Log In

Privacy Policy

Last updated: 1/20/2026

1. Introduction

Welcome to Bloom Cooking (“Bloom Cooking,” “us,” “we,” or “our”). This Privacy Policy governs the manner in which Bloom Cooking collects, uses, maintains, and discloses information collected from users (“you” or “users”) of the Bloom Cooking website (Bloomcooking.com) and any related services, products, and content (collectively, the “Service”). This Privacy Policy is intended to provide clear, transparent information about our data practices, the types of information we collect, how and why we process that information, the rights available to you under applicable privacy laws, and the steps we take to safeguard your information. By accessing or using the Service, you acknowledge that you have read, understood, and agree to the collection and use of information as described in this Privacy Policy. If you do not agree with any part of this Privacy Policy, you should discontinue use of the Service immediately.

2. Information Collection and Use

We collect various types of information for different purposes to provide and improve our Service to you. We collect information directly from you, automatically through your interaction with the Service, and from third-party sources where permitted by law. We use this information to operate, maintain, and enhance the Service; to process transactions; to communicate with you; and to support our legitimate business interests.

  • Personal Information: While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you, including but not limited to your name, email address, postal address, phone number, and payment information (“Personal Information”). This may also include information you voluntarily provide through forms, account creation, purchases, customer support inquiries, or participation in promotions and programs offered through the Service.
  • Log Data: We may also collect information that your browser sends whenever you visit our website (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other statistics. Such information helps us analyze trends, administer the website, improve user experience, and diagnose technical issues.
  • Cookies: Like many websites, we use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
  • Device Information: We may collect information about the device you use to access the Service, including device type, operating system, unique device identifiers, mobile network information, and other technical attributes.
  • Location Information: We may collect approximate location information derived from your IP address or device settings to customize content, comply with regional legal requirements, and improve our Service. We do not collect precise GPS location unless you expressly permit it.
  • Payment and Transaction Data: When you make a purchase, our third-party payment processors collect your payment details. We may receive limited transaction information necessary to fulfill orders, prevent fraud, and maintain accounting records.
  • User-Generated Content: If you submit reviews, comments, photos, or other content through the Service, we may collect and display this content as permitted by the Terms of Service.
  • Communications: We may collect information you provide when communicating with us, including emails, support requests, questionnaire responses, or interactions through social media.
  • Analytics Information: We use analytics tools to understand how users interact with the Service, improve performance, and optimize features. These tools may collect event data, page interactions, and referral information.

3. Use of Information

We may use the information collected for various purposes, including:

  • To provide and maintain our Service.
  • To personalize your experience and improve our Service.
  • To process transactions and fulfill orders.
  • To send periodic emails or newsletters.
  • To respond to your inquiries, questions, and requests.
  • To verify your identity, prevent fraud, and protect the security and integrity of the Service.
  • To operate, analyze, and improve the performance, functionality, and user experience of the Service, including through analytics and research.
  • To display relevant content, recommendations, and promotional offers based on your interactions with the Service.
  • To facilitate customer support, resolve disputes, and enforce our Terms of Service and other policies.
  • To comply with applicable legal obligations, regulatory requirements, and law enforcement requests.
  • To conduct marketing, advertising, and retargeting campaigns, where permitted by law and subject to your choices and preferences.
  1. We use your information only for the purposes described above or for purposes that are compatible with those purposes. We may also use aggregated, de-identified, or anonymized data for research, analytics, and business insights, provided that such information cannot reasonably be used to identify you. We do not use Personal Information for materially different or unrelated purposes without first obtaining your consent where required by law. Where applicable, our use of your Personal Information is based on our legitimate business interests, our contractual obligations to you, your consent, and our compliance with legal and regulatory requirements.

4. Data Sharing and Disclosure

We do not sell, trade, or rent users’ Personal Information to others. We may share generic aggregated demographic information not linked to any Personal Information regarding visitors and users with our business partners, trusted affiliates, and advertisers for the purposes outlined above. We disclose Personal Information only as described in this Privacy Policy, in accordance with applicable law, and never in a manner that would be considered a “sale” or “sharing” for cross-context behavioral advertising under relevant privacy regulations unless we have provided all legally required notices and options.

