NutriDiet (https://nutridiet.site) is committed to protecting the personal data of our users in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This GDPR Policy applies to individuals in the European Union (EU) and European Economic Area (EEA) and outlines how we collect, process, store, and protect your personal data when you use our website or services.

1. Data Controller

NutriDiet, located at [insert physical address, if applicable], is the data controller responsible for your personal data. You can contact us at:

Email: info@nutridiet.site
Address:

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Name, username, or other identifiers you provide when creating an account or subscribing to newsletters.
  • Contact Data: Email address, phone number, or other contact details you provide.
  • Technical Data: IP address, browser type, device information, and other data collected via cookies or similar technologies.
  • Usage Data: Information about how you interact with our website, such as pages visited and time spent.
  • User-Generated Data: Comments, reviews, or other content you submit to our website.

3. Legal Basis for Processing

We process personal data under the following legal bases as defined by GDPR:

  • Consent: Where you have given explicit consent, such as for receiving marketing emails or newsletters.
  • Contract: Where processing is necessary to fulfill a contract with you, such as providing access to account-based services.
  • Legitimate Interests: Where processing is necessary for our legitimate interests (e.g., improving website functionality or analyzing usage), provided your rights and freedoms do not override these interests.
  • Legal Obligation: Where processing is required to comply with legal obligations, such as responding to lawful requests from authorities.

4. Purposes of Processing

We process your personal data for the following purposes:

  • To provide and maintain our website and services.
  • To personalize your experience, such as tailoring content or recommendations.
  • To communicate with you, including responding to inquiries and sending promotional materials (with your consent).
  • To analyze website usage and improve our services.
  • To ensure the security of our website and prevent fraud.
  • To comply with legal and regulatory requirements.

5. Data Sharing and Transfers

We may share your personal data with:

  • Service Providers: Trusted third parties who assist us in operating our website (e.g., hosting providers, analytics services, email platforms), who act as data processors and are bound by GDPR-compliant agreements.
  • Legal Authorities: When required by law or to protect our legal rights.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to a third party.

If your data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions, to protect your data in accordance with GDPR.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. For example:

  • Personal data collected for newsletters will be retained until you unsubscribe.
  • Technical data (e.g., analytics) may be retained for up to [insert period, e.g., 12 months] for analysis purposes.
  • Data related to legal obligations will be retained as required by applicable laws.

7. Your GDPR Rights

As an EU/EEA resident, you have the following rights regarding your personal data:

  • Right to Access: Request access to the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your data, subject to legal obligations.
  • Right to Restriction: Request restriction of processing under certain circumstances.
  • Right to Data Portability: Request a copy of your data in a structured, commonly used, and machine-readable format.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing.
  • Right to Lodge a Complaint: Lodge a complaint with a supervisory authority in your country of residence.

To exercise these rights, please contact us at [insert contact email].

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze website usage. You can manage your cookie preferences through your browser settings or our cookie consent tool. For more details, refer to our Privacy Policy.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or alteration. These measures include encryption, secure servers, and access controls. However, no system is completely secure, and we cannot guarantee absolute security.

10. International Data Transfers

If we transfer your personal data outside the EEA, we ensure it is protected by:

  • Transferring to countries with an adequacy decision from the European Commission.
  • Using Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Implementing other safeguards as required by GDPR.

11. Changes to This GDPR Policy

We may update this GDPR Policy from time to time to reflect changes in our practices or legal requirements. Updates will be posted on this page with an updated “Last Updated” date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this GDPR Policy or your personal data, please contact our Data Protection Officer at:

Email: info@nutridiet.site
Address:

You may also contact your local data protection authority if you have concerns about our data processing practices.