GDPR Compliance

Last updated: 11/2/2025

Introduction

ChiliFunFactory is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This page explains how we process your personal data, your rights under GDPR, and how you can exercise those rights.

Data Controller

ChiliFunFactory acts as the data controller for the personal information we collect and process. You can contact our Data Protection Officer at support@sidexlabs.net.

Personal Data We Collect

Under GDPR, we collect and process the following categories of personal data:

  • Identity Data: Name, username, account identifier
  • Contact Data: Email address
  • Technical Data: IP address, browser type, device information, usage logs
  • Profile Data: Account preferences, settings, and feedback
  • Nutrition and Health Data (Special Category Data):
    • Dietary preferences and restrictions
    • Food allergies and intolerances
    • Nutrition goals and targets
    • Daily food intake logs and meal tracking
    • Weight management objectives
    • Macronutrient and calorie tracking data
    • Health-related dietary objectives
  • Usage Data: Recipe views, saved recipes, meal plans, search queries, and interaction patterns

Important: Nutrition and health-related data is considered “special category data” under GDPR Article 9 and receives enhanced protection. We process this data only with your explicit consent and for the specific purposes you have authorized.

Legal Basis for Processing

We process your personal data under the following legal bases:

  • Consent (Article 6(1)(a) and Article 9(2)(a)): For processing special category health and nutrition data, we rely on your explicit consent, which you provide when setting up nutrition tracking features
  • Contractual Necessity (Article 6(1)(b)): To provide our recipe and meal planning services as per our Terms of Service
  • Legitimate Interests (Article 6(1)(f)): To improve our services, prevent fraud, and ensure platform security, where such interests do not override your fundamental rights
  • Legal Obligation (Article 6(1)(c)): To comply with applicable laws and regulations

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

1. Right of Access (Article 15)

You have the right to request access to your personal data and obtain confirmation of whether we are processing your data.

How to exercise: Visit your account settings to view all your data, or contact us to request a complete data export.

2. Right to Rectification (Article 16)

You can correct inaccurate or incomplete personal data.

How to exercise: Update your information directly in your account settings or contact us for assistance.

3. Right to Erasure / “Right to be Forgotten” (Article 17)

You can request deletion of your personal data, including all nutrition and health data we have collected.

How to exercise: Delete individual entries through your account settings, or request full account deletion by contacting support@sidexlabs.net. We will process deletion requests within 30 days.

4. Right to Data Portability (Article 20)

You can receive your personal data in a structured, commonly-used, machine-readable format and transfer it to another service.

How to exercise: Export your data in JSON or CSV format through your account settings. This includes all your nutrition tracking data, recipes, meal plans, and preferences.

5. Right to Restriction of Processing (Article 18)

You can request that we limit how we use your personal data in certain circumstances.

How to exercise: Contact us at support@sidexlabs.net to discuss your specific requirements.

6. Right to Object (Article 21)

You can object to processing based on legitimate interests or for direct marketing purposes.

How to exercise: Adjust your preferences in account settings or contact us to opt-out of specific processing activities.

7. Right to Withdraw Consent (Article 7(3))

For data processed based on consent (especially nutrition and health data), you can withdraw your consent at any time.

How to exercise: Disable nutrition tracking features in your account settings or delete your nutrition data entirely. Withdrawal of consent does not affect the lawfulness of processing before withdrawal.

Data Export and Deletion Procedures

Exporting Your Nutrition Data

To export your complete nutrition and personal data:

  1. Log in to your ChiliFunFactory account
  2. Navigate to Settings > Privacy > Data Export
  3. Select your preferred format (JSON or CSV)
  4. Click “Request Export”
  5. You will receive a download link within 24 hours to your registered email

The export will include all your personal data, nutrition tracking history, saved recipes, meal plans, and account settings.

Deleting Your Nutrition Data

You have granular control over your nutrition data deletion:

  • Individual Entries: Delete specific meal logs or tracking entries from your dashboard
  • Partial Deletion: Clear tracking history for a specific date range via Settings > Privacy
  • Complete Nutrition Data: Remove all nutrition tracking data while keeping your account via Settings > Privacy > Delete All Nutrition Data
  • Full Account Deletion: Delete your entire account and all associated data via Settings > Account > Delete Account, or email support@sidexlabs.net

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer your data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Ensuring service providers are certified under recognized data protection frameworks
  • Implementing technical and organizational security measures

Data Retention Periods

We retain your personal data only for as long as necessary:

  • Active Account Data: Retained while your account is active
  • Nutrition Tracking Data: Retained until you delete it or close your account
  • After Account Deletion: Permanently deleted within 30 days, except for limited data we must retain for legal obligations (e.g., financial records for 7 years)
  • Backup Systems: Deleted data purged from backups within 90 days

Automated Decision-Making and Profiling

ChiliFunFactory uses AI and automated systems to:

  • Generate personalized recipe recommendations
  • Calculate nutritional values
  • Suggest meal plans based on your preferences

These automated processes do not have legal or similarly significant effects on you. You have the right to:

  • Opt-out of personalized recommendations
  • Request human review of automated suggestions
  • Understand the logic behind recommendations

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local supervisory authority. In the EU, you can find your data protection authority at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

However, we encourage you to contact us first at support@sidexlabs.net so we can address your concerns directly.

Response Times

We are committed to responding to your GDPR rights requests promptly:

  • Initial Response: Within 72 hours of receiving your request
  • Full Response: Within 30 days (may be extended to 60 days for complex requests with prior notice)
  • Data Export: Provided within 24 hours of request
  • Data Deletion: Completed within 30 days

Contact Information

For any questions about GDPR compliance or to exercise your rights, please contact our Data Protection Officer:

Email: support@sidexlabs.net

Please include “GDPR Request” in your subject line to ensure priority handling.

    ChiliFunFactory - Spice Up Your Cooking