GDPR Compliance

1. Introduction

At Menu30, we are committed to protecting the privacy and security of your personal data. This GDPR Compliance page explains how we comply with the General Data Protection Regulation (GDPR), which is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.

2. Data Controller

Menu30 is the data controller for the personal data we process. This means we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this GDPR Compliance page.

Our contact details are:

Menu30
123 AI Avenue, Tech City, TC 12345
Email: privacy@menu30.com

3. Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this GDPR Compliance page. If you have any questions about this GDPR Compliance page, including any requests to exercise your legal rights, please contact the DPO using the details set out below:

Data Protection Officer
Menu30
123 AI Avenue, Tech City, TC 12345
Email: dpo@menu30.com

4. Your Rights Under GDPR

Under the GDPR, you have the following rights:

Right to be informed

You have the right to be informed about the collection and use of your personal data. This is a key transparency requirement under the GDPR.

Right of access

You have the right to access your personal data and supplementary information. This allows you to be aware of and verify the lawfulness of the processing.

Right to rectification

You have the right to have inaccurate personal data rectified, or completed if it is incomplete.

Right to erasure

You have the right to have your personal data erased in certain circumstances.

Right to restrict processing

You have the right to request the restriction or suppression of your personal data in certain circumstances.

Right to data portability

You have the right to obtain and reuse your personal data for your own purposes across different services.

Right to object

You have the right to object to the processing of your personal data in certain circumstances.

Rights related to automated decision making including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

5. How to Exercise Your Rights

You can exercise your rights by contacting our Data Protection Officer using the contact details provided above. We will respond to your request within one month of receipt of the request.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

6. Data Processing

We process your personal data for the following purposes:

  • To provide our services to you
  • To manage your account
  • To communicate with you
  • To improve our services
  • To comply with legal obligations

We process your personal data on the following legal bases:

  • Your consent
  • Performance of a contract
  • Compliance with a legal obligation
  • Legitimate interests

7. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

8. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

9. International Transfers

We may transfer your personal data to countries outside the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
  • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

10. Complaints

You have the right to make a complaint at any time to the supervisory authority for data protection issues in your country. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us in the first instance.

Last Updated: May 7, 2025

Built with v0