Privacy Policy – GDPR & US Compliance

Effective Date: December 13, 2025
Last Updated: December 13, 2025

Welcome to Smart Diet Hacks. Protecting your personal data and respecting your privacy is of utmost importance to us. This Privacy Policy explains how we collect, use, and safeguard your personal information in compliance with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and applicable international data protection laws.​

---

1. Data Controller Information

The Data Controller for your personal information is:

Smart Diet Hacks
Chef Steve Morrison

Email: steve@smartdietshacks.com
Phone: +212 608 567 688

---

2. Personal Data We Collect

We collect and process the following types of personal data:​

Contact Information:

• Name
• Email address
• Phone number
• Mailing address

Health and Nutrition Information (Optional):

• Dietary preferences and restrictions
• Health goals and wellness objectives
• Food allergies or intolerances
• Lifestyle information (only when voluntarily provided for coaching services)

Payment Information:

• Billing address
• Transaction details
• Payment method information (processed by secure third-party payment processors)

Technical Information:

• IP address
• Browser type and version
• Device information
• Website usage data and analytics
• Cookies and tracking data (see Section 8)

Communication Data:

• Messages sent through contact forms
• Email correspondence
• Newsletter subscription preferences

---

3. How We Use Your Personal Data

Your personal data is used for the following purposes:​

To Provide Services:

• Deliver personalized nutrition coaching and wellness consultations
• Respond to your inquiries and questions
• Send requested recipes, meal plans, or nutrition information
• Process and fulfill consultation bookings

For Communication:

• Send newsletter updates about new recipes, articles, and wellness tips (with your consent)
• Notify you about website updates or changes to our services
• Respond to your comments and feedback

For Website Improvement:

• Analyze website traffic and user behavior
• Improve user experience and website functionality
• Develop new content based on user interests

For Legal Compliance:

• Comply with applicable laws and regulations
• Respond to legal requests or prevent fraud
• Enforce our Terms of Service

For Marketing (With Consent):

• Send promotional emails about services or products
• Share relevant health and nutrition content
• Inform you about special offers or partnerships

---

4. Legal Basis for Processing Your Data (GDPR)

Under GDPR, we process your data based on the following lawful grounds:​

Consent: When you provide explicit consent for processing your health-related information, newsletter subscriptions, or marketing communications

Contractual Necessity: To fulfill nutrition coaching services you request or consultation agreements

Legal Obligation: To comply with applicable laws, regulations, and legal requirements

Legitimate Interests: For website improvement, analytics, fraud prevention, and safeguarding our services (where your interests don’t override ours)

---

5. Sharing Your Data

We do not sell, rent, or trade your personal data to third parties.​

We may share your information with:

Service Providers:

• Email marketing platforms (e.g., Mailchimp, ConvertKit)
• Website hosting providers
• Payment processors (e.g., Stripe, PayPal)
• Analytics services (e.g., Google Analytics)
• Customer support tools

Legal Authorities:

• When required by law or legal process
• To protect our rights or safety
• To prevent fraud or illegal activities

All third-party providers are contractually required to handle your data in accordance with GDPR requirements and maintain appropriate security measures.​

---

6. International Data Transfers

Some of our service providers (e.g., email platforms, hosting) may be located outside your country or the European Economic Area (EEA).​

When your personal data is transferred internationally, we ensure it is protected by:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions recognizing equivalent data protection
• Other appropriate safeguards compliant with GDPR Article 46

---

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:​

Contact Form Data: 2 years from last communication
Newsletter Subscribers: Until you unsubscribe
Coaching Clients: 7 years after service completion (for legal/tax purposes)
Website Analytics: 26 months (Google Analytics default)
Payment Records: As required by tax and accounting laws

Health-related data will be securely deleted upon request or termination of coaching relationship, unless legally required to retain it.​

---

8. Cookies and Website Tracking

Our website uses cookies to enhance user experience and collect analytical data.​

What Are Cookies?
Cookies are small text files stored on your device that help us recognize you and remember your preferences.

Types of Cookies We Use:

Necessary Cookies (Essential):

• Required for website functionality
• Cannot be disabled
• Enable basic features like page navigation and secure access

Analytics Cookies:

• Google Analytics (tracks website usage and performance)
• Helps us understand how visitors use our site
• Provides insights to improve content and user experience

Marketing Cookies:

• Track visitors across websites
• Used for advertising and retargeting campaigns
• Require your consent before activation

Your Cookie Choices:​

• You can manage cookie preferences through our cookie consent banner
• Adjust settings in your browser to refuse cookies
• Delete existing cookies through browser settings
• Note: Blocking necessary cookies may affect website functionality

Cookie Consent Requirements:
We obtain your explicit consent before placing non-essential cookies. You can withdraw consent at any time through your browser settings or our cookie management tool.​

---

9. Your Data Protection Rights (GDPR – EU Residents)

Under GDPR, you have the following rights:​

Right to Access: Request a copy of your personal data we hold

Right to Rectification: Correct inaccurate or incomplete data

Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data

Right to Restriction: Limit how we process your personal data

Right to Data Portability: Receive your data in a structured, machine-readable format

Right to Object: Object to data processing based on legitimate interests or for marketing purposes

Right to Withdraw Consent: Withdraw consent at any time for processing relying on consent (without affecting prior lawful processing)

Right to Lodge a Complaint: File a complaint with your local Data Protection Authority

To Exercise Your Rights:
Email us at steve@smartdietshacks.com with your request. We will respond within 30 days (or 60 days for complex requests, with notification).​

---

10. Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have additional privacy rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).​

Your California Privacy Rights

Right to Know:
You can request disclosure of the categories and specific pieces of personal information we’ve collected about you in the past 12 months.​

Right to Delete:
You can request deletion of your personal information, subject to certain exceptions required by law.

