Privacy Policy

Introduction

Last updated: [Feb 13, 2026]

 

Welcome to thecookiegallery.blog. We are a baking blog based in Portugal, European Union, and we are committed to protecting your privacy and handling your personal information with transparency and care. This detailed Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://thecookiegallery.blog (the “Blog”).

We serve a global audience, including visitors from the European Union (EU), United Kingdom (UK), United States (including California), Canada, Australia, and other regions. We have designed this policy to comply with major international privacy laws, including but not limited to:

  • The General Data Protection Regulation (GDPR) (EU)

  • The UK General Data Protection Regulation (UK GDPR)

  • The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)

  • The Personal Information Protection and Electronic Documents Act (PIPEDA) (Canada)

  • The Privacy Act 1988 (Australia)

Please read this policy carefully. If you do not agree with the terms of this policy, please do not access the Blog.

Who We Are

Our website address is: https://thecookiegallery.blog

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you can contact our Data Controller (the blog owner) through the following channels:

  • Email (Primary): info@thecookiegallery.blog

  • Email (Secondary): thecookiegalleryy@gmail.com

We aim to respond to all legitimate requests within one month.

Information We Collect

We collect information in three primary ways:

(1) information you voluntarily provide to us,
(2) information we collect automatically through technology, and
(3) information we receive from third-party services.

 

4.1 Information You Voluntarily Provide to Us

When you interact with our Blog, you may choose to provide us with personal information in several ways.

If you subscribe to our newsletter, we collect your email address and may ask for your first name (optional). We use this information to send you blog updates, new recipes, baking tips, and promotional content. We always use a double opt-in process to confirm your subscription.

If you leave a comment on a blog post, we collect the data shown in the comments form, which includes your name and email address. We also collect your IP address and browser user agent string to help with spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available at: https://automattic.com/privacy/. After approval of your comment, your profile picture (if you have one associated with Gravatar) is visible to the public in the context of your comment. Your email address itself is kept private.

If you contact us via email, we collect your name, email address, and any information you choose to include in your message. We use this information solely to respond to your inquiries, provide support, or address your feedback.

If you submit a recipe or guest post for consideration, we collect your name, email address, biographical information, and the content of your submission. We use this information to evaluate, publish, and properly credit your contribution to the blog.

If you request a password reset (for user accounts), your IP address will be included in the reset email.

4.2 Information Collected Automatically (Usage Data)

When you visit our Blog, we may automatically collect certain information about your device and browsing actions. This is standard practice for most websites and helps us understand how visitors use our site.

Our servers automatically record information called “Log Data” when you visit. This Log Data may include your Internet Protocol (IP) address, browser type and settings, operating system, the date and time of your visit, the pages you view, links you click, and the website you visited before navigating to our Blog.

We also collect device information, such as hardware model, unique device identifiers, and mobile network information.

Additionally, we use cookies and similar tracking technologies like web beacons and pixels to collect activity data. Cookies are small text files stored on your device. For detailed information, please see our Cookie Policy in Section 6.

 

4.3 Media and Uploaded Content

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

 

4.4 Information from Third-Party Services

We may use third-party services that collect data on our behalf. These services may provide us with aggregated or anonymized information.

We use analytics providers such as Google Analytics to understand traffic patterns. Google Analytics collects information including your IP address (anonymized where possible), browser type, and pages visited. Google’s ability to use and share information collected is restricted by the Google Analytics Terms of Service and the Google Privacy Policy.

If you interact with our Blog through social media, for example by clicking a Pinterest or Instagram link, those platforms may collect information about your interaction. Your use of social media is governed by the privacy policies of those respective platforms.

Visitor comments may also be checked through an automated spam detection service.

