Cookmora GDPR Compliance Policy

Last Updated: April 17, 2026

Cookmora respects your privacy and is committed to protecting the personal data you share with us. This policy explains what information we collect, how we use it, the legal basis for our processing activities, and the rights you have under the General Data Protection Regulation (GDPR). If you have any questions or wish to exercise your rights, please contact us at [email protected].

1. Data We Collect

Cookmora collects the following types of personal data to provide and improve our services:

Email addresses: When you sign up for newsletters, create an account, or contact us, we store your email address.
Cookies and similar technologies: We use cookies to remember your preferences, authenticate sessions, and analyze traffic.
Analytics data: With your consent, we collect anonymized usage statistics (e.g., page views, device information) through services such as Google Analytics.

2. Legal Basis for Processing

We process your data based on the following legal grounds:

Consent: For cookies, analytics, and marketing communications, we rely on your explicit or implicit consent. You can withdraw consent at any time.
Legitimate interest: We process data necessary to operate our website, secure user accounts, and provide personalized content.
Contractual necessity: When you create an account or place an order, we process data required to fulfill the contract.

3. How We Protect Your Data

Cookmora employs a range of technical and organisational measures to safeguard your personal information:

All data transmissions use SSL/TLS encryption (HTTPS) to protect against interception.
We store data on secure, GDPR‑compliant servers with restricted access and regular security audits.
Data retention periods are strictly limited: email addresses are kept only as long as needed for service delivery or regulatory obligations; analytics data is deleted after 12 months.
We implement role‑based access controls and enforce strict password policies for internal staff.

4. Your GDPR Rights

Right to Access

You have the right to obtain confirmation that we process your personal data, and if so, access a copy of that data, the purposes of processing, and the categories of data we hold. Submit a request to [email protected] and we will respond within 30 days.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you may request correction. Provide the correct information via email, and we will update our records promptly.

Right to Erasure

Also known as the “right to be forgotten,” you may ask us to delete your personal data, provided no legal obligations prevent us from doing so. Email [email protected] with a clear request, and we will act within 30 days.

Right to Restrict Processing

If you contest the accuracy of your data or we are unable to verify it, you may request that we restrict processing until the matter is resolved. Contact us, and we will pause processing while investigating.

Right to Data Portability

You may receive your personal data in a structured, commonly used, and machine‑readable format, or request that we transmit it directly to another controller. Email [email protected] with your request.

Right to Object

You can object to the processing of your data for direct marketing or profiling purposes. Once you exercise this right, we will cease processing unless we demonstrate a legitimate interest that overrides your objection.

Right to Withdraw Consent

If you have given consent for any processing activity, you may withdraw it at any time. Withdrawal does not affect the legality of any processing that took place before the withdrawal. Notify us via email and we will honour your request immediately.

5. How to Exercise Your Rights

To exercise any of the rights above, please send a written request to:

Cookmora Data Protection Officer
123 Culinary Lane, Food City, 45678
Email: [email protected]

Include a brief description of the request and any supporting information. We will respond within 30 days, as mandated by GDPR. If you need to confirm your identity, we may request a copy of an official ID.

6. Data Retention

Cookmora retains personal data only for as long as necessary to fulfil the purposes outlined in this policy or as required by law. Typical retention periods are:

Email addresses: up to 5 years after last activity or until you unsubscribe.
Cookies: session cookies expire when the browser closes; persistent cookies are deleted after 12 months.
Analytics: anonymised data is kept for 12 months for trend analysis.

7. Data Transfers

Cookmora may transfer data to third‑party service providers located outside the European Economic Area (EEA). We ensure that such transfers comply with GDPR safeguards, including Standard Contractual Clauses or adequacy decisions. All partners are required to implement appropriate security measures.

8. Changes to This Policy

We may update this GDPR Compliance Policy from time to time. Any changes will be posted on this page with an updated “Last Updated” date. We encourage you to review the policy periodically.

9. Contact Us

If you have questions about this policy, your rights, or our data practices, please reach out to our Data Protection Officer at [email protected]. We are committed to addressing any concerns promptly and transparently.