GDPR

GDPR Compliance Statement

Introduction

At Crystal Recipes, we are committed to protecting and respecting your privacy. This GDPR Compliance Statement outlines how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (GDPR).

Data Controller

Crystal Recipes is the data controller responsible for your personal data. If you have any questions regarding this statement or your personal data, please contact us at:

Data We Collect

We may collect and process the following personal data about you:

  • Identity Data: Name, username or similar identifier.
  • Contact Data: Email address, phone numbers.
  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Profile Data: Your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
  • Usage Data: Information about how you use our website, products, and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

How We Use Your Data

We use your personal data to:

  • Provide and manage your access to our website.
  • Personalize and tailor your experience on our website.
  • Supply our products and services to you.
  • Reply to your emails, queries, and other communications.
  • Provide you with news, special offers, and general information about other goods, services, and events we offer.
  • Comply with our legal obligations.

Legal Basis for Processing

We will only process your personal data where we have a legal basis to do so, which includes:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose.
  • Contract: The processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
  • Legal Obligation: The processing is necessary for us to comply with the law (not including contractual obligations).
  • Legitimate Interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.

Your Rights

Under the GDPR, you have the right to:

  • Access your personal data and request a copy of it.
  • Request correction of the personal data that we hold about you.
  • Request erasure of your personal data.
  • Object to the processing of your personal data.
  • Request the restriction of processing of your personal data.
  • Request the transfer of your personal data to another party.
  • Withdraw consent at any time where we are relying on consent to process your personal data.

Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorized way, altered, or disclosed. Additionally, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know.

Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Changes to This Statement

We may update this GDPR Compliance Statement from time to time. We will notify you of any changes by posting the new statement on this page. You are advised to review this statement periodically for any changes.

Contact Us

If you have any questions about this GDPR Compliance Statement, please contact us at: