Cookmora GDPR Compliance Policy

Last Updated: April 22, 2026

Cookmora (“we,” “our,” or “us”) is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This policy explains how we collect, use, store, and share your information when you visit cookmora.com and how you can exercise your rights as a data subject.

1. Types of Personal Data We Collect

• Email addresses: When you sign up for newsletters, create an account, or contact us, we store the email address you provide.
• Cookies and Similar Technologies: We place small data files on your device to remember your preferences, track site usage, and personalize your experience.
• Analytics Data: We use third‑party analytics services (e.g., Google Analytics) to collect anonymous metrics such as page views, session duration, and traffic sources. No personal identifiers are shared with these services.
• Contact Form Data: When you send us a message through our contact form, we store the name, email address, subject, and message content.

2. Legal Basis for Processing

We process your personal data on the following lawful bases:

• Consent: When you explicitly agree to receive marketing communications or to allow us to store cookies.
• Legitimate Interest: We process data necessary for providing and improving our services, managing user accounts, and ensuring website security.

3. How We Protect Your Data

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using industry‑standard SSL/TLS protocols.
• Secure Servers: We host our data on secure, ISO 27001‑certified servers with regular penetration testing and vulnerability scans.
• Access Controls: Only authorized personnel with a legitimate business need can access personal data. Multi‑factor authentication protects all administrative accounts.
• Limited Retention: Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. We automatically delete email addresses, cookies, and analytics records after 12 months of inactivity.

4. Your GDPR Rights

Under the GDPR, you have the following rights regarding your personal data. Each right is accompanied by an icon for easy identification.

Right to Access

You may request a copy of the personal data we hold about you. We will provide you with a clear, concise, and easily understandable summary of the data, the purposes of processing, and any third parties with whom we share it.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you can ask us to correct it. We will update the information promptly and notify any third parties who received the erroneous data.

Right to Erasure

You can request that we delete your personal data, provided there is no legal obligation to retain it. We will remove your email address, cookies, and any related records, except where retention is required for legitimate business or legal purposes.

Right to Restrict Processing

Under certain circumstances, you may request that we limit how we use your personal data (e.g., if you contest its accuracy). During the restriction period, we will only store or use the data for compliance with legal obligations or for the protection of our rights.

Right to Data Portability

When you provide us with personal data, you can receive it in a structured, commonly used, and machine‑readable format. We can also transfer your data directly to another controller, provided you supply the destination’s contact information.

Right to Object

You may object to the processing of your personal data for direct marketing or profiling purposes. Upon receipt, we will immediately cease using your data for those purposes, unless we can demonstrate a compelling legitimate interest that overrides your objection.

Right to Withdraw Consent

If you have given us consent to process your data, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of any processing performed before the withdrawal.

5. How to Exercise Your Rights

To exercise any of the rights listed above, please contact us using the details below:

• Email: [email protected]
• Physical Address: Cookmora Ltd., 123 Food Street, Culinary City, CO 80001, USA

When contacting us, please provide:

• Your full name and email address.
• A clear statement of the right you wish to exercise.
• Any relevant evidence or documentation supporting your request.

We will respond to your request within 30 days of receipt. If we need additional information to verify your identity, we may request further details but will not disclose any personal data to third parties without your explicit consent.

6. Contact Information

For any questions about this policy, the processing of your personal data, or to report a data breach, please contact:

GDPR Officer
Cookmora Ltd.
123 Food Street, Culinary City, CO 80001, USA
Email: [email protected]

7. Changes to This Policy

We may update this GDPR Compliance Policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on this page, and the “Last Updated” date will be revised accordingly. We encourage you to review this policy periodically.