Last Updated: April 2026

At Proteinbudget.com, we respect your privacy and are committed to protecting your personal data. This policy explains how we collect, use, and safeguard your information in accordance with the General Data Protection Regulation (GDPR).

Our Commitment to GDPR

Protein Budget is committed to protecting the privacy and personal data of all users, particularly those in the European Union and European Economic Area (EEA). We comply fully with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union regulation that strengthens data protection rights for individuals and imposes responsibilities on organizations that collect, process, and store personal data.

Your GDPR Rights

As a user, you have the following rights regarding your personal data:

1. Right to Access (Article 15) You have the right to request and receive a copy of your personal data that we hold. We will provide this information within 30 days of your request.

2. Right to Rectification (Article 16) If your personal data is inaccurate or incomplete, you have the right to request correction or completion.

3. Right to Erasure (Article 17 – “Right to be Forgotten”) You can request deletion of your personal data under certain circumstances. We will delete your data within 30 days, unless legal obligations require us to retain it.

4. Right to Restrict Processing (Article 18) You can request that we limit how we process your data while we verify its accuracy or clarify the legal basis for processing.

5. Right to Data Portability (Article 20) You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller without hindrance.

6. Right to Object (Article 21) You can object to processing of your data for marketing purposes, profiling, or legitimate interests.

7. Right to Withdraw Consent (Article 7) If you’ve provided consent for data processing, you can withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

8. Rights Related to Automated Decision-Making (Article 22) You have the right not to be subject to decisions based solely on automated processing that have legal or similarly significant effects.

Legal Basis for Processing

We process your personal data only on one of the following legal bases:

  • Consent: You have explicitly consented to the processing (e.g., newsletter subscriptions)
  • Contract: Processing is necessary to fulfill a contract with you (e.g., providing recipes and services)
  • Legal Obligation: Processing is required by law or regulation
  • Legitimate Interests: Processing is necessary for our legitimate interests, such as website improvement and security, provided your rights are not overridden
  • Vital Interests: Processing is necessary to protect vital interests of you or others

Data Processing Activities

Newsletter Subscriptions:

  • Legal Basis: Consent
  • Data: Email address, first name (optional)
  • Retention: Until you unsubscribe
  • Rights: Unsubscribe anytime, request deletion

Website Analytics:

  • Legal Basis: Legitimate Interests & Consent
  • Data: IP address, browsing behavior, device information
  • Retention: 26 months (Google Analytics default)
  • Rights: Opt-out via browser settings or analytics tools

Contact Forms & Support:

  • Legal Basis: Contractual Necessity & Legitimate Interests
  • Data: Name, email, message content
  • Retention: Until inquiry resolved, then 3 years for record-keeping
  • Rights: Request deletion after resolution

Cookies & Tracking:

  • Legal Basis: Consent & Legitimate Interests
  • Data: Cookie identifiers, browsing patterns
  • Retention: As per cookie policy (typically 1-2 years)
  • Rights: Disable cookies in browser settings

Data Protection Impact Assessment

We conduct Data Protection Impact Assessments (DPIAs) for high-risk processing activities to ensure compliance and minimize risks to your data.

Data Breach Notification

In the event of a personal data breach, we will notify affected individuals and the relevant supervisory authority within 72 hours, as required by GDPR Article 33, unless the breach poses no risk to your rights and freedoms.

Data Protection Officer

Our Data Protection Officer (DPO) is available to address all GDPR-related inquiries:

Email: contact@proteinbudget.com

Contact Us

If you have questions about this GDPR Privacy Policy or how we use your data, you can contact us:

© 2025 About Privacy Policy Terms of Use Disclaimer GDPR