PRIVACY POLICY
1. Introduction
At Shugs Coffee (“we,” “our,” or “us”), accessible at shugscoffee.com, we are committed to protecting and respecting your privacy. Your trust is important to us, and we take our responsibility for the security, integrity, and lawfulness of your personal data seriously. This Privacy Policy outlines the types of personal information we collect, how we use and protect it, and your rights under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
By accessing or using shugscoffee.com, you agree to the terms of this Privacy Policy.
2. Scope and Role of Data Controller
This Privacy Policy applies to the personal and technical data collected through our website, shugscoffee.com, as well as through your communications with us via other digital and physical channels. For the purposes of data protection law, Shugs Coffee is the data controller of your personal data.
Our contact details for all privacy-related queries are provided at the end of this document.
3. Categories of Personal Data We Process
We collect and process various categories of personal and technical data, including the following:
a) Usage Data:
Information about how you use our website, such as IP addresses, browser type/version, time zone settings, location data, referral URLs, session durations, and page interaction metrics.
b) Account Data:
Information provided when you create an account or place an order, including your full name, billing and shipping address, email address, and telephone number.
c) Profile Data:
Details relating to your profile, such as order history, preferences, behavior on the website, and product interests.
d) Communication Data:
Records of your correspondence with us, customer support inquiries, and communication history via forms, email, or other means.
e) Technical Data:
Device identification, browser plug-in types and versions, operating system, platform, and other technology identifiers used to access our services.
f) Transaction Data:
Information related to purchases, payment methods (we do not store full payment card numbers), transaction references, and delivery and shipping details.
g) Preference Data:
Marketing and communication preferences, consents, survey responses, and interest data used to tailor experiences and content.
4. Legal Bases for Processing
We process personal data pursuant to the following lawful bases:
– Contractual Necessity: To fulfill our obligations in providing goods and services, including payment and order delivery.
– Consent: For direct marketing or where required for specific data uses. You have the right to withdraw consent at any time.
– Legitimate Interests: To improve services, analyze usage, and ensure website security and fraud prevention.
– Legal Obligation: Where processing is required by applicable law or regulation.
5. Your Rights
Under the GDPR and CCPA, you are entitled to the following rights, subject to legal limitations:
a) Right of Access – To request confirmation of whether we process your personal data and to access such data.
b) Right to Rectification – To correct inaccurate or incomplete data.
c) Right to Erasure – To request deletion of your data when it is no longer necessary or when consent is withdrawn.
d) Right to Restrict Processing – To request temporary suspension of processing in certain cases.
e) Right to Data Portability – To receive a copy of your data in a commonly used, machine-readable format.
f) Right to Object – To object to processing based on legitimate interests or direct marketing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement appropriate administrative, technical, and physical safeguards to protect personal data, including but not limited to:
– Data encryption in transit and at rest,
– Role-based access controls and authentication,
– Regular system and software updates,
– Firewall and intrusion detection systems,
– Secure backups and business continuity plans,
– Staff training on data protection and security protocols.
7. International Data Transfers
Some of our service providers or partners may be located outside of your jurisdiction, including areas not deemed to have equivalent data protection laws (such as the United States). In such cases, we ensure lawful transfers through mechanisms such as Standard Contractual Clauses approved by the European Commission or other legally recognized safeguards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which we collected it and to comply with legal, regulatory, or accounting obligations, as follows:
– Account and Transaction Data: 7 years for auditing and compliance purposes.
– Communication Data: 3 years from the date of last interaction.
– Website Usage Data: 24 months.
– Marketing Preference Data: Until you withdraw consent or after 3 years of inactivity.
9. Cookie Policy
We use cookies and similar technologies on shugscoffee.com to enhance performance and user experiences. Our cookie categories include:
a) Essential Cookies – Necessary for the functioning of core website features such as shopping carts and secure login.
b) Functional Cookies – Allow the website to remember user choices, such as language and region.
c) Performance and Analytics Cookies – Collect information on browsing behavior and site usage to improve functionality and user experience. Examples may include Google Analytics or similar tools.
d) Advertising and Targeting Cookies – Used to deliver relevant ads and track the performance of marketing campaigns, where applicable and subject to your consent.
10. Cookie Management and User Control
Users located in the European Economic Area (EEA) or California will be presented with a cookie banner upon first visit that allows them to manage their preferences fully in accordance with GDPR and CCPA requirements. You may also control or delete cookies via your browser settings or opt-out using tools such as the Network Advertising Initiative Consumer Opt-Out or the Digital Advertising Alliance opt-out platform.
11. Children’s Privacy
Our website and services are not intended for children under the age of 13. We do not knowingly collect data from children, and if we become aware that we have done so inadvertently, we will take immediate steps to delete such information.
Parents or guardians who believe that we may have collected personal data from a child may contact us at [email protected] to request removal.
12. Policy Updates
We reserve the right to update or modify this Privacy Policy at our discretion. Changes will be posted on this page, and we will notify you if there are material changes that affect your rights or the manner of processing. We encourage you to review this page periodically for the most up-to-date information.
13. Contact Us
If you have any questions, concerns, or requests related to your privacy or this policy, please reach out to us at:
Email: [email protected]
Website: https://shugscoffee.com
We are committed to protecting your personal information and ensuring compliance with applicable data protection laws, including GDPR and CCPA. For privacy-related concerns or to exercise your legal rights, don’t hesitate to get in touch.