GDPR Compliance Notice for CrispTastes
Effective Date: January 2026
This GDPR Notice explains how CrispTastes (“we”, “our”, “us”) processes personal data of individuals located in the European Economic Area (EEA) in accordance with the General Data Protection Regulation (GDPR).
1. Data Controller
CrispTastes is the Data Controller responsible for determining the purposes and means of processing personal data collected through https://crisptastes.net/ (the “Website”).
2. Personal Data We Collect
We may collect the following types of personal data:
• Contact information (such as email, if voluntarily submitted)
• Technical data (IP address, browser type, device information)
• Usage data (pages viewed, time spent, interactions)
• Cookies and tracking data
We do not intentionally collect sensitive personal data unless explicitly provided by the user with consent.
3. Legal Basis for Processing
We process personal data under one or more of the following legal bases:
• Consent (e.g., email subscriptions or cookie acceptance)
• Contractual necessity (e.g., providing requested content or services)
• Legitimate interest (e.g., Website analytics or improvement)
• Compliance with legal obligations
4. How We Use Personal Data
We use personal data to:
• Operate and maintain the Website
• Improve performance, functionality, and user experience
• Communicate with users who voluntarily contact us
• Analyze usage and traffic for optimization
• Comply with legal requirements
5. Cookies and Tracking Technologies
We use cookies and similar technologies for functionality, analytics, and affiliate or advertising purposes where applicable. Users can manage cookie settings through their browser or device. For more details, please refer to our Cookies Policy.
6. Data Sharing
We may share personal data with:
• Service providers assisting with analytics, performance, or hosting
• Advertising or affiliate networks (if applicable)
• Legal authorities when required by law
We do not sell personal data to third parties.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law.
8. International Data Transfers
Personal data may be transferred outside the EEA to trusted third-party service providers who maintain adequate data protection measures in accordance with GDPR requirements.
9. Your GDPR Rights
Individuals located in the EEA have the right to:
• Access personal data
• Rectify inaccurate personal data
• Erase personal data (“right to be forgotten”)
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent at any time (when processing is based on consent)
To exercise any of these rights, please contact us through the Website.
10. Children’s Privacy
We do not knowingly collect personal data from individuals under 16 without parental consent. If such data is accidentally collected, we will delete it promptly upon request.
11. Security Measures
We take appropriate technical and organizational measures to safeguard personal data against unauthorized access, misuse, or disclosure.
12. Updates to This GDPR Notice
We may update this GDPR Notice to reflect legal, technical, or operational changes. Revised versions will be posted on this page with an updated Effective Date.
13. Contact Information
For questions about this GDPR Notice or to exercise your rights, you may contact us through our Website.