Back to Home
Kookden Logo

GDPR Compliance

Last updated: April 29, 2025

1. Controller Information

Kookden Ltd. is the data controller for personal data collected through our food community platform, including our website, mobile application, and related services. As the data controller, we determine the purposes and means of processing personal data.

Our company details:

KOOKDEN TECHNOLOGY LTD.
71-75 Shelton Street
Covent Garden
London, WC2H 9JQ
United Kingdom
Company Registration: 13456789
Email: [email protected]
Phone: +44 074 2679 6393

2. Legal Grounds for Data Use

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Consent: When you explicitly agree to the processing of your data for specific purposes, such as:
    • Sending you our recipe newsletter
    • Using your cooking photos for promotional purposes
    • Processing special categories of data (e.g., dietary restrictions, health information related to allergies)
    • Using cookies that are not strictly necessary for the functioning of our platform
  • Contractual Necessity: When processing is necessary to fulfill our contractual obligations to you, such as:
    • Creating and managing your Kookden account
    • Processing and storing your recipes and cooking content
    • Enabling communication between community members
    • Providing customer support
  • Legitimate Interests: When we have a legitimate business interest in processing your data that is not overridden by your rights and freedoms, such as:
    • Improving and personalizing our culinary platform
    • Ensuring the security of our platform and preventing fraud
    • Analyzing how users interact with recipe features to enhance user experience
    • Direct marketing of similar products or services to existing users (subject to your right to opt-out)
  • Legal Obligation: When we need to process your data to comply with legal requirements, such as:
    • Tax and accounting obligations
    • Responding to legal requests from authorities
    • Maintaining records required by law

3. User Rights (Under GDPR)

As a Kookden user located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of all personal data we hold about you, including:
    • Account and profile information
    • Recipes and content you've created
    • Usage data and preferences
    • Information about how your data has been processed
  • Right to Rectification: You can request that we correct any inaccurate or incomplete personal data we hold about you, such as:
    • Updating your profile information
    • Correcting dietary preferences or cooking skill level
    • Amending contact details
  • Right to Erasure ("Right to be Forgotten"): You can request deletion of your personal data in certain circumstances, including:
    • When your data is no longer necessary for the purposes for which it was collected
    • When you withdraw consent and there is no other legal ground for processing
    • When you object to processing and there are no overriding legitimate grounds

    Note: We may retain certain information to comply with legal obligations or for legitimate business purposes.

  • Right to Data Portability: You can request to receive your personal data in a structured, commonly used, machine-readable format, or have it transferred directly to another data controller, including:
    • Your profile information
    • Recipes you've created
    • Collections and saved content
  • Right to Object: You can object to the processing of your personal data in certain circumstances, including:
    • Direct marketing (at any time)
    • Processing based on legitimate interests (unless we demonstrate compelling legitimate grounds)
    • Processing for research or statistical purposes
  • Right to Restrict Processing: You can request that we restrict the processing of your personal data when:
    • You contest the accuracy of your data (while we verify it)
    • The processing is unlawful, but you oppose erasure
    • We no longer need the data, but you require it for legal claims
    • You have objected to processing (pending verification of our legitimate grounds)
  • Right to Withdraw Consent: Where we process data based on your consent, you can withdraw that consent at any time. This does not affect the lawfulness of processing based on your consent before its withdrawal.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

4. Data Protection Officer (DPO)

While Kookden is not legally required to appoint a Data Protection Officer under Article 37 of the GDPR, we have voluntarily designated a Privacy Officer to oversee our data protection strategy and ensure compliance with data protection laws.

You can contact our Privacy Officer at:

Email: [email protected]
Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ
Subject Line: "Attention: Privacy Officer"

5. Lodging a Complaint

If you are not satisfied with our response to your request or believe our processing of your personal data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority.

For users in the United Kingdom, you can contact the Information Commissioner's Office (ICO):

https://ico.org.uk/make-a-complaint/
Telephone: 0303 123 1113
Textphone: 01625 545860

For users in the European Economic Area, you can find your national data protection authority here:

https://edpb.europa.eu/about-edpb/board/members_en

6. Cross-Border Transfers

As a global food community platform, Kookden may transfer your personal data to countries outside the European Economic Area (EEA), United Kingdom, or Switzerland. When we transfer personal data to countries that have not received an adequacy decision from the European Commission, we implement appropriate safeguards to ensure your data remains protected according to GDPR standards.

These safeguards include:

  • Standard Contractual Clauses (SCCs): We use the European Commission's approved Standard Contractual Clauses in our agreements with third-party service providers and partners who process data outside the EEA.
  • Supplementary Measures: Following the Schrems II decision, we implement additional technical, contractual, and organizational measures as needed to ensure an essentially equivalent level of protection.
  • Adequacy Decisions: Where possible, we transfer data to countries that have received an adequacy decision from the European Commission.
  • Data Minimization: We limit the personal data transferred to what is necessary for the specific purpose.

You can request a copy of the safeguards we use for cross-border transfers by contacting us at [email protected].

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication requirements
  • Staff training on data protection
  • Incident response procedures

8. Contact Us

If you have any questions about our GDPR compliance or how we handle your personal data, please contact us at:

Email: [email protected]
Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ
Phone: +44 074 2679 6393