Back to Home

Privacy Policy

Last Updated: May 2026

1. Controller of Data Processing

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
Viktoriia Hrodetska
Heidenheimer Straße 24
85748 Garching bei Muenchen
Germany
Email: info.foodb@gmail.com

2. General Scope

This Privacy Policy applies exclusively to the website foodatabase.com. It does not apply to the Eatrack mobile application. Information regarding data processing within the App can be found in the separate App Privacy Policy.

3. No Cookies and No Analytics

We value your privacy. This website is built to be strictly informational.

  • No Cookies: We do not set any cookies on your device.
  • No Tracking: We do not use Google Analytics, Facebook Pixels, or any other third-party tracking or analytics software to monitor your behavior on this site.

4. Hosting and Server Log Files

To make this website available securely and quickly, we use the hosting, domain, and Content Delivery Network (CDN) services of Cloudflare (Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA).

When you visit our website, your connection is routed through Cloudflare’s servers. During this process, your browser automatically transmits certain technical data, which is temporarily stored in server log files. The collected data includes:

  • IP address
  • Browser type and version
  • Operating system used
  • Referrer URL (the previously visited page)
  • Date and time of the server request


Purpose and Legal Basis:
This data is technically necessary to display our website to you, deliver content efficiently, and guarantee the site's stability and security (e.g., detecting and defending against DDoS attacks). The legal basis for this processing is our legitimate interest according to Art. 6(1)(f) GDPR.
Data Transfer to the USA:
Because Cloudflare is based in the United States, your technical data may be processed outside the European Economic Area (EEA). Cloudflare is officially certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of data protection as determined by the European Commission. Additionally, data transfers are safeguarded by Standard Contractual Clauses (SCCs). We have concluded a Data Processing Agreement (DPA) with Cloudflare to ensure they process data strictly according to our instructions and GDPR requirements.

5. Contacting Us

If you contact us via email, the personal data you provide (such as your email address and the content of your message) will be stored and processed by us solely for the purpose of answering your inquiry.
The legal basis for this is our legitimate interest in responding to user inquiries (Art. 6(1)(f) GDPR) or, if your inquiry relates to a potential or existing contract, the performance of contractual measures (Art. 6(1)(b) GDPR). We will delete this data when the conversation is concluded and no legal retention periods require further storage.

6. Your Rights Under the GDPR

As a data subject, you have the following rights regarding your personal data:

  • Right of Access (Art. 15 GDPR): You can request information about the data we process about you.
  • Right to Rectification (Art. 16 GDPR): You can demand the correction of incorrect data or the completion of incomplete data.
  • Right to Erasure (Art. 17 GDPR): You can request the deletion of your data, provided no legal obligations prevent this.
  • Right to Restriction of Processing (Art. 18 GDPR): You can request that we restrict the processing of your data.
  • Right to Data Portability (Art. 20 GDPR): You have the right to receive your data in a structured, common, and machine-readable format.
  • Right to Object (Art. 21 GDPR): You can object to the processing of your data based on legitimate interests (Art. 6(1)(f) GDPR) at any time.


To exercise any of these rights, please contact us at the email address provided in Section 1.
Right to lodge a complaint: Furthermore, you have the right to lodge a complaint with a competent data protection supervisory authority if you believe that the processing of your personal data violates the GDPR.

7. Data Retention

We only store personal data for as long as it is necessary to achieve the purposes stated in this Privacy Policy, or as required by legally mandated retention periods.

  • Server Log Files: Technical logs collected by our hosting provider (Cloudflare) are routinely deleted or anonymized after a few days, unless further retention is required to investigate a specific security incident (e.g., a cyberattack).
  • Email Communications: Inquiries sent via email are deleted once the conversation is permanently concluded and the matter is resolved, provided there are no statutory retention obligations (e.g., for business correspondence).

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties.

9. Changes to this Privacy Policy

We reserve the right to update or modify this Privacy Policy to ensure it complies with current legal requirements or to reflect changes to our website (e.g., the introduction of new features). The current version published on this website always applies to your visit.