Privacy Policy
1. Introduction
At Shugs Coffee, accessible via shugscoffee.com, we deeply value your privacy and are committed to protecting your personal information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your data in accordance with applicable privacy legislation, including the General Data Protection Regulation (EU) 2016/679 (GDPR) and the California Consumer Privacy Act (CCPA). We strive to handle all personal data transparently, securely, and respectfully.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to all visitors, users, and others who access or use our website. Shugs Coffee acts as the “Data Controller” in respect to the personal data processed through shugscoffee.com. As Data Controller, we determine the purposes and means of processing your personal information.
3. Categories of Data We Process
We collect several categories of data to provide and improve our services and offerings:
3.1. Usage Data
This includes information about how you interact with our website, such as IP address, browser type, browsing actions, pages viewed, and session durations. We use this data for analytics and website optimization.
3.2. Account Data
When you create an account or place an order, we collect your name, billing and shipping address, phone number, and email address. This allows us to manage your account and fulfill transactions.
3.3. Profile Data
We collect data related to user preferences, order history, shopping behavior, and reviews. This helps us offer personalized content and recommendations.
3.4. Communication Data
This includes messages you send us, such as support inquiries, contact form submissions, and emails. We keep this information to facilitate customer support and satisfaction.
3.5. Technical Data
We gather device-related data (such as type, operating system, browser version, screen resolution), system configuration information, and error diagnostics for maintenance and troubleshooting.
3.6. Transaction Data
This includes payment details (processed securely through third-party providers), product purchases, shipping status, and order confirmations.
3.7. Preference Data
We process your marketing preferences and interest indicators to tailor our communications, provided you have opted-in where required.
4. Legal Bases for Data Processing
We process your personal data based on the following legal grounds:
– Performance of Contract: To provide services and fulfill orders.
– Legitimate Interests: To enhance user experience, maintain security, and prevent fraud.
– Consent: For sending marketing materials and placing non-essential cookies.
– Legal Obligation: To meet regulatory and compliance requirements.
5. Your Rights
Under GDPR and CCPA (where applicable), you may exercise the following rights regarding your personal data:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to legal obligations.
– Right to Restriction: Request limits on how your data is used.
– Right to Data Portability: Request your data in a structured, machine-readable format.
– Right to Object: Object to processing where we rely on legitimate interests or direct marketing.
– Right to Non-Discrimination (CCPA only): You will not be discriminated against for exercising your rights.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational security measures to protect personal data. These include:
– Encryption for data at rest and in transit;
– Role-based access controls and authentication protocols;
– Regular automated and manual system backups;
– Ongoing staff training in data protection and cybersecurity best practices.
While we strive for absolute security, no method of transmission or storage is completely secure.
7. International Transfers
If your data is transferred outside of the European Economic Area (EEA) or other jurisdictions with data protection laws, we ensure compliance through legally approved safeguards, including Standard Contractual Clauses and ensuring our service providers adhere to similar standards.
8. Data Retention
We retain personal data only as long as necessary for the purposes outlined in this Policy or as required by law:
– Usage Data: Up to 12 months;
– Account and Transaction Data: Up to 7 years for tax and audit purposes;
– Communication Data: Up to 2 years;
– Preference and Profile Data: Retained until you opt out or request deletion;
– Cookies: Varies by type, as detailed in Section 9.
Once the applicable retention periods have expired, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to provide, secure, and improve our website. We categorize these as:
– Essential Cookies: Required for site functionality and security (e.g., session cookies);
– Functional Cookies: Remember your preferences and enhance the interface;
– Analytics Cookies: Help us understand visitor interaction and improve performance;
– Performance Cookies: Track operational metrics and error management.
Third-party tools used on shugscoffee.com, including Google Analytics or payment processors, may also set cookies independently. These are subject to their own privacy policies.
10. Cookie Management and Compliance
Upon your first visit to shugscoffee.com, we present a cookie consent banner allowing you to choose whether to accept non-essential cookies. You may manage your cookie preferences at any time using your browser settings or our cookie management tool on the website.
We comply with GDPR by obtaining prior consent for cookies that are not strictly necessary. California residents can exercise Do-Not-Sell rights by contacting [email protected] with a verifiable request.
11. Children’s Privacy
Our website and services are not intended for children under 13 years of age. We do not knowingly collect data from children. If we learn that personal information from a child was collected without verified parental consent, we will promptly delete such data.
12. Policy Updates
We may update this Privacy Policy from time to time, and any substantial changes will be communicated through the website or directly via email if appropriate. Continued use of the site after changes constitutes acceptance.
13. Contact
If you have any questions, concerns, or complaints regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://shugscoffee.com
We are committed to ensuring your data rights are respected and to maintaining compliance with all applicable data protection obligations. Please reach out if you need any assistance regarding your privacy concerns.