Last updated: May 25, 2026
Brilliant Drive is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements and your rights under this regulation.
Brilliant Drive is the data controller responsible for your personal data. You can contact us at:
We process your personal data under the following lawful bases:
When you provide explicit consent for us to process your data for specific purposes, such as sending you marketing communications or storing your preferences.
When processing is necessary to fulfill our contractual obligations to you, such as providing the cooking services you've booked.
When processing is necessary for our legitimate business interests, such as improving our services, provided these interests do not override your fundamental rights and freedoms.
When we are required to process your data to comply with legal obligations, such as tax or accounting requirements.
Under the GDPR, you have the following rights regarding your personal data:
You have the right to request copies of your personal data. We may charge a reasonable fee for additional copies beyond the first request.
You have the right to request correction of any information you believe is inaccurate or incomplete.
You have the right to request deletion of your personal data under certain conditions, such as when the data is no longer necessary for the purposes it was collected.
You have the right to request that we restrict the processing of your personal data under certain conditions.
You have the right to request that we transfer the data we have collected to another organization, or directly to you, in a structured, commonly used, and machine-readable format.
You have the right to object to our processing of your personal data under certain conditions, particularly for direct marketing purposes.
Where we rely on your consent to process your data, you have the right to withdraw that consent at any time.
How to Exercise Your Rights: To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
When your data is no longer needed, we will securely delete or anonymize it.
When we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.
We do not knowingly collect or process personal data from individuals under 16 years of age without parental consent. If we become aware that we have collected data from a child without appropriate consent, we will take steps to delete that information.
We may update this GDPR compliance statement from time to time. We will notify you of any material changes by posting the updated version on our website and, where appropriate, by email.
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local data protection supervisory authority.
If you have any questions about our GDPR compliance or wish to exercise your rights, please contact us: