GDPR & CCPA Privacy Policy – Daily Tonic Plan

Effective Date: December 08, 2025

At DailyTonicPlan.com, we are committed to protecting your privacy and ensuring transparency in how we collect, use, and protect your data. This GDPR & CCPA Privacy Policy outlines your rights and our responsibilities under both the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Who We Are

DailyTonicPlan.com is a wellness-focused recipe website providing nourishing recipes, nutritional information, and wellness content to our global community.

Data Controller:
Daily Tonic Plan
Chef Emma Stone

If you have any questions about this policy or your personal data, please contact us:

📧 Email: contact@dailytonicplan.com
🌐 Website: https://dailytonicplan.com

2. What Information We Collect

We may collect the following types of personal data from you:

Personal Identifiers:

  • Name and email address (when subscribing to newsletters, downloading resources, or contacting us)
  • Username (if you create an account)
  • Phone number (if voluntarily provided)

Technical Data:

  • IP address
  • Device type and browser information
  • Operating system
  • Referring website
  • Pages visited on our site
  • Time spent on pages
  • Click data

Cookies and Usage Data:

  • Cookies (small text files stored on your device)
  • Web beacons and tracking pixels
  • Analytics data (pages viewed, time on site, user behavior)
  • Cookie preferences

Voluntarily Submitted Data:

  • Comments on recipes or blog posts
  • Recipe photos you share
  • Testimonials or reviews
  • Contact form submissions
  • Survey responses
  • Any other information you choose to provide

We only collect information that is necessary to operate our website and provide you with services, in accordance with applicable laws.

3. How We Use Your Information

We use your personal data for the following purposes:

Communication:

  • Send you newsletters, recipes, and wellness tips (only if you opt in)
  • Respond to your inquiries, questions, or feedback
  • Send transactional emails (e.g., download confirmations)
  • Notify you of important updates or changes

Website Operations:

  • Monitor and improve our website performance and content
  • Analyze user behavior to enhance user experience
  • Customize content based on your preferences
  • Troubleshoot technical issues

Security and Legal:

  • Detect and prevent fraud, spam, or abuse
  • Comply with legal obligations
  • Protect our rights and property
  • Enforce our Terms and Conditions

Marketing (with consent):

  • Send promotional content about our products or services
  • Share updates about new recipes or features
  • Provide personalized recommendations

Advertising:

  • Serve relevant ads through third-party networks (with consent)
  • Measure ad performance

We do not sell your personal data to third parties.

4. Legal Bases for Processing (GDPR)

Under the GDPR, we rely on the following lawful bases to collect and process your personal information:

Consent:

  • When you voluntarily subscribe to our newsletter
  • When you accept cookies through our cookie banner
  • When you submit forms or comments
  • When you provide explicit consent for specific purposes

Contractual Obligation:

  • When you request services or information from us
  • To fulfill requests you make through our website

Legitimate Interest:

  • To improve site functionality and user experience
  • To ensure website security and prevent fraud
  • To analyze website traffic and performance
  • To communicate important updates about our services

Legal Obligation:

  • To comply with laws and regulations
  • To respond to legal requests or court orders
  • To protect rights and safety

You have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

5. Your GDPR Rights (for EU/EEA Users)

If you are located in the European Union or European Economic Area, you have the following rights under GDPR:

Right to Access (Article 15):

  • You can request a copy of the personal data we hold about you
  • We will provide this information in a structured, commonly used format

Right to Rectification (Article 16):

  • You can request corrections to inaccurate or incomplete personal data
  • We will update your information promptly

Right to Erasure / “Right to be Forgotten” (Article 17):

  • You can request we delete your personal data
  • Subject to legal obligations and legitimate interests

Right to Restrict Processing (Article 18):

  • You can request we limit how we use your data in certain circumstances
  • For example, while we verify accuracy of contested data

Right to Object (Article 21):

  • You can object to processing based on legitimate interests
  • You can object to direct marketing at any time

Right to Data Portability (Article 20):

  • You can request your data in a portable format
  • You can request we transfer your data to another service

Right to Withdraw Consent (Article 7):

  • You can withdraw consent at any time
  • This won’t affect the lawfulness of processing before withdrawal

Right to Lodge a Complaint:

  • You can file a complaint with your local data protection authority
  • We encourage you to contact us first to resolve issues

How to Exercise Your Rights: Email us at: contact@dailytonicplan.com

Please include:

  • Your name and email address
  • Specific right you wish to exercise
  • Any relevant details or documentation

We will respond within 30 days of receiving your request.

