listed above, please send a written request to our designated data protection officer at [email protected]. In your email, include:
- Your full name and contact information.
- A description of the request (e.g., “I would like to exercise my right to access my personal data.”).
- Any supporting documentation that confirms your identity, if necessary.
We will respond to your request within 30 calendar days, as required by the GDPR. If you need a more detailed response or if we require additional information to verify your identity, we will inform you accordingly.
6. Legal Basis for Processing
We rely on two main legal bases for processing personal data:
- Consent: When you voluntarily sign up for our newsletter or create an account, you give us explicit consent to process your email address for communication and marketing purposes.
- Legitimate Interest: We process data necessary to operate the website, improve user experience, and analyze traffic patterns. This processing is balanced against your privacy rights and is conducted in a way that respects your interests.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Typical retention periods include:
- Email addresses: until you unsubscribe or request deletion.
- Cookies: session cookies are deleted after the session ends; persistent cookies are deleted after 12 months of inactivity.
- Analytics data: anonymized data is retained for 12 months to monitor site performance.
8. Contact Us
If you have any questions about this policy, wish to lodge a complaint, or need further information about how we handle your personal data, please contact us at:
Privacy Officer, Kitchenflavorbox
Email: [email protected]
Website: https://kitchenflavorbox.com
We are committed to protecting your privacy and ensuring your data is handled responsibly. Thank you for trusting Kitchenflavorbox with your personal information.