Mumcookjoy GDPR Compliance Policy

Last Updated: April 03, 2026

1. Introduction

Mumcookjoy (“the Site”, “we”, “us” or “our”) is committed to protecting your privacy and ensuring that your personal data is processed in compliance with the European Union’s General Data Protection Regulation (GDPR). This policy explains what personal data we collect, why we process it, how we protect it, and the rights you have under the GDPR. If you have any questions or concerns, please contact us at [email protected].

2. Types of Personal Data We Collect

2.1 Email Addresses
When you subscribe to our newsletter, create an account, or contact us via the form on the Site, we collect your email address. This data is used to send you newsletters, updates, and to respond to your inquiries.

2.2 Cookies and Similar Technologies
We use cookies and other tracking technologies to analyze traffic, personalize content, and improve user experience. These include first‑party cookies that record your browsing behavior on the Site and third‑party cookies from analytics providers.

2.3 Web Analytics Data
We use Google Analytics and Matomo to collect aggregate data such as page views, time spent on the Site, and referral sources. This data helps us understand how visitors interact with the Site and identify areas for improvement.

3. Legal Basis for Processing

3.1 Consent
We obtain your explicit consent when you sign up for our newsletter, register for an account, or agree to the use of cookies through the cookie banner. Your consent is freely given, specific, informed, and unambiguous.

3.2 Legitimate Interest
We process personal data that is necessary for the legitimate interests of Mumcookjoy, such as improving the Site’s performance, providing a personalized user experience, and protecting against fraud. We conduct a balancing test to ensure that our interests do not override your fundamental rights and freedoms.

4. Data Protection Measures

4.1 Secure Transmission
All data transmitted between your browser and our servers is encrypted using TLS 1.3 (SSL) to prevent interception and tampering.

4.2 Secure Storage
Personal data is stored on secure, access‑controlled servers hosted in the European Union. We employ industry‑standard encryption at rest and restrict access to authorized personnel only.

4.3 Limited Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. Email addresses are kept for the duration of your subscription or until you request deletion. Analytics data is anonymized and stored for a maximum of 12 months.

5. Your GDPR Rights

You have the following rights under the GDPR. We provide simple ways to exercise each right. All requests will be processed within 30 days unless otherwise required by law.

Right to Access

You may request a copy of the personal data we hold about you, including the sources of the data and the purposes of processing.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you can request us to correct or update it.

Right to Erasure

You can ask us to delete your personal data when it is no longer necessary, or if you withdraw consent and there is no other legal basis for processing.

Right to Restrict Processing

You may request that we suspend processing of your data (e.g., for verification purposes) while we investigate the accuracy or legality of the processing.

Right to Data Portability

You can obtain your personal data in a structured, commonly used format and transfer it to another controller.

Right to Object

You have the right to object to processing for direct marketing or profiling purposes, and we will stop processing unless we can demonstrate compelling legitimate grounds.

Right to Withdraw Consent

You can withdraw consent at any time. Withdrawal is effective for all processing based on the consent that has been withdrawn, and we will cease processing unless another legal basis applies.

6. How to Exercise Your Rights

To exercise any of the rights listed above, please send a written request to [email protected] with the following information:

Your full name and contact details
A description of the data or request (e.g., “I wish to access all personal data stored about me.”)
Any supporting evidence (e.g., account ID, subscription reference)

We will respond within 30 days of receiving your request. If we need more information to verify your identity, we may ask for additional documentation. Should you not receive a response within the stipulated time, you may lodge a complaint with a supervisory authority.

7. Data Retention

We retain personal data for the period necessary to achieve the purposes for which it was collected. Specifically:

Email addresses: until you unsubscribe or request deletion.
Cookies and analytics data: stored for up to 12 months, then deleted or anonymized.
Other data (e.g., contact form submissions): deleted after 6 months unless a legal obligation requires longer retention.

8. Changes to This Policy

We reserve the right to update this GDPR Compliance Policy. Any changes will be posted on this page and the “Last Updated” date will be revised. We encourage you to review this policy periodically to stay informed about how we protect your data.

9. Contact Information

For any questions, concerns, or GDPR requests, please contact our Data Protection Officer at:

GDPR Officer
Mumcookjoy
Email: [email protected]