6. Your CCPA Rights (for California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

Right to Know (CCPA § 1798.100):

  • What categories of personal information we collect
  • The sources from which we collect it
  • Our business or commercial purposes for collecting it
  • The categories of third parties with whom we share it
  • The specific pieces of personal information we have collected about you

Right to Delete (CCPA § 1798.105):

  • You can request we delete your personal information
  • Subject to certain exceptions (e.g., legal compliance, fraud prevention)

Right to Opt-Out of Sale (CCPA § 1798.120):

  • You may opt out of the sale of your personal data
  • Important: We do NOT sell your personal data to third parties

Right to Non-Discrimination (CCPA § 1798.125):

  • You will not be penalized for exercising your CCPA rights
  • We will not deny services, charge different prices, or provide different quality of service

Right to Correct (CPRA Amendment):

  • You can request we correct inaccurate personal information

Right to Limit Use of Sensitive Personal Information:

  • You can limit our use of sensitive personal information to necessary purposes

How to Submit a CCPA Request:

Email us at: contact@dailytonicplan.com

Include in your request:

  • Your full name
  • Email address associated with your account
  • Specific request (know, delete, opt-out)
  • Enough information for us to verify your identity

Verification Process: We will verify your identity before processing requests. We may ask for:

  • Email confirmation
  • Additional identifying information
  • Proof of California residency (for CCPA requests)

Response Time: We will respond within 45 days (extendable by another 45 days if needed).

Authorized Agents: You may designate an authorized agent to submit requests on your behalf. The agent must provide proof of authorization.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website.

What are Cookies? Cookies are small text files stored on your device that help us remember your preferences and understand how you use our site.

Types of Cookies We Use:

Essential Cookies (Required):

  • Enable basic website functionality
  • Remember your cookie preferences
  • Maintain security
  • Cannot be disabled without affecting site functionality

Analytics Cookies (Optional):

  • Google Analytics to understand site usage
  • Track page views, session duration, bounce rates
  • Help us improve content and user experience

Functionality Cookies (Optional):

  • Remember your preferences (e.g., language)
  • Personalize your experience
  • Save your settings

Advertising Cookies (Optional):

  • Deliver relevant ads through Google AdSense
  • Measure ad performance
  • Limit ad frequency

How We Get Consent: Upon your first visit to our website, we display a cookie banner asking for your consent to use non-essential cookies. You can:

  • Accept all cookies
  • Reject optional cookies
  • Customize your preferences

Managing Cookies: You can control cookies through:

  • Our cookie preference center (link in footer)
  • Your browser settings
  • Third-party opt-out tools

Browser Settings: Most browsers allow you to:

  • Block all cookies
  • Block third-party cookies
  • Delete cookies
  • Receive warnings before cookies are stored

Note: Disabling cookies may affect website functionality and your user experience.

Third-Party Cookies: We use the following third-party services that may set cookies:

  • Google Analytics: Analytics and performance tracking
  • Google AdSense: Advertising
  • Email service provider: Newsletter management
  • Social media platforms: Social sharing features

Each service operates under its own privacy policy.

8. Data Security

We take appropriate technical and organizational measures to protect your personal information from unauthorized access, loss, misuse, alteration, or destruction.

Security Measures Include:

  • SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted
  • Secure Hosting: Our website is hosted on secure servers with industry-standard protections
  • Access Controls: Limited access to personal data by authorized personnel only
  • Regular Security Audits: Ongoing monitoring and updating of security practices
  • Password Protection: Secure password requirements for accounts
  • Data Minimization: We only collect data we actually need

However: No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information using commercially acceptable means, we cannot guarantee absolute security.

You use our website at your own risk.

Your Responsibility:

  • Keep your login credentials confidential
  • Use strong, unique passwords
  • Log out of your account when using shared devices
  • Notify us immediately of any unauthorized access

Data Breach Notification: In the unlikely event of a data breach affecting your personal information, we will notify you:

  • Within 72 hours (GDPR requirement)
  • Via email to your registered address
  • With details about the breach and steps you should take

9. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which we collected it, or to comply with legal obligations.

Retention Periods:

Email Subscribers:

  • Retained until you unsubscribe
  • Deleted within 30 days of unsubscribe request

Comments:

  • Retained indefinitely unless deletion is requested
  • Can be deleted upon request

Analytics Data:

  • Retained according to our analytics provider’s policy
  • Typically 26 months for Google Analytics
  • Can be anonymized or deleted earlier upon request

Contact Form Submissions:

  • Retained for 2 years
  • Can be deleted upon request

Account Data:

  • Retained while your account is active
  • Deleted within 90 days of account closure request

Legal Requirements: We may retain data longer if required by law or to:

  • Resolve disputes
  • Enforce agreements
  • Comply with tax or accounting regulations

Deletion Process: When data is deleted:

  • Removed from active databases
  • Backed up data deleted within standard backup cycles
  • Anonymized if deletion is not possible due to technical constraints

10. Third-Party Services

We may use third-party services to help operate our website and provide you with better service.

