Privacy Policy

1. Who We Are

Meal Prep Daily is a meal preparation and delivery company based in the United Kingdom. We operate the website at mealprepdaily.co.uk and associated ordering platforms.

Contact Details

Data Controller: Meal Prep Daily Ltd
Email: support@mealprepdaily.co.uk
Address: 128 City Road, London EC1V 2NX

If you have any questions about how we handle your personal data, please contact us at the address above.

2. What Data We Collect

We collect and process the following categories of personal data:

Data You Provide to Us

• Full name and contact details (email address, phone number)
• Delivery address and postcode
• Order details including meal selections, dietary preferences and special requests
• Payment information (processed securely via Stripe or PayPal — we do not store card details)
• Communications you send us (emails, messages, enquiries)
• Marketing preferences (if you opt in to receive updates)

Data Collected Automatically

• IP address and browser type
• Pages visited and time spent on our website
• Device information and operating system
• Referral source (how you found us)
• Cookie data (see Section 7 — Cookie Policy)

Special Category Data

If you provide information about dietary requirements, allergies or health conditions in your order notes, this may constitute special category data under UK GDPR. We process this information solely to fulfil your order and keep you safe. We will never share this information with third parties except where necessary for delivery or legal compliance.

3. How We Use Your Data

We use your personal data for the following purposes:

To Fulfil Your Order (Contract Performance)

• Processing and managing your meal orders
• Arranging delivery to your address
• Communicating order confirmations, updates and delivery information
• Handling returns, refunds or complaints

Legal Obligations

• Maintaining financial and transaction records as required by HMRC
• Complying with food safety and allergen regulations
• Responding to lawful requests from regulators or law enforcement

Legitimate Interests

• Improving our website, services and customer experience
• Fraud prevention and security monitoring
• Analysing how our website is used (via anonymised analytics)

With Your Consent

• Sending marketing emails, SMS or social media updates (you can withdraw consent at any time)
• Placing non-essential cookies on your device

4. Who We Share Your Data With

We do not sell your personal data. We may share it with trusted third parties only where necessary:

• Payment processors — Stripe and/or PayPal, for secure payment processing
• Delivery partners — couriers who need your name and address to deliver your order
• IT and hosting providers — companies that support our website and data infrastructure
• Analytics providers — such as Google Analytics (anonymised data only)
• Email/marketing platforms — if you have opted in to marketing communications
• Legal or regulatory authorities — where required by law

All third parties are required to handle your data securely and in accordance with UK GDPR.

5. How Long We Keep Your Data

• Order and transaction records — 7 years (required for tax and accounting purposes)
• Customer account data — for as long as your account is active, plus 2 years after last activity
• Marketing data — until you unsubscribe or withdraw consent
• Website analytics data — 26 months (Google Analytics default)
• Support and communications — 3 years from last contact

After these periods, data is securely deleted or anonymised.

6. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

• Right of access — you can request a copy of the personal data we hold about you
• Right to rectification — you can ask us to correct inaccurate or incomplete data
• Right to erasure — you can ask us to delete your data in certain circumstances
• Right to restriction — you can ask us to limit how we use your data
• Right to data portability — you can request your data in a structured, machine-readable format
• Right to object — you can object to processing based on legitimate interests or for marketing
• Rights related to automated decision-making — we do not use automated decision-making or profiling

To exercise any of these rights, contact us at support@mealprepdaily.co.uk. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

7. Cookie Policy

Our website uses cookies — small text files stored on your device. We use the following types:

Essential Cookies

These are necessary for the website to function and cannot be switched off. They include session cookies that remember your order as you navigate the site.

Analytics Cookies

We use Google Analytics to understand how visitors use our website. This data is anonymised and aggregated. These cookies are only placed with your consent.

Marketing Cookies

If you have clicked through from a social media advert or marketing link, cookies may track the effectiveness of that campaign. These are only placed with your consent.

You can manage your cookie preferences at any time by clicking "Manage Cookies" in the footer, or by adjusting your browser settings. Note that disabling essential cookies may affect website functionality.

8. Data Security

We take data security seriously and implement appropriate technical and organisational measures to protect your personal data, including:

• SSL/TLS encryption on all data transmission
• Secure, encrypted payment processing via Stripe and PayPal (we never store card numbers)
• Access controls limiting who can view personal data within our team
• Regular security reviews

In the unlikely event of a data breach that poses a risk to your rights, we will notify you and the ICO within 72 hours as required by UK GDPR.

9. International Transfers

Some of our third-party service providers may process data outside the UK or EEA. Where this happens, we ensure appropriate safeguards are in place, such as UK adequacy decisions or standard contractual clauses.

10. Children's Privacy

Our services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the date at the top of this page. We encourage you to review this policy periodically. Continued use of our website following any changes constitutes your acceptance of the updated policy.

12. Contact Us

For any questions, requests or concerns about this Privacy Policy or how we handle your data, please contact us: