MuMeasyMeals – GDPR Compliance Policy

MuMeasyMeals (https://mumeasymeals.com) is committed to protecting the privacy and personal data of our users in accordance with the EU General Data Protection Regulation (GDPR). This policy explains what personal data we collect, why we collect it, how we protect it, and the rights you have under the GDPR.

1. Personal Data We Collect

When you interact with MuMeasyMeals we may collect the following categories of personal data:

Email address – required for account creation, order confirmations, newsletters, and customer support.
Cookies & tracking identifiers – used to remember your preferences, keep you logged in, and analyse site usage.
Analytics data – aggregated information such as page views, device type, IP address (anonymised where possible), and navigation paths, collected via Google Analytics and similar services.

2. Legal Basis for Processing

MuMeasyMeals processes personal data only when one of the following lawful bases applies:

Consent – you have expressly consented to receive marketing communications or to the use of non‑essential cookies after being provided with clear information.
Legitimate interest – we process data for the purposes of improving the website, preventing fraud, and delivering the services you request, provided that your interests and fundamental rights do not override those interests.
Performance of a contract – processing your email address and order details is necessary to fulfil the purchase contract you enter into with us.

3. How We Protect Your Data

We employ a range of technical and organisational measures to safeguard your personal data:

SSL/TLS encryption – all data transmitted between your browser and our servers is encrypted using HTTPS.
Secure servers – our hosting environment is hosted in ISO‑27001‑certified data centres with firewalls, intrusion detection, and regular security patching.
Access controls – only authorised personnel with a legitimate business need can access personal data, and they are required to sign confidentiality agreements.
Limited retention – we retain personal data only for as long as necessary to fulfil the purposes outlined in this policy. Email addresses for marketing are deleted after 24 months of inactivity unless you renew your consent.
Data minimisation – we collect only the data required to provide the service you request and never request unnecessary information.

4. Your GDPR Rights

Under the GDPR you have a series of rights regarding your personal data. Each right is listed below with a Bootstrap icon for quick reference.

Right to Access

You may request a copy of the personal data we hold about you, together with information about how we process it.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you have the right to have it corrected without undue delay.

Right to Erasure (Right to be Forgotten)

You may ask us to delete your personal data where there is no overriding legal reason for us to retain it.

Right to Restrict Processing

You can request that we limit the processing of your data while we verify the accuracy of the information or while a dispute is being resolved.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine‑readable format and to transmit it to another controller.

Right to Object

You may object to the processing of your personal data for direct marketing, scientific or historical research, or legitimate interest reasons.

Right to Withdraw Consent

Where processing is based on your consent, you may withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

5. How to Exercise Your Rights

To exercise any of the rights listed above, please contact our Data Protection Officer (DPO) using the details provided below. You may submit your request by email, postal mail, or through the online contact form on our website.

Email: gdpr@mumeasymeals.com
Postal address: Data Protection Officer, MuMeasyMeals, 123 Food Street, London, UK, SW1A 1AA

When you contact us, please include the following information to help us verify your identity and process your request efficiently:

Full name and contact details (email address used with MuMeasyMeals)
A clear description of the right you wish to invoke
Any reference numbers (order ID, account ID) that may assist us in locating your data
Proof of identity (e.g., a scanned government‑issued ID) if we deem it necessary for security reasons

6. Response Time

MuMeasyMeals will acknowledge receipt of your request within 5 business days and will endeavour to provide a full response within 30 calendar days, in line with GDPR Article 12. If additional time is required due to the complexity of the request, we will inform you of the extension and the reasons for it.

7. International Data Transfers

All personal data processed by MuMeasyMeals is stored on servers located within the European Economic Area (EEA). If a transfer outside the EEA becomes necessary (e.g., for third‑party analytics services), we will ensure that appropriate safeguards—such as Standard Contractual Clauses—are in place.

8. Changes to This Policy

We review this GDPR Compliance Policy regularly. Any material changes will be posted on this page with an updated “Last Updated” date. Continued use of the MuMeasyMeals website after such changes constitutes acceptance of the revised policy.

Last Updated: December 01, 2025