Effective Date: 01 July 2025
This GDPR Privacy Notice (“Notice”) explains how CookingWells.com (“we,” “us,” or “our”) collects, uses, and protects personal data of individuals located in the European Economic Area (“EEA”) and the United Kingdom (collectively, “Europe”). It supplements our broader Privacy Policy and is provided pursuant to the EU General Data Protection Regulation 2016/679 (“GDPR”) and the UK GDPR.
1. Data Controller & Contact Details
- Controller: Mia Miller – CookingWells.com
- Address: 155 N 1st Ave, Hillsboro, OR 97124, USA
- Email: contact@cookingwells.com
Because our processing activities are limited, we are not required to appoint a representative in the EU/UK or a Data Protection Officer (DPO). However, we take privacy seriously and you may contact us using the details above.
2. Personal Data We Collect
| Category | Examples | Source |
|---|---|---|
| Identity Data | Name, username, social media handle | Directly from you when you comment or subscribe |
| Contact Data | Email address, country | Directly from you |
| Technical Data | IP address, browser type, operating system | Automated via cookies and analytics tools |
| Usage Data | Page views, referring URLs, time spent | Automated via cookies and analytics |
| Marketing Preferences | Opt‑in status for newsletters | Directly from you |
We do not intentionally collect special categories of personal data (e.g., health information) or data about children under 16.
3. Legal Bases for Processing
We rely on the following GDPR legal bases:
- Consent – For email newsletters, non‑essential cookies, and affiliate link tracking.
- Legitimate Interests – To maintain and improve the Site, detect fraud, and analyze audience engagement.
- Contract – When you enter a giveaway or request resources we promise to deliver.
- Legal Obligation – To comply with tax or other regulatory requirements.
Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
4. Purposes of Processing
- Publish Content – Host and display recipes, comments, and user‑generated content.
- Communications – Send newsletters and reply to inquiries.
- Analytics – Understand readership patterns to improve user experience.
- Security & Fraud Prevention – Protect the Site and users from malicious activity.
- Marketing & Affiliates – Track referrals and display tailored ads (with prior consent where required).
5. Data Sharing & Recipients
We share personal data only with:
- Service Providers – e.g., email platform (ConvertKit), web host (SiteGround), analytics (Google LLC), advertising partners (Meta, Pinterest). All providers are bound by contracts that protect your data.
- Legal & Regulatory Authorities – Where required by law or to protect our rights.
We never sell your personal data.
6. International Data Transfers
We are based in the United States. When we transfer personal data from Europe to the U.S. or other countries, we rely on:
- Adequacy Decisions (where applicable);
- Standard Contractual Clauses (SCCs) approved by the European Commission & UK ICO;
- Privacy Shield Replacement Mechanisms, if adopted.
Copies of relevant safeguards may be requested via email.
7. Data Retention
We keep personal data only as long as necessary for the purposes described above or as required by law. Typically:
- Newsletter Subscribers – Until you unsubscribe + 90 days to complete suppression.
- Comments – Indefinitely to preserve conversation history unless you request deletion.
- Analytics Data – 26 months (Google Analytics default) then automatically deleted or anonymized.
8. Your Rights
Under the GDPR you have the right to:
- Access – Obtain a copy of your personal data.
- Rectification – Correct inaccurate or incomplete data.
- Erasure – Request deletion (“right to be forgotten”).
- Restriction – Limit processing under certain circumstances.
- Data Portability – Receive data in a structured, machine‑readable format.
- Object – Object to processing based on legitimate interests or direct marketing.
- Withdraw Consent – Where processing is based on consent.
- Automated Decision‑Making – We do not engage in automated decisions producing legal effects.
To exercise any right, email us at contact@cookingwells.com. We will respond within 30 days.
9. Automated Decision‑Making & Profiling
We do not use personal data for automated decision‑making that produces legal effects or similarly significant impacts.
10. Security
We implement appropriate technical and organizational measures such as HTTPS encryption, strong password policies, and regular security audits to protect personal data.
11. Children’s Privacy
The Site is not directed to children under 16. If we learn we have collected personal data from a child under 16 without parental consent, we will delete it promptly.
12. Complaints
If you believe we have infringed your privacy rights, you have the right to lodge a complaint with your local supervisory authority. We would appreciate the chance to address your concerns first, so please contact us.
13. Updates to This Notice
We may amend this Notice periodically. The updated version will be posted on this page with a new “Effective Date.” Significant changes may also be announced via email.
14. Contact Us
For questions about this Notice or our processing of your personal data:
- Email: contact@cookingwells.com
- Mail: Mia Miller
155 N 1st Ave, Hillsboro, OR 97124, USA
Thank you for trusting CookingWells.com with your data. Happy cooking!