Right to Correct:
You can request correction of inaccurate personal information we maintain about you.​

Right to Opt-Out of Sale/Sharing:
We do not sell your personal information. However, our use of analytics and advertising cookies may constitute “sharing” under CCPA. You can opt-out through our cookie consent banner or by clicking “Do Not Sell or Share My Personal Information” in our footer.​

Right to Limit Sensitive Personal Information:
If we collect sensitive personal information (health data, precise geolocation), you can limit our use of it to necessary business purposes only.​

Right to Non-Discrimination:
We will not discriminate against you for exercising your CCPA privacy rights. You will receive the same service and pricing.​

Categories of Personal Information We Collect (CCPA)

Under CCPA, we collect the following categories:​

• Identifiers: Name, email, phone number, IP address
• Commercial Information: Purchase history, consultation bookings
• Internet Activity: Website usage, browsing behavior, analytics data
• Sensitive Personal Information: Dietary preferences, food allergies, wellness goals (only when voluntarily provided for coaching)
• Inferences: Preferences and characteristics derived from your activity

How We Use Your Information (CCPA)

We use personal information for:​

• Providing nutrition coaching services
• Responding to inquiries
• Sending newsletters (with consent)
• Website analytics and improvement
• Legal compliance
• Fraud prevention

Third-Party Sharing (CCPA)

We share personal information with:​

• Service Providers: Email platforms (Mailchimp), hosting providers, analytics (Google Analytics)
• Analytics Partners: Google Analytics for website performance
• Payment Processors: Stripe, PayPal for transaction processing

We do NOT sell your personal information for monetary consideration.​

How to Exercise Your California Rights

Submit a Request:

• Email: steve@smartdietshacks.com with “CCPA Request” in subject line
• Phone: +212 608 567 688
• Include: Your name, email, and specific request type

Verification: We will verify your identity before processing requests to protect your privacy.​

Response Time: We respond within 45 days (may extend to 90 days for complex requests with notification).​

Authorized Agents: You may designate an authorized agent to make requests on your behalf with proper documentation.

Do Not Sell or Share My Personal Information

We honor Global Privacy Control (GPC) browser signals as valid opt-out requests.​

---

11. Additional Rights for Other US State Residents

Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA):
If you reside in these states, you may have similar rights to California residents regarding access, deletion, correction, and opt-out. Contact us at steve@smartdietshacks.com to exercise these rights.​

---

12. Security Measures

We implement robust security measures to protect your data from unauthorized access, alteration, disclosure, or destruction:​

✓ SSL/TLS Encryption for data transmission
✓ Secure servers with firewall protection
✓ Regular security assessments and updates
✓ Access controls limiting who can view personal data
✓ Password protection for sensitive systems
✓ Data backup procedures to prevent loss

While we use industry-standard security practices, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but continuously work to protect your information.

---

13. Children’s Privacy

Smart Diet Hacks is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16 without parental consent.​

If you believe we have collected information from a child under 16, please contact us immediately so we can delete it.

---

14. Third-Party Links

Our website may contain links to third-party websites, products, or services. We are not responsible for the privacy practices of these external sites.​

We encourage you to review the privacy policies of any third-party sites you visit.

---

15. Email Marketing and Communications

Newsletter Subscriptions:

• You can subscribe to receive nutrition tips, recipes, and wellness content
• Every email includes an unsubscribe link
• We never share your email with third parties for their marketing

Unsubscribe:

• Click “unsubscribe” in any marketing email
• Email steve@smartdietshacks.com with “UNSUBSCRIBE” in the subject
• We will process requests within 48 hours

Transactional Emails:

• Service-related emails (consultation confirmations, account updates) are not marketing and cannot be opted out of while using our services

---

16. Complaints and Data Protection Authority

For EU Residents:
Contact your local Data Protection Authority. Find yours at: https://edpb.europa.eu/about-edpb/board/members_en​

For California Residents:
California Attorney General’s Office: https://oag.ca.gov/privacy/ccpa​

We encourage you to contact us first at steve@smartdietshacks.com to resolve any concerns directly.

---

17. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements.​

When We Update:

• The “Last Updated” date at the top will change
• Significant changes will be communicated via email to newsletter subscribers
• Continued use of our website after updates constitutes acceptance

We recommend reviewing this policy regularly to stay informed about how we protect your data.

---

18. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or your personal data:

Email: steve@smartdietshacks.com
Phone: +212 608 567 688

We aim to respond to all privacy-related inquiries within 30 days (GDPR) or 45 days (CCPA).

---

Summary of Your Rights

All Users:
✓ Know what data we collect and how we use it
✓ Access your personal data
✓ Correct inaccurate information
✓ Request deletion of your data
✓ Opt-out of marketing communications
✓ Manage cookie preferences

EU Residents (GDPR):
✓ Data portability
✓ Restrict processing
✓ Object to processing
✓ Lodge complaints with Data Protection Authority

California Residents (CCPA/CPRA):
✓ Opt-out of sale/sharing
✓ Limit sensitive personal information use
✓ Non-discrimination guarantee

Thank you for trusting Smart Diet Hacks with your personal information.

---

Last Updated: December 13, 2025