Last updated: July 21, 2025
1. Introduction
This General Data Protection Regulation (“GDPR”) Policy explains how SavoryStride.com (“Site,” “we,” “us,” or “our”) collects, processes, and protects personal data of individuals located in the European Economic Area (“EEA”), the United Kingdom, and Switzerland (collectively, “EEA+”). It supplements our broader [Privacy Policy] and should be read together with it.
2. Data Controller
- Controller: Hazel, owner of SavoryStride.com
- Registered Address: 155 N 1st Ave, Hillsboro, OR 97124, USA
- Email: contact@savorystride.com
If you have questions about this Policy or how we handle your personal data, please email Hazel at the address above.
3. Personal Data We Collect
| Category | Examples | Purpose |
|---|---|---|
| Identity & Contact | Name, email, social media handle | Account creation, newsletter delivery |
| Usage Data | IP address, browser type, pages visited, timestamps | Analytics, site optimization |
| Marketing Data | Ad identifiers, interests, cookie IDs | Personalized ads, affiliate tracking |
| Transaction Data | Purchase history (if you buy e‑books or courses) | Order fulfillment, receipts |
| User‑Generated Content | Recipe ratings, comments, feedback | Community engagement |
We do not intentionally collect special categories of data (e.g., health, religious beliefs).
4. Legal Bases for Processing
We process personal data only when at least one of the following legal bases applies:
- Consent – You voluntarily opt‑in (e.g., newsletter signup, non‑essential cookies).
- Contract – Processing is necessary to perform a contract with you (e.g., deliver a paid product).
- Legitimate Interests – We have a balanced, legitimate interest (e.g., site security, analytics) that does not override your rights.
- Legal Obligation – Compliance with applicable laws (e.g., tax, bookkeeping).
- Vital Interests – Rare cases to protect life or safety.
5. How We Use Your Data
- Service Delivery: Provide access to recipes, respond to inquiries, manage your account.
- Communications: Send newsletters, updates, promotions (with opt‑out).
- Analytics & Improvement: Analyze traffic patterns to enhance user experience.
- Advertising: Display relevant ads and measure their effectiveness.
- Security & Fraud Prevention: Detect and mitigate abuse or unauthorized access.
6. Sharing & Disclosure
We share data only with:
| Recipient | Reason | Safeguards |
|---|---|---|
| Service Providers (hosting, email marketing, payment processors) | Operate the Site and deliver services | Data Processing Agreements (DPAs) |
| Advertising & Analytics Partners (e.g., Google, Pinterest) | Serve ads, measure performance | Standard Contractual Clauses (SCCs) where applicable |
| Legal & Compliance | Respond to lawful requests, enforce terms | Confidentiality obligations |
| Business Transfers | In connection with mergers or acquisitions | Adequate protection ensured |
We do not sell personal data as defined under the GDPR.
7. International Transfers
Your data may be transferred to and processed in countries outside the EEA+, including the United States, where SavoryStride.com is hosted. We rely on appropriate safeguards, such as:
- Standard Contractual Clauses (SCCs) adopted by the European Commission.
- Data Processing Agreements with U.S.‑based vendors requiring GDPR‑level protection.
- Supplementary Measures (encryption in transit and at rest).
8. Data Retention
We retain personal data only as long as necessary to fulfill the purposes described above, unless a longer retention period is required or permitted by law. Typical retention periods:
| Data Type | Retention Period |
|---|---|
| Newsletter Subscription | Until you unsubscribe + 30 days for suppression |
| Analytics Logs | 14 months (Google Analytics default) |
| Purchase & Tax Records | 7 years (legal obligation) |
| Comments & Posts | Indefinitely, unless you request deletion |
9. Your Rights
Under the GDPR, you have the right to:
- Access – Obtain confirmation of whether we hold your data and a copy of it.
- Rectification – Correct inaccurate or incomplete data.
- Erasure (“Right to Be Forgotten”) – Delete your data in certain circumstances.
- Restriction – Limit how we process your data.
- Data Portability – Receive your data in a machine‑readable format and transfer it to another controller.
- Object – Object to processing based on legitimate interests or direct marketing.
- Withdraw Consent – At any time, without affecting prior processing.
- Lodge Complaint – With your local supervisory authority. For example, in the EU: your national Data Protection Authority; in the UK: the Information Commissioner’s Office (ICO).
To exercise any right, email us at contact@savorystride.com with “GDPR Request” in the subject line. We will respond within one month, or two months for complex requests.
10. Security Measures
We implement appropriate technical and organizational measures, including:
- HTTPS encryption (TLS 1.3).
- Regular security audits and vulnerability scanning.
- Access controls and two‑factor authentication for admin accounts.
- Routine backups stored encrypted.
- Staff training on data protection best practices.
11. Automated Decision‑Making
We do not engage in automated decision‑making or profiling that produces legal or similarly significant effects on individuals.
12. Children’s Privacy
The Site is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with data, please contact us so we can delete it promptly.
13. Changes to This Policy
We may update this GDPR Policy to reflect legal or operational changes. We will post the revised version with an updated “Last updated” date. If changes are material, we will provide a prominent notice or seek renewed consent where required.
14. Contact Us
If you have questions about this GDPR Policy or our privacy practices, please contact:
- Data Protection Contact: Hazel
- Email: contact@savorystride.com
- Address: 155 N 1st Ave, Hillsboro, OR 97124, USA
