GDPR Policy

Last updated: 4 July 2025


1. Introduction

This General Data Protection Regulation (“GDPR”) Policy explains how LisaDishes.com (“Site,” “we,” “our,” “us”) collects, uses, shares, and protects personal data of individuals located in the European Economic Area (“EEA”), the United Kingdom, and Switzerland (collectively, “EU Residents”). It supplements our broader [Privacy Policy] and applies whenever EU data-protection law is relevant.


2. Data Controller

Lisa Martinez
LisaDishes.com
155 N 1st Ave, Hillsboro, OR 97124, USA
Email: contact@lisadishes.com


3. Personal Data We Collect

CategoryExamplesSource
Identity DataName, username, social-media handleProvided by you (e.g., comments, contact forms)
Contact DataEmail address, postal addressProvided by you
Technical DataIP address, browser type, device identifiers, cookiesAutomated via cookies & log files
Usage DataPages viewed, links clicked, scroll depthAnalytics tools (e.g., Google Analytics)
Marketing DataNewsletter preferences, affiliate-link clicksProvided by you / cookies

We do not intentionally collect special categories of personal data (e.g., health, political opinions).


4. Lawful Bases for Processing

We rely on one or more of the following GDPR bases:

  1. Consent – e.g., when you opt in to our newsletter or non-essential cookies.
  2. Contract – to provide services or content you request.
  3. Legitimate Interests – e.g., to improve the Site, prevent fraud, and grow our business, provided those interests are not overridden by your rights.
  4. Legal Obligation – to comply with U.S. or EU legal requirements.

5. How We Use Personal Data

  • To publish and personalize recipes and content.
  • To send newsletters and marketing communications (with opt-out).
  • To analyze Site performance via cookies and analytics.
  • To administer giveaways or promotions.
  • To detect, investigate, and prevent fraudulent or illegal activities.

6. Sharing & Disclosure

We share data only when necessary:

RecipientPurposeSafeguard
Web-host & CDNSite operationData-processing agreement
Email Service (e.g., MailerLite)Newsletter deliveryEU Standard Contractual Clauses (“SCCs”)
Analytics Providers (Google Analytics)Usage metricsIP anonymization enabled
Affiliate Networks (e.g., Amazon Associates)Commission trackingLimited to cookie ID & referrer
Legal/Regulatory AuthoritiesCompliance or protection of rightsAs required by law

We never sell personal data.


7. International Transfers

Your information is stored on servers in the United States, a jurisdiction that may not provide the same level of data protection as the EU. Where required, we rely on SCCs, your explicit consent, or other approved mechanisms (GDPR Art. 46) to legitimize these transfers.


8. Data Retention

We keep personal data only as long as necessary for the purposes described:

  • Newsletter subscription data: until you unsubscribe.
  • Comment data: indefinitely (to preserve conversation) or until you request deletion.
  • Analytics records: 26 months (Google Analytics default) or less.

Back-ups are purged on a rolling 30-day basis.


9. Your Rights Under GDPR

EU Residents have the right to:

RightWhat It Means
AccessObtain a copy of your personal data we hold.
RectificationCorrect inaccurate or incomplete data.
Erasure (“Right to Be Forgotten”)Request deletion of your data.
RestrictionLimit how we process your data.
PortabilityReceive your data in a structured, machine-readable format.
ObjectionObject to processing based on legitimate interests or direct marketing.
Withdraw ConsentAt any time, without affecting prior processing.

10. Exercising Your Rights

Email gdpr@lisadishes.com or contact@lisadishes.com with your request. We will respond within one month (GDPR Art. 12) or explain any lawful reason for delay. We may require proof of identity.


11. Right to Lodge a Complaint

You may complain to your local supervisory authority. The lead authority for cross-border matters is likely the Irish Data Protection Commission (DPC), but you may contact any EU data-protection regulator.


12. Children’s Privacy

The Site is not directed to children under 13 (or under 16 in the EEA). We do not knowingly collect data from minors. If you believe we have unintentionally collected such data, please contact us to delete it.


13. Data Security

We implement TLS encryption, strong passwords, two-factor authentication for admin access, and regular plugin updates to safeguard data. No Internet transmission is 100 % secure; therefore, we cannot guarantee absolute security.


14. Changes to This Policy

We may update this GDPR Policy periodically. Material changes will be highlighted on the Site or via email. The “Last updated” date indicates the latest revision.


15. Contact

Questions about this Policy or data-protection practices? Reach out to:

Lisa Martinez
LisaDishes.com
155 N 1st Ave, Hillsboro, OR 97124, USA
Email: contact@lisadishes.com