GDPR Compliance Policy – miadishes

Effective date: December 01, 2025

1. Introduction

miadishes (the “Company”, “we”, “our”, or “us”) operates the website https://miadishes.com. We are committed to protecting the privacy and personal data of our users in accordance with the European Union General Data Protection Regulation (EU) 2016/679 (“GDPR”). This policy explains what personal data we collect, why we collect it, how we protect it, and the rights you have under the GDPR. By using our site, you acknowledge that you have read and understood this policy.

2. Data We Collect

We only process personal data that is necessary for the legitimate purposes described below:

Email address – collected when you subscribe to our newsletter, request support, or otherwise voluntarily provide it.
Cookies & similar technologies – used to remember your preferences, analyse site usage, and deliver personalised content.
Analytics data – aggregated information such as IP address, browser type, and pages visited, collected through Google Analytics and similar services.

3. How We Protect Your Data

We employ a range of technical and organisational measures to safeguard your personal data:

SSL/TLS encryption – all data transmitted between your browser and our servers is encrypted using HTTPS.
Secure servers – our hosting environment is protected by firewalls, intrusion‑detection systems, and regular security patches.
Limited retention periods – personal data is retained only as long as necessary for the purpose it was collected, after which it is securely deleted or anonymised.
Access controls – only authorised personnel with a legitimate business need can access personal data, and all access is logged.

4. Legal Basis for Processing

We process personal data on one or more of the following lawful bases:

Consent – when you voluntarily sign up for our newsletter or accept cookies, you give explicit consent for those specific purposes.
Legitimate interests – we may process data to improve website performance, prevent fraud, and communicate essential information about our services, provided that such interests do not override your fundamental rights.

5. Your GDPR Rights

Under the GDPR you enjoy a series of specific rights. Each right is explained below, together with an icon for quick reference.

Right to Access

You have the right to obtain confirmation that we are processing your personal data and, where applicable, to receive a copy of that data in a structured, commonly used format.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you may request that we correct or complete it without undue delay.

Right to Erasure (Right to be Forgotten)

You may ask us to delete your personal data when it is no longer necessary for the purposes for which it was collected, when you withdraw consent, or when the processing is unlawful.

Right to Restrict Processing

You can request that we limit the processing of your data while we verify its accuracy or while a dispute about its use is being resolved.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine‑readable format and to transmit that data to another controller without hindrance.

Right to Object

You may object, on grounds relating to your particular situation, to the processing of your personal data for direct marketing, scientific research, or legitimate interests.

Right to Withdraw Consent

Where processing is based on consent, you can withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

6. How to Exercise Your Rights

To exercise any of the rights listed above, please follow these steps:

Prepare a written request that clearly identifies the right you wish to invoke (e.g., “Right to Access” or “Right to Erasure”).
Include sufficient information to verify your identity (such as the email address you used on our site) to prevent unauthorised disclosure.
Send the request to our dedicated GDPR mailbox: gdpr@miadishes.com.
We will acknowledge receipt of your request within 5 business days and will act on it without undue delay, and in any case within the statutory period of 30 calendar days.

7. Response Time

In accordance with Article 12 of the GDPR, we aim to respond to all lawful requests within 30 days of receipt. If a request is particularly complex or if we have received a large number of requests, we may extend the deadline by up to an additional two months, but we will inform you of any extension within the initial 30‑day period and provide a reason for the delay.

8. Contact Information

If you have any questions, concerns, or wish to exercise your rights, please contact our Data Protection Officer at:

miadishes – Data Protection Officer
Email: gdpr@miadishes.com

9. Changes to This Policy

We review this GDPR Compliance Policy regularly and may update it to reflect changes in our practices, legal requirements, or technology. Any material changes will be posted on this page with a new “Last Updated” date. We encourage you to review the policy periodically.

10. International Transfers

If we need to transfer your personal data outside the European Economic Area (EEA), we will ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to guarantee an equivalent level of protection.

11. Complaints

Should you believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority in the EU member state where you reside, work, or where the alleged infringement took place. In the United Kingdom, you may contact the Information Commissioner’s Office (ICO); in other EU countries, you may contact the relevant national authority.

We appreciate your trust in miadishes and remain committed to protecting your privacy in line with the highest European data‑protection standards.