Services We Use:

Analytics:

  • Google Analytics: Website traffic analysis
  • Collects anonymous usage data
  • Privacy Policy: https://policies.google.com/privacy

Email Marketing:

  • ConvertKit / Mailchimp / [Your Provider]: Newsletter delivery
  • Stores email addresses and preferences
  • Privacy Policy: [Provider’s Privacy Policy]

Advertising:

  • Google AdSense: Display advertising
  • May use cookies for ad targeting
  • Privacy Policy: https://policies.google.com/privacy

Hosting:

  • [Your Hosting Provider]: Website hosting and storage
  • Data stored on secure servers
  • Privacy Policy: [Provider’s Privacy Policy]

Social Media:

  • Instagram, Pinterest, Facebook: Social sharing and embeds
  • May set cookies when you interact with embedded content
  • Privacy Policies: [Respective platform policies]

Payment Processing (if applicable):

  • We do not store credit card information
  • All payments processed by secure third-party processors

Important: These third-party services may collect data in accordance with their own privacy policies. We encourage you to review their terms. We are not responsible for the privacy practices of third-party services.

Data Sharing: We only share data with third parties that:

  • Are necessary for our operations
  • Have appropriate security measures
  • Comply with GDPR and CCPA requirements
  • Have signed data processing agreements (where applicable)

11. International Data Transfers

Our website is accessible globally. If you access our site from outside the region where our servers are located, your data may be transferred to and processed in different countries.

For EU/EEA Users: If your data is transferred outside the EU/EEA, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • Privacy Shield certification (where applicable)
  • Adequacy decisions by the European Commission
  • Other lawful transfer mechanisms

Your Rights: You can request information about international transfers and the safeguards in place by contacting us.

12. Children’s Privacy

DailyTonicPlan.com is not intended for children under 16 years of age (or 13 in the United States under COPPA).

We do not knowingly collect personal information from children.

If we discover we have collected data from a child without parental consent:

  • We will delete it immediately
  • We will not use it for any purpose
  • We will not share it with third parties

Parents/Guardians: If you believe your child has provided us with personal information, please contact us immediately at contact@dailytonicplan.com.

13. Changes to This Policy

We reserve the right to update this GDPR & CCPA Privacy Policy at any time to reflect:

  • Changes in our practices
  • Legal requirements
  • New features or services
  • Feedback from users

When We Update: Changes will be posted on this page with a revised effective date at the top.

Notification: For significant changes:

  • We will notify you via email (if you’re subscribed)
  • We will display a prominent notice on our website
  • We may request renewed consent where required

Your Responsibility: Please review this policy periodically to stay informed about how we protect your data.

Continued Use: Your continued use of the website after changes constitutes acceptance of the updated policy.

14. Data Protection Officer

For GDPR compliance purposes, you can contact our designated representative for data protection matters:

📧 Email: contact@dailytonicplan.com
Subject Line: “GDPR Data Protection Inquiry”

15. Supervisory Authority

For EU/EEA Users: You have the right to lodge a complaint with a supervisory authority in your country if you believe we have violated your data protection rights.

Find Your Authority: https://edpb.europa.eu/about-edpb/board/members_en

We encourage you to contact us first so we can attempt to resolve your concerns directly.

16. California “Shine the Light” Law

Under California Civil Code Section 1798.83, California residents may request information about our disclosure of personal information to third parties for direct marketing purposes.

To make such a request, email us at: contact@dailytonicplan.com with “California Shine the Light Request” in the subject line.

17. Do Not Track Signals

Some browsers have “Do Not Track” (DNT) features. Currently, there is no industry standard for how to respond to DNT signals.

Our Policy: We do not currently respond to DNT signals. However, you can manage cookies through our cookie preference center and your browser settings.

18. Your Consent

By using DailyTonicPlan.com, you consent to this GDPR & CCPA Privacy Policy.

You can withdraw consent at any time by:

  • Unsubscribing from emails
  • Adjusting cookie preferences
  • Contacting us to delete your data
  • Closing your account

19. Contact Us

If you have questions, concerns, or wish to exercise your rights under GDPR or CCPA, please contact us:

📧 Email: contact@dailytonicplan.com
🌐 Website: https://dailytonicplan.com

Response Time:

  • GDPR requests: Within 30 days
  • CCPA requests: Within 45 days
  • General inquiries: Within 48 hours

Please Include:

  • Your name and email address
  • Nature of your request or concern
  • Any relevant details or documentation
  • Proof of identity (for data requests)

Last Updated: December 08, 2025
Effective Date: December 08, 2025

We are committed to protecting your privacy and complying with all applicable data protection laws. Thank you for trusting Daily Tonic Plan with your personal information.

Nourish well and stay protected!

Chef Emma Stone & The Daily Tonic Plan Team

Daily Tonic Plan is positioned as a premium wellness-focused recipe brand that combines nutritious cooking with everyday practicality.
The brand emphasizes "tonic" foods - nourishing, revitalizing recipes that serve as daily health rituals.

Categories

Morning Tonics

Healing Soups & Stews

Plant-Powered Mains

Fermented & Gut Health

Quakes Links

Privacy policy

Terms of Service

Disclaimer

Contact Us

About Us

GDPR

Follow Us On

Follow Us On Social Media

Get Latest Update On Social Media

© DailyTonicPLan.com • All rights reserved