We may disclose Personal Information to the following categories of recipients:

• Service Providers and Vendors: We may share Personal Information with third-party service providers who perform functions on our behalf, such as payment processing, order fulfillment, hosting, analytics, customer support, email delivery, advertising networks, and fraud prevention. These parties are contractually required to safeguard your information and use it only for the services they provide to us.

  • Business Partners and Affiliates: We may share information with our affiliates, subsidiaries, or joint-venture partners for operational, administrative, or marketing purposes consistent with this Privacy Policy.
  • Advertising and Analytics Partners: We may share limited information (such as hashed identifiers, device data, and online activity) with advertising networks, social media platforms, and analytics providers to deliver and measure the effectiveness of our ads and improve user experience. These partners may use cookies, pixels, or similar technologies.
  • Payment Processors: When you make purchases, your payment information is processed by our secure third-party payment processors. We receive limited transactional details as necessary for order fulfillment, recordkeeping, and fraud prevention.
  • Legal, Compliance, and Protection Purposes: We may disclose information if required to do so by law, regulation, subpoena, or court order; to respond to government or law-enforcement requests; to enforce our Terms of Service; to protect our rights, privacy, safety, or property; or to prevent fraud, security threats, or illegal activities.
  • Business Transfers: In the event of a merger, acquisition, financing, divestiture, restructuring, bankruptcy, or sale of all or a portion of our business or assets, your information may be transferred to the acquiring entity or successor as part of the transaction.

We do not permit service providers or third parties to use Personal Information for their own independent marketing or commercial purposes unless you have expressly consented or such use is otherwise permitted by law.

5. Data Retention

We will retain your Personal Information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal agreements and policies.

We retain different categories of information for different periods based on operational needs, legal requirements, and legitimate business interests. For example, we may retain order records, transaction details, and communications for audit, tax, and regulatory compliance purposes; retain account-related information while your account remains active; and retain technical logs for security, fraud prevention, and diagnostic purposes.

When Personal Information is no longer required for the purposes for which it was collected, we will either delete it, anonymize it, or securely store it until deletion is feasible. In some cases, we may retain anonymized or aggregated data that can no longer be used to identify you, for analytics, research, and business purposes.

If you request deletion of your Personal Information, we will make reasonable efforts to honor your request in accordance with applicable law; however, we may retain certain information as necessary to comply with our legal obligations, maintain business records, prevent fraud, or enforce our rights.

6. User Rights

You have the right to access, correct, update, or delete your Personal Information. If you wish to exercise any of these rights, please contact us using the contact information provided below Depending on your location and applicable law, you may also have additional rights regarding your Personal Information, including the rights described below. We will not discriminate against you for exercising any privacy rights.

  • Right to Access and Portability: You may request confirmation of whether we process your Personal Information and obtain a copy of such information in a portable and, where technically feasible, readily usable format.
  • Right to Correction: You may request that we correct or update inaccurate, incomplete, or outdated Personal Information.
  • Right to Deletion: You may request that we delete your Personal Information, subject to certain legal exceptions (such as data needed to comply with law, prevent fraud, or complete transactions).
  • Right to Restrict or Object to Processing: Where permitted by law, you may request that we restrict certain processing activities or object to processing based on our legitimate interests, including direct marketing.
  • Right to Withdraw Consent: Where our processing relies on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
  • Right to Opt Out of Certain Data Practices: Depending on your jurisdiction, you may have the right to opt out of:
    • targeted advertising or cross-context behavioral advertising,
    • the sale or sharing of Personal Information (as defined by applicable law),
    • certain automated decision-making or profiling that produces legal or similarly significant effects.
  • Right to Appeal (for U.S. state residents where applicable): If we deny your rights request, you may appeal our decision. Instructions for submitting an appeal will be included in our response.

To exercise any of these rights, you may contact us at any time using the contact details provided in the “Contact Us” section. We may need to verify your identity before processing your request, which may require additional information. We will respond to all verifiable requests within the timeframe required by applicable law.

