Data Protection

How we protect and handle your personal data

Last Updated: August 02, 2025

At SmartChef, we take data protection seriously. This document outlines our commitment to protecting your personal data and complying with applicable data protection laws, including GDPR and other privacy regulations.

1. Data Controller Information

Data Controller: SmartChef

Email: admin@smartchef.pro

Data Protection Officer: admin@smartchef.pro

2. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you provide explicit consent for specific processing activities
  • Contract: To fulfill our contractual obligations with you
  • Legal Obligation: To comply with legal requirements
  • Legitimate Interest: For our legitimate business interests that don't override your rights

3. Data We Collect and Process

Account Information

  • Name and email address
  • Password (encrypted)
  • Profile information and preferences
  • Subscription and payment information

Usage Data

  • Pages visited and time spent
  • Recipe interactions and favorites
  • Search queries and filters used
  • Device and browser information

User-Generated Content

  • Recipes you submit
  • Comments and reviews
  • Photos and media uploads
  • Community interactions

4. Your Data Protection Rights

Under applicable data protection laws, you have the following rights:

Right to Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data in certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your personal data.

Right to Data Portability

You can request your data in a structured, machine-readable format.

Right to Object

You can object to processing based on legitimate interests or direct marketing.

Right to Withdraw Consent

You can withdraw consent at any time where processing is based on consent.

5. Data Security Measures

We implement comprehensive security measures to protect your data:

Technical Safeguards

  • SSL/TLS encryption for data transmission
  • Encrypted data storage
  • Regular security updates and patches
  • Secure hosting infrastructure
  • Multi-factor authentication for admin access

Organizational Measures

  • Staff training on data protection
  • Access controls and authorization procedures
  • Data protection impact assessments
  • Incident response procedures
  • Regular security audits

6. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected:

  • Account Data: Until account deletion plus 30 days for backup retention
  • Transaction Records: 7 years for legal and tax purposes
  • Usage Analytics: Anonymized after 26 months
  • Marketing Data: Until you unsubscribe or object
  • Legal Claims: Until resolution of any legal matters

7. International Data Transfers

When we transfer personal data outside your country, we ensure appropriate safeguards:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by competent authorities
  • Binding Corporate Rules where applicable
  • Explicit consent for specific transfers

8. Third-Party Data Sharing

We may share data with trusted third parties in limited circumstances:

  • Service Providers: Cloud hosting, payment processing, analytics
  • Legal Requirements: When required by law or legal process
  • Business Transfers: In case of merger, acquisition, or sale
  • Consent: When you explicitly authorize sharing

9. Data Breach Notification

In the event of a data breach that may pose a risk to your rights and freedoms:

  • We will notify supervisory authorities within 72 hours
  • We will inform affected individuals without undue delay
  • We will document the breach and our response
  • We will take measures to mitigate the impact

10. Children's Data Protection

We are committed to protecting children's privacy:

  • We do not knowingly collect data from children under 16
  • Parental consent is required for children under 16
  • We will delete children's data if collected without proper consent
  • Special protections apply to children's data processing

11. Exercising Your Rights

To exercise your data protection rights or for any data protection concerns:

Email: admin@smartchef.pro

Subject Line: Data Protection Request

Response Time: We will respond within 30 days (may be extended by 60 days for complex requests)

Verification: We may need to verify your identity before processing your request

12. Supervisory Authority

You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with data protection laws. Contact information for supervisory authorities is available on their respective websites.

13. Updates to This Policy

We may update this Data Protection policy to reflect changes in our practices or legal requirements. We will notify you of significant changes through our website or email.

An unhandled error has occurred. Reload 🗙