1. Who is responsible for your data
The data controller for itsfood.dad is:
AD ACTA VODENJE POSLOVNIH KNJIG BESIMA DELALIĆ S.P., Ulica Dušana Kraigherja 17, 1000 Ljubljana, Slovenia, VAT ID: SI40705889
Contact: [email protected]
This policy applies to the website itsfood.dad and is written in accordance with the EU General Data Protection Regulation (GDPR).
2. What data we collect and why
| Data | Why we collect it | Legal basis |
|---|---|---|
| Email address | To create your account and send you content you subscribed to | Contract |
| Name (optional) | To personalise your experience | Legitimate interest |
| Billing information | To process payments. Handled by Stripe — we never see your full card number | Contract |
| Basic usage data | To understand how the site is used and improve it (pages visited, device type) | Legitimate interest |
3. Payments and Stripe
Payments are processed by Stripe, Inc. When you pay, you are interacting with Stripe's infrastructure. We receive a confirmation of payment but do not store your card details on our servers. Stripe's privacy policy is available at stripe.com/privacy.
4. Cookies
We use cookies for two purposes:
- Essential cookies — to keep you logged in and make the site work
- Analytics cookies — to understand traffic patterns, using privacy-friendly analytics (no cross-site tracking)
You can disable non-essential cookies in your browser settings. The site will still function.
5. Who we share data with
We do not sell your data. We share minimal data only with the services that make this site run:
- Stripe — payment processing
- Ghost (The Ghost Foundation) — the platform powering this publication
All processors are either EU-based or operate under standard contractual clauses compatible with GDPR.
6. How long we keep your data
We keep your account data for as long as your account is active. If you delete your account, we remove your personal data within 30 days, except where we are legally required to retain it (such as invoicing records, which we keep for 10 years under Slovenian accounting law).
7. Your rights
Under GDPR, you have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Object to or restrict how we process your data
- Receive your data in a portable format
- Lodge a complaint with the Slovenian data protection authority (IP RS) at ip-rs.si
To exercise any of these rights, email us at [email protected]. We'll respond within 30 days.
8. Security
We use HTTPS throughout the site and follow standard security practices. No system is 100% secure, but we take this seriously.
9. Changes to this policy
If we make meaningful changes, we'll update the date at the top of this page. We won't email you every time we fix a typo.
10. Contact
Questions, requests, concerns: [email protected]