7. Children’s Privacy

Our Service is not directed to children under the age of 13, and we do not knowingly collect Personal Information from children under this age. If you are a parent or guardian and believe that your child has provided us with Personal Information, please contact us, and we will take steps to remove such information from our systems.

If we become aware that we have inadvertently collected Personal Information from a child under 13 without appropriate consent, we will promptly delete the information and take reasonable measures to prevent further unauthorized collection.

We also do not knowingly process Personal Information from children in jurisdictions where a higher age threshold applies (such as 16 under certain international data protection laws) without obtaining any required verifiable parental consent. If you believe such processing has occurred, please notify us so we can take appropriate action.

8. California Consumer Privacy Act (CCPA) Compliance

We comply with the California Consumer Privacy Act (CCPA) and provide California residents with specific rights regarding their Personal Information. These rights may include the right to know, access, correct, delete, and opt out of certain data practices, as well as the right to limit the use and disclosure of sensitive personal information. We also provide California residents with the right not to be discriminated against for exercising any privacy rights. For more information about your rights under the CCPA and how to exercise them, please refer to our separate CCPA Privacy Notice.

9. European Union General Data Protection Regulation (GDPR) Compliance

If you are located in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR) and provide specific rights regarding your Personal Information. These rights may include the rights of access, rectification, erasure, restriction of processing, objection to processing, data portability, and the right to withdraw consent where processing is based on consent. You also have the right to lodge a complaint with your local data protection authority.

We process Personal Information of individuals in the EEA only where we have a valid legal basis to do so, including your consent, the performance of a contract, compliance with a legal obligation, protection of vital interests, the performance of a task carried out in the public interest, or our legitimate business interests.

For more information about your rights under the GDPR and how to exercise them, please refer to our separate GDPR Privacy Notice.

10. Do Not Track Signals

We do not support “Do Not Track” signals. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.

11. Legal Basis for Processing

We process Personal Information only where we have a lawful basis to do so under applicable privacy laws. The legal bases on which we rely may vary depending on the specific context in which the information is collected and used, but generally include: (i) your consent, where you have affirmatively agreed to the processing of your information for specific purposes; (ii) the performance of a contract, where processing is necessary to provide the Service, fulfill an order, respond to a request, or otherwise carry out our obligations to you; (iii) compliance with legal obligations, where we are required to process information to satisfy applicable laws, regulatory requirements, tax obligations, or law enforcement demands; and (iv) our legitimate business interests, such as maintaining the security of our systems, improving and developing the Service, preventing fraud, conducting analytics, and operating our business efficiently and responsibly, provided that such interests do not override your fundamental rights and freedoms. In limited situations, we may also process Personal Information to protect a vital interest of an individual or for reasons of substantial public interest, where authorized by law.

12. International Data Transfers

Your Personal Information may be transferred to and processed in countries other than the one in which you reside, including the United States, where our servers, business operations, service providers, or partners may be located. These countries may have data protection laws that differ from those of your jurisdiction and may not provide the same level of protection. When required by applicable law, we implement appropriate safeguards to ensure that your Personal Information remains protected during international transfers. Such safeguards may include the use of Standard Contractual Clauses approved by the European Commission, written data processing agreements with receiving parties, and technical or organizational controls designed to maintain the confidentiality and security of Personal Information. By using the Service, you acknowledge that your information may be transferred to and processed in jurisdictions that may not offer the same level of data protection as your home country, but that we will take reasonable steps to protect the privacy and security of such information in accordance with this Privacy Policy.

13. Data Security

We take reasonable administrative, technical, and physical measures to safeguard the Personal Information we collect against unauthorized access, disclosure, alteration, and destruction. These measures may include, but are not limited to, encryption in transit, access and authentication controls, secure networks and hosting environments, intrusion detection and prevention technologies, periodic vulnerability reviews, and internal policies governing the secure handling of data. Although we strive to use commercially acceptable means to protect Personal Information, no security system is impenetrable, and we cannot guarantee absolute security. You are responsible for maintaining the security and confidentiality of your account credentials, and for any activity that occurs under your account. If you believe your account or information has been compromised, please notify us promptly so that we may investigate and take appropriate action.

