Privacy Policy for FoodAllergy.world
Last Updated: December 10, 2025
1. Introduction
FoodAllergy.world is a free, non-profit resource hub dedicated to making living and traveling with food allergies safer. This Privacy Policy explains how we collect, use, and protect your personal information, and outlines your rights under global data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as amended by the CPRA.
2. Who We Are
Our website address is: https://FoodAllergy.world.
Disclaimer: Information provided on this site is for informational purposes only and should not be construed as medical advice. Always consult your physician or allergist.
3. Information We Collect
We may collect information from visitors when they interact with our site, including:
| Category | Type of Data Collected | Purpose |
| Comments | Name, Email address, IP address, Browser user agent string. | To publish comments and help detect and prevent spam. |
| User Registration (if applicable) | Name, Email address, and any personal information users provide in their profile. | To manage user accounts and facilitate contributions (e.g., article editing/publishing). |
| Cookies | Usage data, device identifiers, and site preferences (e.g., login status, screen display choices). | To maintain login sessions, remember preferences, and analyze site usage. |
| Embedded Content | Data collected by third-party sites (see Section 4). | These sites may track your interaction with the embedded content. |
| Security & Logs | IP addresses and technical data. | For security purposes, troubleshooting, and site administration. |
4. Cookies and Tracking Technologies
We use cookies and similar tracking technologies (like pixels and web beacons) to help run our website, remember your preferences, and analyze site usage.
A. Explicit Consent (GDPR Compliance)
We are committed to GDPR compliance. We will not deploy non-essential cookies (such as those used for analytics or marketing) without your explicit, informed, and affirmative consent.
- When you first visit our site, you are presented with a Cookie Consent Banner that allows you to accept or reject different categories of cookies (e.g., Necessary, Functional, Analytics).
- You may change or withdraw your consent at any time via the consent management link provided in the footer of the website.
B. Comment and Login Cookies
- If you leave a comment on our site, you may opt-in to saving your name, email address, and website in cookies. These cookies last for one year.
- If you log in, temporary cookies are set to save your login information and screen display choices.
C. Embedded Content from Other Websites
Articles on this site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction if you have an account and are logged in to that external website.
5. How Long We Retain Your Data (Data Retention)
We retain personal information only for as long as necessary to fulfill the purposes for which we collected it, satisfying any legal, accounting, or reporting requirements.
| Data Type | Retention Period |
| Comments and Metadata | Retained indefinitely to allow for automatic recognition and approval of follow-up comments. |
| Registered User Data | Retained until the user requests deletion of their account. |
| Login Cookies | Last two days (or two weeks if “Remember Me” is selected). |
| Log Data and Site Analytics | Typically retained for a period of 26 months to allow for long-term trend analysis. |
6. Your Rights Under the General Data Protection Regulation (GDPR)
If you are a resident of the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following rights concerning your Personal Data:
- The Right to Be Informed: To know how your data is being processed (fulfilled by this policy).
- The Right of Access: To request a copy of the personal data we hold about you (Data Portability).
- The Right to Rectification: To request that we correct any inaccurate or incomplete information.
- The Right to Erasure (‘Right to be Forgotten’): To request the deletion of your personal data, subject to legal obligations we must retain.
- The Right to Restrict Processing: To request that we limit the way we use your personal data.
- The Right to Object: To object to the processing of your data, particularly for direct marketing.
- The Right to Data Portability: To request that we transfer your data to another organization.
To Exercise These Rights: Please contact us using the contact information provided in Section 8. We will respond to your request within one month.
7. Your Rights Under the California Consumer Privacy Act (CCPA/CPRA)
If you are a California resident, you have specific rights regarding your personal information:
- The Right to Know: You have the right to request disclosure of the specific pieces and categories of personal information we have collected about you, the sources, and the purposes for its collection or sharing.
- The Right to Delete: You have the right to request the deletion of your personal information, subject to specific exceptions.
- The Right to Opt-Out of Selling or Sharing: You have the right to direct us not to sell or “share” your personal information for cross-context behavioral advertising.
- The Right to Limit Use of Sensitive Personal Information: You have the right to limit the use of Sensitive Personal Information (SPI) to only what is necessary to perform the services expected.
- The Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your privacy rights.
How to Submit a Request:
- To Exercise the Right to Opt-Out: Click the “Do Not Sell or Share My Personal Information” link located in the website footer.
- To Exercise the Right to Know or Delete: Please submit your request via email to info@foodallergy.world or use the Contact Form on our website.
8. Data Security and Location
A. Data Security
We have implemented reasonable administrative, technical, and physical security measures designed to protect the personal information we collect and process. For example, user data is stored on secure servers, and we use Secure Socket Layer (SSL) encryption to transmit data. However, please note that no security system is impenetrable, and we cannot guarantee the security of our systems 100%.
B. Where Your Data is Sent
Visitor comments may be checked through an automated spam detection service. Other data may be processed by third-party service providers (such as hosting and analytics services) to the extent necessary to operate the website.
9. Contact Information
If you have questions or concerns about this policy or your privacy rights, please contact us:
- Email: info@foodallergy.world