Back to Home

Your GDPR Rights

Last updated: 6/20/2025
EU GDPR Compliant

Your Privacy Rights

Under the General Data Protection Regulation (GDPR), you have specific rights regarding your personal data. GenFitPlan is committed to protecting these rights and making it easy for you to exercise them.

This page explains your rights and provides clear instructions on how to exercise them. All requests are processed free of charge and typically completed within 30 days.

1. Right to Access

What you can access:

  • • All personal data we have about you
  • • How we use your data and why
  • • Who we share your data with
  • • How long we keep your data
  • • Where your data came from

How to request:

Email privacy@genfitplan.com with subject "Data Access Request"

2. Right to Rectification

You can correct:

  • • Inaccurate personal information
  • • Incomplete data in your profile
  • • Outdated contact information
  • • Incorrect dietary preferences

How to correct:

Update directly in your account settings or email privacy@genfitplan.com

3. Right to Erasure ("Right to be Forgotten")

When you can request deletion:

  • • You withdraw consent and no other legal basis exists
  • • Data is no longer necessary for original purpose
  • • You object to processing and no overriding legitimate interests exist
  • • Data has been unlawfully processed

⚠️ Important:

Some data may be retained for legal compliance (billing records, etc.). We'll explain what can and cannot be deleted.

4. Right to Data Portability

Export your data in portable formats:

  • • Account information and preferences
  • • Recipe history and ratings
  • • Inventory data and shopping lists
  • • Nutrition logs and goals
  • • All in JSON or CSV format

How to export:

Coming soon: Self-service export in account settings. Currently email privacy@genfitplan.com

5. Right to Restrict Processing

When you can restrict processing:

  • • You contest the accuracy of data (while we verify)
  • • Processing is unlawful but you don't want deletion
  • • We no longer need the data but you need it for legal claims
  • • You object to processing (while we determine legitimate interests)

What this means:

We'll store your data but not process it until the restriction is lifted.

6. Right to Object

Marketing Communications

  • • Promotional emails
  • • Feature announcements
  • • Newsletter content

✓ Easily opt-out via unsubscribe links

Analytics & Profiling

  • • Usage analytics
  • • Personalization algorithms
  • • AI recipe recommendations

⚠️ May affect service quality

7. Rights Related to Automated Decision-Making

Our AI systems make automated decisions for:

  • Recipe Generation: Personalized recipes based on your preferences
  • Nutrition Recommendations: Meal suggestions based on your goals
  • Inventory Alerts: Expiry notifications and shopping suggestions

Your Rights:

  • • Request human review of automated decisions
  • • Express your point of view about the decision
  • • Contest decisions that significantly affect you
  • • Understand the logic behind automated processing

8. How to Exercise Your Rights

Step 1: Contact Us

  • Email: privacy@genfitplan.com
  • Subject: [Your Right] Request - [Your Name]
  • Include: Account email, specific request, identification

Step 2: Identity Verification

To protect your privacy, we'll verify your identity before processing requests:

  • Account email confirmation
  • Additional security questions if needed
  • Photo ID for sensitive requests (erasure, portability)

Step 3: Processing

  • Response Time: Within 30 days (may extend to 60 days for complex requests)
  • Free of Charge: No fees for legitimate requests
  • Status Updates: We'll keep you informed of progress

9. Request Templates

Email Templates You Can Use:

Data Access Request:

"I would like to request access to all personal data you have about me under Article 15 of GDPR. My account email is [email]. Please provide this information in a structured, machine-readable format."

Data Deletion Request:

"I would like to request deletion of my personal data under Article 17 of GDPR. My account email is [email]. Please delete all data associated with my account."

Data Portability Request:

"I would like to request a copy of my data in a portable format under Article 20 of GDPR. My account email is [email]. Please provide the data in JSON or CSV format."

10. Right to Lodge a Complaint

If you're not satisfied with how we handle your request, you have the right to lodge a complaint with a supervisory authority:

EU Supervisory Authorities:

  • Romania: Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP)
  • Other EU Countries: Your local data protection authority
  • Find your authority: EDPB Member List

Contact Our Data Protection Officer

For all privacy-related questions and requests:

  • Data Protection Officer: dpo@genfitplan.com
  • Privacy Team: privacy@genfitplan.com
  • General Support: support@genfitplan.com
  • Address: Bucharest, Romania

Languages: We can respond in English and Romanian. For other languages, please allow additional time for translation.

Privacy PolicyTerms & ConditionsCookie Policy