Meltymash GDPR Compliance Policy

Last Updated: April 03, 2026

Meltymash (“we”, “our”, “us”) respects your privacy and is committed to protecting your personal data in accordance with the European Union General Data Protection Regulation (GDPR). This policy explains what personal data we collect, why we collect it, how we use it, and your rights as a data subject. If you have any questions or wish to exercise any of your rights, please contact us at [email protected].

1. What Personal Data We Collect

We collect the following types of personal data:

Email Addresses: When you sign up for our newsletter, create an account, or contact us, we store your email address to communicate with you.
Cookies: We use first‑party and third‑party cookies to remember your preferences, track session activity, and provide a personalized browsing experience.
Analytics Data: Using tools such as Google Analytics (configured to respect user privacy), we collect aggregated, anonymous data on page views, traffic sources, and user interactions to improve our services.

2. Legal Basis for Processing

Our processing of personal data is based on two primary lawful bases:

Consent: Where you explicitly agree to receive marketing emails or allow the use of certain cookies, we rely on your consent as the legal basis.
Legitimate Interest: We process data necessary to run our website, improve user experience, and comply with legal obligations. This includes the use of analytics and essential cookies that enable core functionality.

3. How We Protect Your Data

We employ a range of technical and organizational measures to safeguard your personal data:

SSL Encryption: All data transmitted between your browser and our servers is encrypted using HTTPS with TLS 1.3.
Secure Servers: We host our services on industry‑standard, hardened servers with regular security patches and intrusion detection systems.
Limited Retention: Personal data is retained only as long as necessary to fulfill its purpose or to comply with legal obligations. After that, it is securely deleted.

4. Your GDPR Rights

Under the GDPR, you have the following rights with respect to your personal data. Each right is accompanied by a brief explanation and the process for exercising it.

Right to Access

You can request a copy of the personal data we hold about you, including the source of the data, the purpose of processing, and the categories of recipients. We will provide you with the data in a structured, commonly used format within 30 days of your request.

Right to Rectification

If your personal data is inaccurate or incomplete, you may ask us to correct it. We will verify the request and update the data promptly, ensuring the information remains accurate and up to date.

Right to Erasure

Also known as the “right to be forgotten.” You may request deletion of your personal data where no compelling legal reason requires its retention. We will remove the data from all our systems unless we are legally obliged to keep it.

Right to Restrict Processing

You can request that we suspend the processing of your data while we verify its accuracy or assess the necessity of the processing. During this period, we will only store the data, not use it for further processing.

Right to Data Portability

You may receive the personal data we hold about you in a machine‑readable format and transfer it to another controller. We will provide the data in a commonly used format (e.g., CSV) within 30 days of your request.

Right to Object

You can object to the processing of your data for direct marketing or profiling purposes. Upon receiving your objection, we will cease processing the data unless we can demonstrate compelling legitimate grounds that override your interests.

Right to Withdraw Consent

If you have provided consent for any processing activity, you may withdraw that consent at any time. Withdrawal will not affect the lawfulness of any processing carried out before the withdrawal. We will promptly stop processing your data upon withdrawal.

5. How to Exercise Your Rights

To exercise any of the rights listed above, please send a written request to:

Meltymash Data Protection Officer
Email: [email protected]

Your request should include sufficient information to verify your identity and specify the data or processing activity in question. We will respond within 30 calendar days, extending the period if the request is complex or numerous. In such cases, we will inform you of the extension and the reason for the delay.

6. Contact and Complaints

If you are not satisfied with our response or believe your rights have been infringed, you may lodge a complaint with the relevant supervisory authority in the EU member state where you reside, work, or where the alleged infringement occurred. For further assistance, you can also reach out to our Data Protection Officer at [email protected].

7. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or legal requirements. Any amendments will be posted on this page with an updated “Last Updated” date. Your continued use of our services after changes constitutes acceptance of the updated policy.

By using Meltymash, you acknowledge that you have read and understood this GDPR Compliance Policy.