14. Data Breach Notification

In the event that we discover a breach of security involving Personal Information, we will investigate the matter promptly and take all appropriate and reasonable steps to mitigate any harm. Where required by applicable law, we will provide timely notification to affected individuals and, if necessary, to relevant regulatory authorities. The nature, content, and timing of such notifications will be determined in accordance with applicable data breach notification statutes in the United States and internationally, including GDPR requirements where applicable. Nothing in this Privacy Policy shall prevent us from taking lawful measures to prevent a security incident, preserve evidence, or cooperate with law enforcement authorities.

15. State-Specific Rights

Certain U.S. states—including Virginia, Colorado, Connecticut, Utah, and others with comprehensive privacy statutes—provide residents with additional rights concerning their Personal Information. These rights apply when we process Personal Information in a manner subject to those state laws and may vary depending on the state in which you reside. Where applicable, and subject to statutory exceptions, you may have the following rights:

  • Right to Confirm and Access: You may have the right to request confirmation of whether we process your Personal Information and to access such information, including a description of the categories of data processed, the purposes of processing, and the third parties with whom we share it. Upon request, we will provide a copy of your Personal Information in a readily usable and portable format, unless doing so would adversely affect the rights or freedoms of others.
  • Right to Correct Inaccuracies: You may have the right to request that we correct inaccurate, incomplete, or outdated Personal Information that we maintain about you. We will take commercially reasonable steps to verify the accuracy of the information before making corrections.
  • Right to Delete Personal Information: You may have the right to request deletion of the Personal Information we have collected from you or obtained about you, subject to certain exceptions that permit retention—such as compliance with legal obligations, security incident detection, prevention of fraud, or the need to complete a transaction initiated by you.
  • Right to Opt Out of Certain Processing Activities: Depending on your state of residence, you may have the right to opt out of the following types of data processing:
    • Targeted advertising or cross-context behavioral advertising;
    • The sale of Personal Information, as defined under applicable law (we do not sell Personal Information as “sale” is traditionally understood, but opt-out rights are still honored where applicable);
    • Profiling that is used to evaluate, analyze, or predict personal aspects about you and that may produce legal or similarly significant effects.
  • Right to Restrict the Use of Sensitive Personal Information: In states where applicable, you may have the right to limit the use or disclosure of sensitive personal information to only what is necessary to provide the requested services. We do not use sensitive data for secondary or unrelated purposes without your permission.
  • Right to Appeal a Rights Request Decision: If we decline to fulfill your request or only partially fulfill it, you may have the right to appeal our decision. Instructions for how to submit an appeal, including our designated point of contact, will be included in our response to your initial request. We will review and respond to all appeals within the timeframe required by applicable law.
  • Authentication of Requests: We may need to authenticate your identity before processing rights requests to prevent unauthorized access or deletion of data. This may require you to provide certain verification details. If we cannot verify your request, we may decline to act, but will inform you of the reason and any additional steps you may take.

Authorized Agents: Some states allow you to designate an authorized agent to submit privacy requests on your behalf. Where applicable, we may require proof of authorization and may verify both your identity and the agent’s authority before processing such requests.

To exercise any state-specific privacy rights, please contact us using the information provided in the “Contact Us” section of this Privacy Policy. We will respond to verifiable requests within the timelines set by applicable state law and will not discriminate against you for exercising any privacy rights.

16. Third Party Links

The Service may contain links to third-party websites, applications, or services that are not owned, controlled, or operated by us. This Privacy Policy applies only to information collected by Bloom Cooking, and we are not responsible for the privacy practices, security policies, or content of any third-party websites or services. We encourage you to carefully review the privacy policies of any third-party services you access through our Service before providing any Personal Information to them. Your interactions with third-party websites or services are governed solely by the terms and policies of those third parties.

17. Contact Us

If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at info@bloomcooking.com.

18. Changes to This Privacy Policy

We reserve the right to update or change our Privacy Policy at any time. Any changes will be effective immediately upon posting the updated Privacy Policy on this page.