Foodflow

Privacy Policy

Last updated: May 26, 2025

1. Introduction

FoodFlow.dev ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://foodflow.dev and use our services.

This policy complies with the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 (UK GDPR).

2. Data Controller Information

Data Controller:

FoodFlow.dev

Email: privacy@foodflow.dev

3. Information We Collect

3.1 Personal Data You Provide

  • Contact Information:Email address, name (when provided voluntarily)
  • Communication Data:Messages sent through contact forms or email
  • Marketing Preferences:Subscription to newsletters and updates

3.2 Automatically Collected Data

  • Technical Data:IP address, browser type, device information, operating system
  • Usage Data:Pages visited, time spent on site, click patterns, referral URLs
  • Cookies and Tracking:See our Cookie Policy section below

3.3 Special Categories of Personal Data

We do not intentionally collect special categories of personal data (sensitive data) such as health information, racial origin, political opinions, religious beliefs, or biometric data.

4. Legal Basis for Processing (GDPR/UK GDPR)

We process your personal data based on the following legal grounds:

  • Consent (Article 6(1)(a)):For marketing communications and non-essential cookies
  • Legitimate Interests (Article 6(1)(f)):For website analytics, security, and business development
  • Contract Performance (Article 6(1)(b)):For providing requested services or information
  • Legal Obligation (Article 6(1)(c)):For compliance with applicable laws

5. How We Use Your Information

5.1 Primary Uses

  • Respond to your inquiries and provide customer support
  • Send you information about our product development and beta access
  • Improve our website and services through analytics
  • Ensure website security and prevent fraud

5.2 Marketing Communications

  • Send newsletters and product updates (with your consent)
  • Inform you about early access opportunities and special offers
  • Share relevant industry insights and content

5.3 Website Optimization

  • Analyze user behavior to improve user experience
  • Conduct A/B testing for website features
  • Monitor website performance and troubleshoot issues

6. Information Sharing and Disclosure

6.1 We Do Not Sell Personal Data

We do not sell, rent, or trade your personal information to third parties.

6.2 Legal Requirements

We may disclose information when required by law, court order, or to:

  • Comply with legal obligations
  • Protect our rights and property
  • Prevent fraud or security threats
  • Protect the safety of users or the public

6.3 Business Transfers

In case of merger, acquisition, or sale of assets, personal data may be transferred as part of the business transaction.

7. International Data Transfers

7.1 EU/UK Transfers

If we transfer data outside the EU/UK, we ensure appropriate safeguards through:

  • Adequacy Decisions: Transfers to countries with adequate protection
  • Standard Contractual Clauses (SCCs): EU Commission approved contracts
  • Binding Corporate Rules: For transfers within corporate groups
  • Consent: Where other safeguards are not available

7.2 Current Transfers

  • Website hosting may involve transfers to [specify regions]
  • Analytics services may involve transfers to the United States (Google Analytics with appropriate safeguards)

8. Your Rights (GDPR/UK GDPR)

8.1 Access Rights

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for marketing or cookies

8.2 Exercising Your Rights

To exercise your rights, contact us at:privacy@foodflow.dev

We will respond within one month (extendable by two months for complex requests).

8.3 Right to Complain

You have the right to lodge a complaint with supervisory authorities:

  • EU: Your local Data Protection Authority
  • UK: Information Commissioner's Office (ICO) -ico.org.uk

9. Data Retention

9.1 Retention Periods

  • Contact Inquiries: 3 years from last contact
  • Marketing Lists: Until consent is withdrawn
  • Website Analytics: 26 months (Google Analytics default)
  • Technical Logs: 12 months for security purposes

9.2 Deletion Process

Data is securely deleted or anonymized when retention periods expire.

10. Data Security

10.1 Security Measures

We implement appropriate technical and organizational measures:

  • Encryption: Data transmission via SSL/TLS
  • Access Controls: Limited access on need-to-know basis
  • Regular Updates: Security patches and system updates
  • Monitoring: Ongoing security monitoring and incident response

10.2 Data Breach Notification

In case of a data breach, we will:

  • Notify relevant supervisory authorities within 72 hours (if required)
  • Inform affected individuals if high risk to their rights and freedoms
  • Document and investigate all breaches

11. Cookies Policy

11.1 Cookie Types

  • Essential Cookies: Necessary for website functionality
  • Analytics Cookies: Google Analytics for usage statistics
  • Marketing Cookies: Track visitors across websites (with consent)
  • Preference Cookies: Remember your settings and preferences

11.2 Cookie Management

You can control cookies through:

  • Browser settings (disable/delete cookies)
  • Our cookie consent banner
  • Opt-out tools provided by third parties (e.g., Google Analytics opt-out)

11.3 Third-Party Cookies

  • Google Analytics: Tracks website usage (anonymized)
  • Social Media Plugins: May set cookies if embedded content is present

12. Children's Privacy

Our services are not directed to children under 16 (EU) / 13 (UK). We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

13. Updates to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last updated" date. For material changes, we may provide additional notice via email or website notification.

14. Contact Information

14.1 General Inquiries

Email:privacy@foodflow.dev

Website:https://foodflow.dev

14.2 Data Protection Officer

If we appoint a Data Protection Officer (DPO), contact details will be provided here.

14.3 Supervisory Authorities

EU: Find your local DPA athttps://edpb.europa.eu/about-edpb/about-edpb/members_en

UK: Information Commissioner's Office (ICO)

Website:ico.org.uk

Phone: 0303 123 1113

15. Definitions

  • Personal Data:Any information relating to an identified or identifiable natural person
  • Processing:Any operation performed on personal data (collection, storage, use, disclosure, etc.)
  • Data Subject:The individual whose personal data is being processed
  • Controller:The entity that determines the purposes and means of processing personal data
  • Processor:The entity that processes personal data on behalf of the controller