Food Regulations

Author: foodregs

  • Privacy Policy

    Last updated: October 2025

    This Privacy Policy describes how Food-Regulations.org (“the Website”, “we”, “us”, “our”) collects, uses, and protects your Personal Data when you use our Website. It also explains your rights under applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and the UK GDPR.

    By using the Website, you acknowledge the collection and use of your information as described in this Privacy Policy. Where required by law (e.g., for marketing or analytics cookies), we will seek your explicit consent before processing your Personal Data.

    Interpretation and Definitions

    Personal Data means any information relating to an identified or identifiable individual (a “Data Subject”). This includes, for example, your name, email address, and IP address. Personal Data does not include data that has been anonymised or aggregated.

    Service refers to the Website, accessible from https://food-regulations.org.

    Controller refers to the entity (Food-Regulations.org) that determines the purposes and means of processing Personal Data.

    Cookies are small files placed on your device that allow us to track certain information about your browsing.

    Service Providers are third-party companies or individuals we engage to support our operations (e.g., hosting, analytics, form management, CRM).

    You means the individual accessing or using the Website, or the organisation on whose behalf the Website is being used.

    Types of Data Collected

    Personal Data

    We may collect Personal Data when you:

    • Submit a form via WordPress (e.g., name, email address, contact details).
    • Request downloads, resources, or updates.
    • Contact us directly.

    Form submissions may be transmitted and stored securely in Google Sheets via Google Apps Script and in our Customer Relationship Management (CRM) system, Salesforce/Pardot, to allow us to respond to inquiries, manage communications, and improve our services.

    We also collect:

    • Usage Data (including IP Address): This data, which is considered Personal Data under GDPR, includes IP address, browser type, device information, time spent on pages, and referring URLs. This is collected automatically through server logs and analytics tools like Google Analytics.

    Tracking Technologies and Cookies

    Our Website uses Cookies for the following purposes:

    • Essential Cookies: These are necessary for the Website to function properly (e.g., enabling form submissions and maintaining session security). They are automatically set and are processed under our Legitimate Interest to deliver a functional website.
    • Analytics Cookies: Through Google Site Kit/Google Analytics, we track user interaction with the Website. These cookies collect data to help us improve our services and user experience. These cookies are only set after you have given your explicit consent via our cookie banner.

    You can manage your consent preferences at any time by clicking the “Manage Cookies” link (or similar icon) available on the Website.

    Legal Basis for Processing (GDPR/UK GDPR)

    We rely on the following legal bases to process your Personal Data:

    • Consent: We process your data based on your explicit, opt-in consent for activities like sending you marketing and promotional communications (nurture sequences) and for setting non-essential Analytics Cookies. You can withdraw consent at any time.
    • Contract: Processing is necessary to perform a contract with you or to take steps at your request prior to entering into a contract (e.g., fulfilling your request for a specific download or resource).
    • Legitimate Interest: Processing is necessary for our legitimate interests, provided these do not override your rights and freedoms. This includes: responding to general inquiries, improving the Website, maintaining the security of the Service, and processing Essential Cookies.
    • Legal Obligation: Processing is necessary to comply with a legal obligation (e.g., tax, accounting, or reporting requirements).

    Use of Your Personal Data

    We use Personal Data for the following purposes:

    • To provide and maintain the Website and fulfil your resource/download requests (Basis: Contract).
    • To respond to your enquiries or requests (Basis: Legitimate Interest or Contract).
    • To improve our services and user experience (Based on Consent for Analytics or Legitimate Interest for non-identifiable data).
    • To send you updates or promotional communications (nurture sequences) only where you have provided explicit consent (Basis: Consent). You can opt out at any time via the unsubscribe link.
    • To comply with legal obligations and to protect the security of the Website (Basis: Legal Obligation and Legitimate Interest).

    We will never sell or rent your Personal Data.

    Sharing of Your Personal Data

    We may share your Personal Data with:

    • Service Providers, such as WordPress, Google (Google Sheets, Google Apps Script, Google Analytics), website hosting providers, and our CRM system, Salesforce/Pardot.
    • Legal authorities, if required to comply with a legal obligation.
    • Corporate transactions, in the event of a merger, acquisition, or similar event.

    All sharing complies with applicable data protection laws, and our Service Providers are bound by data processing agreements.

    Retention of Your Personal Data

    We retain Personal Data only as long as necessary to fulfil the purposes outlined in this Privacy Policy, including compliance with legal, accounting, or reporting obligations.

    You may request deletion of your Personal Data by contacting us. Data stored in Google Sheets, Salesforce/Pardot, or our WordPress platform will be deleted unless retention is required by law.

    International Data Transfers

    Your Personal Data may be processed outside your country of residence, including on servers operated by Google and Salesforce/Pardot in the United States and other locations.

    For transfers of Personal Data originating from the European Economic Area (EEA) and the UK, we ensure adequate protection is provided by relying on Standard Contractual Clauses (SCCs) adopted by the European Commission, or by ensuring the recipient is certified under the EU-U.S. Data Privacy Framework (DPF) (where applicable).

    Security of Your Personal Data

    We implement appropriate technical and organisational measures (including encryption where possible and access controls) to protect your Personal Data. However, no method of transmission over the Internet or electronic storage is 100% secure.

    Children’s Privacy

    The Website is not directed to individuals under 16 years old. We do not knowingly collect data from them. If we become aware that we have collected such data, we will take steps to delete it immediately.

    Your Data Protection Rights (GDPR/UK GDPR)

    Depending on your jurisdiction, you may have the following rights regarding the Personal Data we hold about you:

    • Right to Access: The right to be informed about and request access to your Personal Data.
    • Right to Rectification: The right to have inaccurate or incomplete Personal Data corrected.
    • Right to Erasure (Right to be Forgotten): The right to request the deletion of your Personal Data.
    • Right to Restrict Processing: The right to request that we temporarily or permanently stop processing all or some of your Personal Data.
    • Right to Object: The right to object to us processing your Personal Data, particularly where processing is based on Legitimate Interest or for Direct Marketing purposes.
    • Right to Data Portability: The right to request a copy of your Personal Data in an electronic format and the right to transmit that Personal Data for use in another party’s service.
    • Right to Withdraw Consent: The right to withdraw your consent to processing at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

    To exercise these rights, please contact us. You also have the right to lodge a complaint with a Supervisory Authority in your relevant jurisdiction.

    Links to Other Websites

    The Website may contain links to third-party websites. We are not responsible for their content or privacy practices. Please review their Privacy Policies separately.

    Changes to this Privacy Policy

    We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated “Last updated” date. Where required by law, we will notify you by email or Website notice.

    Contact Us

    If you have any questions about this Privacy Policy or wish to exercise your data rights, you can contact us through the form on the website.