 

 

How We Use Your Information

  1. We use the information we collect for various legitimate business purposes.
  2. To operate, maintain, and improve the Blog, we rely on our legitimate interest and process usage data.
  3. To respond to your comments, emails, and inquiries, we rely on our legitimate interest or the performance of a contract, and we process the information you provide.
  4. To send you newsletters, marketing communications, and updates, we only do this with your explicit consent, and we process your email address and name.
  5. To personalize your experience and deliver content relevant to your interests, we rely on our legitimate interest and process usage data and cookie information.
  6. To monitor and analyze usage patterns and trends to improve the Blog, we rely on our legitimate interest and process usage data and cookie information.
  7. To protect the security and integrity of our Blog, including spam detection, we rely on our legitimate interest and legal obligation, and we process the information you provide and usage data.
  8. To comply with applicable laws and legal processes, we rely on our legal obligation and may process all relevant categories of data.
  9. To enforce our Terms and Conditions, we rely on our legitimate interest and may process all relevant categories of data.
 

Cookies and Similar Technologies

Our Blog uses cookies and similar tracking technologies to distinguish you from other users, enhance your browsing experience, and analyze our traffic.

6.1 What are Cookies?

Cookies are small data files that are placed on your computer or mobile device when you visit a website. They are widely used to make websites work more efficiently and provide information to the site owners.

6.2 Types of Cookies We Use

We use several categories of cookies.

  • Strictly Necessary Cookies are essential for the Blog to function properly. They enable core functionality such as security, network management, and accessibility. You cannot opt-out of these cookies.
  • Performance and Analytics Cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us know which pages are the most and least popular. We use Google Analytics for this purpose. All information collected by these cookies is aggregated and therefore anonymous.
  • Functionality Cookies enable the Blog to provide enhanced functionality and personalization, such as remembering your preferences.
  • Comment Cookie: If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
  • Login Cookies: If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
  • Article Edit Cookie: If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
  • Targeting and Advertising Cookies are not currently used for direct advertising, but we may use social media pixels from platforms like Pinterest or Instagram. These pixels could track your browsing habits to build a profile of your interests and show you relevant ads on those platforms.

6.3 Your Cookie Choices

When you first visit our Blog, you will see a cookie consent banner. We will place non-essential cookies only after you have given us your consent by clicking “Accept.” You can also manage your cookie preferences through your browser settings. Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary, so please consult your browser’s help menu for more information.

Embedded Content from Other Websites

Articles on this site may include embedded content such as videos, images, articles, etc. Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

 

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. However, we may share your information in the following limited circumstances.

We engage trusted third-party companies to perform functions and provide services to us. These service providers include web hosting providers who store the Blog and its data, email marketing services who manage our newsletter such as Mailchimp or ConvertKit, analytics providers like Google Analytics who analyze website traffic, and comment management systems who manage blog comments. These providers have access to personal information only as needed to perform their functions and are contractually obligated to maintain its confidentiality.

We may disclose your information if required to do so by law or in response to valid requests by public authorities such as a court or government agency.

If we are involved in a merger, acquisition, financing, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and through a prominent notice on our Blog of any change in ownership or use of your information.

We may disclose information to enforce our Terms and Conditions, protect our rights, privacy, safety, or property, and to protect against fraud or illegal activity.

 

International Data Transfers

As a global blog, your personal information may be transferred to and processed in countries other than the one you reside in. These countries may have data protection laws that are different from the laws of your country.

Specifically, our servers and the servers of our third-party service providers such as our web host and email marketing provider may be located in the United States or other countries.

If you are located in the European Economic Area (EEA) or the United Kingdom, we ensure that any transfer of your personal information outside of these regions is subject to appropriate safeguards. We rely on adequacy decisions where the European Commission has deemed a country to have an adequate level of data protection. We also use Standard Contractual Clauses approved by the European Commission to ensure your information is protected when transferred to service providers in other countries.

 

How Long We Retain Your Data

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy, or as required by law.

If you leave a comment, the comment and its metadata are retained indefinitely. This allows us to recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

Newsletter subscriber data is retained until you unsubscribe. You can unsubscribe at any time via the link in any email we send you.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time, except they cannot change their username. Website administrators can also see and edit that information.

