Last updated: 4 July 2025
1. Introduction
This General Data Protection Regulation (“GDPR”) Policy explains how LisaDishes.com (“Site,” “we,” “our,” “us”) collects, uses, shares, and protects personal data of individuals located in the European Economic Area (“EEA”), the United Kingdom, and Switzerland (collectively, “EU Residents”). It supplements our broader [Privacy Policy] and applies whenever EU data-protection law is relevant.
2. Data Controller
Lisa Martinez
LisaDishes.com
155 N 1st Ave, Hillsboro, OR 97124, USA
Email: contact@lisadishes.com
3. Personal Data We Collect
| Category | Examples | Source |
|---|---|---|
| Identity Data | Name, username, social-media handle | Provided by you (e.g., comments, contact forms) |
| Contact Data | Email address, postal address | Provided by you |
| Technical Data | IP address, browser type, device identifiers, cookies | Automated via cookies & log files |
| Usage Data | Pages viewed, links clicked, scroll depth | Analytics tools (e.g., Google Analytics) |
| Marketing Data | Newsletter preferences, affiliate-link clicks | Provided by you / cookies |
We do not intentionally collect special categories of personal data (e.g., health, political opinions).
4. Lawful Bases for Processing
We rely on one or more of the following GDPR bases:
- Consent – e.g., when you opt in to our newsletter or non-essential cookies.
- Contract – to provide services or content you request.
- Legitimate Interests – e.g., to improve the Site, prevent fraud, and grow our business, provided those interests are not overridden by your rights.
- Legal Obligation – to comply with U.S. or EU legal requirements.
5. How We Use Personal Data
- To publish and personalize recipes and content.
- To send newsletters and marketing communications (with opt-out).
- To analyze Site performance via cookies and analytics.
- To administer giveaways or promotions.
- To detect, investigate, and prevent fraudulent or illegal activities.
6. Sharing & Disclosure
We share data only when necessary:
| Recipient | Purpose | Safeguard |
|---|---|---|
| Web-host & CDN | Site operation | Data-processing agreement |
| Email Service (e.g., MailerLite) | Newsletter delivery | EU Standard Contractual Clauses (“SCCs”) |
| Analytics Providers (Google Analytics) | Usage metrics | IP anonymization enabled |
| Affiliate Networks (e.g., Amazon Associates) | Commission tracking | Limited to cookie ID & referrer |
| Legal/Regulatory Authorities | Compliance or protection of rights | As required by law |
We never sell personal data.
7. International Transfers
Your information is stored on servers in the United States, a jurisdiction that may not provide the same level of data protection as the EU. Where required, we rely on SCCs, your explicit consent, or other approved mechanisms (GDPR Art. 46) to legitimize these transfers.
8. Data Retention
We keep personal data only as long as necessary for the purposes described:
- Newsletter subscription data: until you unsubscribe.
- Comment data: indefinitely (to preserve conversation) or until you request deletion.
- Analytics records: 26 months (Google Analytics default) or less.
Back-ups are purged on a rolling 30-day basis.
9. Your Rights Under GDPR
EU Residents have the right to:
| Right | What It Means |
|---|---|
| Access | Obtain a copy of your personal data we hold. |
| Rectification | Correct inaccurate or incomplete data. |
| Erasure (“Right to Be Forgotten”) | Request deletion of your data. |
| Restriction | Limit how we process your data. |
| Portability | Receive your data in a structured, machine-readable format. |
| Objection | Object to processing based on legitimate interests or direct marketing. |
| Withdraw Consent | At any time, without affecting prior processing. |
10. Exercising Your Rights
Email gdpr@lisadishes.com or contact@lisadishes.com with your request. We will respond within one month (GDPR Art. 12) or explain any lawful reason for delay. We may require proof of identity.
11. Right to Lodge a Complaint
You may complain to your local supervisory authority. The lead authority for cross-border matters is likely the Irish Data Protection Commission (DPC), but you may contact any EU data-protection regulator.
12. Children’s Privacy
The Site is not directed to children under 13 (or under 16 in the EEA). We do not knowingly collect data from minors. If you believe we have unintentionally collected such data, please contact us to delete it.
13. Data Security
We implement TLS encryption, strong passwords, two-factor authentication for admin access, and regular plugin updates to safeguard data. No Internet transmission is 100 % secure; therefore, we cannot guarantee absolute security.
14. Changes to This Policy
We may update this GDPR Policy periodically. Material changes will be highlighted on the Site or via email. The “Last updated” date indicates the latest revision.
15. Contact
Questions about this Policy or data-protection practices? Reach out to:
Lisa Martinez
LisaDishes.com
155 N 1st Ave, Hillsboro, OR 97124, USA
Email: contact@lisadishes.com
