GDPR Privacy Policy

GDPR-Compliant Privacy Policy for HomemadeBakes.com

Last Updated: 12/04/2025

This Privacy Policy explains how HomemadeBakes.com (“we,” “us,” or “our”) collects, uses, and protects your personal data in compliance with the EU General Data Protection Regulation (GDPR).

By using our website, you consent to the practices described below.

1. Data Controller

HomemadeBakes.com

    2. Information We Collect

    Personal Data (Voluntarily Provided)

    • Name
    • Email address (for newsletters, account registration, or inquiries)
    • Payment details (processed securely via third-party processors like Stripe/PayPal)
    • IP address & location data (for analytics and security)

    Automatically Collected Data

    • Cookies (session, analytics, and preference cookies)
    • Browser/device information (for optimizing user experience)

    3. Legal Basis for Processing (GDPR Article 6)

    We process your data based on:
    Consent (e.g., newsletter subscriptions)
    Contractual necessity (e.g., processing orders)
    Legitimate interests (e.g., website analytics, fraud prevention)

    4. How We Use Your Data

    PurposeLegal Basis
    Delivering recipes/newslettersConsent
    Processing paymentsContractual necessity
    Improving website performanceLegitimate interests
    Responding to inquiriesLegitimate interests
    Preventing fraudLegal obligation

    5. Data Subject Rights (GDPR Chapter 3)

    You have the right to:
    🔹 Access your personal data (Article 15)
    🔹 Rectify inaccurate data (Article 16)
    🔹 Erase (“right to be forgotten”) (Article 17)
    🔹 Restrict processing (Article 18)
    🔹 Data portability (Article 20)
    🔹 Object to processing (Article 21)

    To exercise these rights, email

      We respond within 30 days.

      6. Data Retention

      We retain your data only as long as necessary:

      • Newsletter subscribers: Until you unsubscribe
      • Customers: 5 years for tax/legal compliance
      • Comments: Until deletion is requested

      7. International Data Transfers

      If data is transferred outside the EU, we ensure safeguards like:

      • EU Standard Contractual Clauses
      • Privacy Shield-certified partners (where applicable)

      8. Cookies & Tracking Technologies

      We use:

      • Necessary cookies (for site functionality)
      • Analytics cookies (Google Analytics, anonymized)
      • Marketing cookies (only with consent)

      Manage preferences via our Cookie Banner or browser settings.

      9. Third-Party Processors

      We share data only with GDPR-compliant services:

      ProcessorPurposePrivacy Policy
      Google AnalyticsWebsite analyticsGoogle’s Policy
      MailchimpEmail newslettersMailchimp’s Policy
      Stripe/PayPalPayment processingStripe’s Policy

      10. Security Measures

      We protect your data via:

      • SSL encryption
      • Regular security audits
      • Limited staff access

      11. Children’s Privacy (GDPR Article 8)

      We do not knowingly collect data from children under 16 without parental consent.

      12. Changes to This Policy

      Updates will be posted here with a new Last Updated: 12/04/2025 date.

      13. Contact Us

      For GDPR-related requests, email:

        Data Protection Officer (DPO): [Name, if applicable]

        This policy complies with GDPR (Regulation (EU) 2016/679). For complaints, contact your local Data Protection Authority.

        Thank you for trusting HomemadeBakes.com! 🍰🔒