Contact form and email inquiries are retained for as long as necessary to resolve your inquiry and for a reasonable period afterward for record-keeping purposes.

When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it.

 

Your Privacy Rights

Depending on your location, you have specific rights regarding your personal information. We will honor all valid requests as required by law.

 

11.1 Rights for EU/UK Residents (GDPR)

If you are located in the European Economic Area or the United Kingdom, you have the following rights.

You have the right to access, which means you can request a copy of the personal information we hold about you.

You have the right to rectification, which means you can request that we correct inaccurate or incomplete information.

You have the right to erasure, also known as the right to be forgotten, which means you can request that we delete your personal information, subject to certain exceptions.

You have the right to restrict processing, which means you can request that we temporarily or permanently stop processing your information.

You have the right to object, which means you can object to our processing of your information based on legitimate interests or for direct marketing purposes.

You have the right to data portability, which means you can request a copy of your information in a structured, commonly used, and machine-readable format.

 

11.2 Rights for California Residents (CCPA/CPRA)

If you are a resident of California, you have the following rights.

You have the right to know, which means you have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purpose for collecting it, and the categories of third parties with whom we share it.

You have the right to delete, which means you have the right to request the deletion of personal information we have collected from you, subject to certain exceptions.

You have the right to opt-out of sale or sharing. We do not sell your personal information. We also do not share your personal information for cross-context behavioral advertising or targeted ads without your consent.

You have the right to non-discrimination. We will not discriminate against you for exercising any of your CCPA rights.

To exercise your CCPA rights, please submit a verifiable consumer request to us using the contact information in Section 3.

 

11.3 Rights for Canadian Residents (PIPEDA)

If you are a resident of Canada, you have the right to access and challenge the accuracy of your personal information held by us.

 

11.4 Rights for Australian Residents (Privacy Act)

If you are a resident of Australia, you have the right to access and seek correction of your personal information held by us.

 

11.5 What Rights You Have Over Your Data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

 

11.6 How to Exercise Your Rights

To exercise any of the rights described above, please contact us at info@thecookiegallery.blog or thecookiegalleryy@gmail.com.

We will need to verify your identity before processing your request. To verify your identity, we may ask you to provide specific information matching our records. We will respond to all legitimate requests within one month.

 

Children's Privacy

Our Blog is intended for a general audience and is not directed at children under the age of 13. In the European Union, the age of digital consent is 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and you believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to delete that information from our servers.

Data Security

We take the security of your personal information seriously. We implement appropriate technical and organizational measures to protect your information from unauthorized access, use, or disclosure. These measures include secure servers, firewalls, and encrypted communications where appropriate.

 

However, please remember that no method of transmission over the Internet or method of electronic storage is 100 percent secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

 

Third Party Links

Our Blog may contain links to other websites, plugins, and applications that are not operated by us. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. This Privacy Policy does not apply to information collected by third parties. We encourage you to review the privacy policies of every site you visit.

Do Not Track Signals

Some web browsers incorporate a “Do Not Track” or DNT feature. Because there is not yet a common understanding of how to interpret DNT signals, we do not currently respond to browser DNT signals. We will continue to monitor industry standards in this area.

Where Your Data Is Sent

Visitor comments may be checked through an automated spam detection service.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the “Last updated” date at the top of this page.

 

If we make material changes to this policy, we will notify you more prominently, such as by posting a notice on our Blog’s homepage or by sending you an email if you have subscribed to our newsletter. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

 

Governing Law

This Privacy Policy and any disputes related to it shall be governed by the laws of Portugal and the European Union, without regard to its conflict of law provisions.

Acceptance of This Policy

By using our Blog, you signify your acceptance of this Privacy Policy. If you do not agree to this policy, please do not use our Blog. Your continued use of the Blog following the posting of changes to this policy will be deemed your acceptance of those changes.



the cookie gallery logo (1)
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.